Information Security Overview in securetecho
Malware Trends in 2018
- Source code leaks accelerated malware release cycles Attackers create new variants of malware variantsContains new characteristics, signatures, evasive capabilities, etc. Anti-virus/anti-malware cannot d
etect - Old school malware techniques made a comeback Anti-virus applications、IDS、firewall and cyber-crime techniques Forcing an attacker to use artificial and time consuming old malware infection and propagation techniques to evade advanced detection
- Growth of 64-bit malware increased
- Malware researcher evasion became more popular
- Mobile SMS-forwarding malware are becoming ubiquitous
- Account takeover moved to the victim's device
- Attacks on corporate and personal data in the cloud increased
- Exploit kits continued to be a primary threat for WindowsEx. window xp
- Attackers increasingly lure executives and compromise organizations via professional social networks.
- Java remains highly exploitable and highly exploited - with expanded repercussions.
- Attackers are more interested in cloud data than your network.
- The sheer volume of advanced malware is decreasing.
- Redkit, Neutrino, and other exploit kits struggled for power in the wake of the Blackhole Author Arrest.
- Mistakes are made in "offensive" security due to misattribution of an attack's source.
- Cybercriminals are targeting the weakest links in the "data-exchange chain".
- Major data-destruction attacks are increasing.
Essential Terminology
- Hack Value: It is notion among hackers that something is worth doing or is interesting.
- Vulnerability: Existence of a weakness, design, or implementation error that can lead to an unexpected event compromising the security of the system.

- Exploit: A breach of IT system security through vulnerabilities.
- Payload: Payload is the part of an exploit code that performs the intended malicious action, such as destroying, creating backdoors, and hijacking computer.
- Zero-Day Attack: An attack that exploits computer application vulnerabilities before the software developer releases a patch for the vulnerability.
- Daisy Chaining: It involves gaining access to one network and/or computer and then using the same information to gain access to multiple networks and computers that contain desirable information.
- Doxing: Publishing personally identifiable information about an individual collected from publicly available databases and social media.
- Bot: A "bot" is a software application that can be controlled remotely to execute or automate predefined tasks.
Elements of Information Security
- Information security is a state of well-being of information and infrastructure in which the possibility of theft, tampering, and disruption of information and services is kept low or tolerable.
- Confidentiality: Assurance that the information is accessible only to those authorized to have access
- Integrity: The trustworthiness of data or resources in terms of preventing improper and unauthorized changes

- Availability: Assurance that the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users
- Authenticity: Authenticity refers to the characteristic of a communication, document or any data that ensures the quality of being genuine
- Non-Repudiation: Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
The Security, Functionality and Usability Triangle
- Level of security in any system can be defined by the strength of three components:
- Functionality (Features)
- Security (Restrictions)
- Usablity (GUI)