Protecting Against Malware

Cards (12)

  • Exploit
    To take advantage of a vulnerability, either in hardware, software, or human behavior
  • Humans are often the weak spot in a system
  • Hardware and software are extensively tested, but vulnerabilities can still be found and exploited quickly
  • Social engineering
    The process of manipulating people into performing actions or divulging confidential information
  • When a software vulnerability is found, developers need to issue a patch to address it
  • Not everyone updates their software automatically, leaving systems vulnerable to attacks targeting unpatched software
  • Defensive programming
    • Validating all inputs, sanitizing inputs to prevent injection attacks, keeping data secure and separate from the main program
  • Code quality
    • Important for security, even small logic errors can lead to vulnerabilities
  • Programmers often reuse code from sources like Stack Overflow, GitHub, or libraries, which can spread any vulnerabilities in that code
  • Phishing
    Obtaining sensitive information by disguising a message as coming from a trustworthy source
  • Measures to mitigate social engineering attacks

    • Strict email filters, employee training, limiting access rights, encryption, frequent password changes, multi-factor authentication
  • Antivirus/anti-malware software
    • Maintains a database of known malware signatures, uses sandboxing to analyze suspicious files, and offers real-time protection by monitoring memory