in Technology by

What are the most common endpoint threats and attack technique?

Please log in or register to answer this question.

1 Answer

0 votes
by

The most common endpoint threats and attack techniques are:

  • PORTABLE EXECUTABLES

    • Malware - Malicious software programs.

    • Packed Files/Polymorphism - Malware that has been modified to make it harder to identify.

    • Potentially Unwanted Applications (PUA) - Applications that are technically not malware, but they are not something you want to run on your machine (adware).


  • RANSOMWARE


    • File Encryptors - The most common type of ransomware, this encrypts the victim’s files and holds them to ransom.

    • Disk Encryptors and Wipers - Encrypts the victim's entire hard drive (not just the files) or wipes the hard drive completely.

  • DOCS AND SCRIPTS

    • Weaponized Documents - Typically, a Microsoft Office program that has been crafted or modified to cause damage.

    • Malicious Scripts - Malicious code often hidden in legitimate programs and websites.

Testing Checklist
  • EXPLOITS

    • Exploit-based Attacks - Attackers use techniques to take advantage of software bugs and vulnerabilities, to gain access and control a victim's computer.

  • ACTIVE ATTACKS

    • Credential Theft - Stealing authentication information to gain access to sensitive data.

    • Privilege Escalation - Methods used by attackers to gain additional access to a system.

    • Code Caves - Technique where attackers modify legitimate software to hide a malicious application.


  • FALSE POSITIVES

    • Anti-malware solutions may incorrectly identify legitimate software as malicious, impacting the end-user's ability to work.

Related questions

...