Malicious Activity (OBJ 2.4)

Malicious Activity

• Constantly evolving threats in the digital age
• Concerns
  • Cyber attacks, increasing in frequency and sophistication
• Purpose
  • Delve into cyber threats, types, mechanisms, and impacts
  • Understanding cyber threats is the first step towards its prevention and mitigation

Understanding Cyber Threats

• Importance
  • First step to effective prevention and mitigation
• Insights
  • Tactics, techniques, and procedures employed by cybercriminals

Distributed Denial of Service (DDoS) Attacks

• Variants
  • Denial of Service
  • Amplified DDoS
  • Reflected DDoS

Domain Name Server (DNS) Attacks

• Types
  • DNS Cache Poisoning
  • DNS Amplification
  • DNS Tunneling
  • Domain Hijacking
  • DNS Zone Transfer

Directory Traversal Attacks

• Exploiting insufficient security validation of user-supplied input file names

Privilege Escalation Attack

• Exploiting system vulnerability to gain elevated access

Replay Attacks

• Malicious or fraudulent repeat/delay of a valid data transmission
• An attacker intercepts a data transmission and then replays it

Session Hijacking

• Attacker takes over a user session to gain unauthorized access

Malicious Code Injection Attacks

• Introduction of harmful code into a program or system to cause it to behave in an unintended way

Indicators of Compromise (IoC)

• Examples
  • Account lockout
  • Concurrent session usage
  • Blocked content
  • Impossible travel
  • Resource consumption
  • Inaccessibility
  • Out-of-cycle logging
  • Published documents indicating hacking
  • Missing logs