People don’t really like to talk about computer security until there are problems. Once a security breach happens security will become very important and then slide back into obscurity. Computer Security is always important because private data is meant to remain private.
On the other hand, people always like to find out secretes. The cat and mouse game of computer security is based off of that idea. One side tries to break into every system they can and the other side works to block everyone from getting in.
What types of security threats are there?
Freeware applications can cause problems. They are usually free because they pack something a long side their software that gives them a kickback. Usually this will come in the form of a tool bar or a data miner or “Free PDF Software” or something of the like.
These are nasty little guys. If you accidentally run a password stealer it will grab / copy a copy of your stored passwords for Windows, Outlook, Web browsers like Chrome, Internet Explorer, Firefox and email that information to an email address or uploads it to a remote FTP server. The newer password stealers are starting to grab other things like saved FTP logins, website logins, messenger software, online game passwords license keys and everything else you would want to keep private.
Brute force attacks
Brute force attacks happen ever second of every day. Someone on the internet installs a brute force script and usually leaked username and passwords from the big hacks and tries to use those logins on other sites.
SEE: 1.4 Billon Clear Text Credentials Discovered in a Single Database
Think about how many people have re-used their email address and password on other sites.
Exploits are shell codes, escape characters, buffer overflows, cross site scripting and all kinds of other tricks that are used to break software. When the software breaks, it does things it’s not supposed to do like let anyone do anything in the system or allowing someone else to view all the user accounts. Exploits will abuse a specific software version with an expected result.
The malware threats
I assume at this point everyone has a fairly strong understanding of malware. We are talking about viruses, Trojans, worms and everything else that wants to sneak on your computer and control it.
Remote Admin Tools
Remote admin tools are basically remote tools made for systems administrators and IT companies that are made to be hidden. These are packed into installers, movies, PDFs and any other way they can get it on your computer. Once the rat has been installed your computer it is under the control of someone else.
The people pushing out phishing emails are getting sneakier and sneaker. The try to impersonate Apple, Amazon, PayPal and any other sites that have larger user bases or credit card information. They make it look like PayPal (as an example) is emailing you asking for your password. You go to a site that looks exactly like PayPal and steal your information.
Computer Security FAQ was started as a pet project by Dave. He started notice there was a lot of misconceptions relating to computer security. Mix that with massive data breaches in recent years and the fact that computer security and cyber security are finally becoming concerns of basically everyone. The result you get is this blog. It’s a great way to express myself about computer security as I’m a working computer consultant and network administrator.