Cloud Security
Cloud providers implement restricted access and access policies with logs and the ability to request access and denial reasons.
Cloud Computing Attacks:
| Name of term | Description of term |
|---|---|
| Wrapping attack | Change the unique characters but keep the signature valid. |
| Side channel attacks | An attacker controls VMs on the same physical host (either by compromising one or placing one of their own). |
| Cloud Hopper attack | The goal is to compromise an employee’s or cloud service company’s account in order to obtain confidential information. |
| Cloudborne attack | Exploit specific BMC vulnerabilities |
| Man-In-The-Cloud (MITC) attack | It runs using a file sync service (such as Google Drive or Dropbox) as infrastructure. |
Malware and Other Attacks:
Malware is a malicious program designed to damage your system and give its creator access to your system.
Trojans:
The malware is contained in seemingly harmless programs. The types are:
| Name of term | Description of term |
|---|---|
| Remote access trojans (RATs) | Malware that contains a backdoor for administrative control of the target computer. |
| Backdoor Trojans | Uninterrupted access by an attacker by installing a backdoor on the targeted system. |
| Botnet Trojans | Install the boot program on the target system |
| Rootkit Trojans | Allow access to unauthorized areas of the software. |
| E-banking Trojans | It intercepts account information before encrypting it and sends it to the attacker. |
| Proxy-server Trojans | Allows an attacker to use the victim’s computer as a proxy to connect to the Internet. |
Viruses:
Here are some examples of computer viruses:
| Name of term | Description of term |
|---|---|
| Stealth virus | The virus takes aggressive steps to hide infection from antivirus. |
| Logic Bomb virus | It does not self-replicate, does not increase in population, and may be parasitic. |
| Polymorphic virus | Modifies payload to evade signature detection. |
| Metamorphic virus | A virus that can reprogram/rewrite itself. |
| Macro virus | Macro creation for MS Office products. |
| File infectors | The virus infects executable files. |
| Boot sector infectors | Malicious code that runs at system startup. |
| Multipartite viruses | Combine file infectors and boot record infectors. |
Ethical Hacking Cheatsheet
Ethical hacking includes authorized attempts to gain unauthorized access to computer systems, applications, or data. Ethical hacking requires replicating the strategies and behaviors of malicious attackers. This practice helps identify security vulnerabilities, So they can be fixed before malicious attackers can exploit them.