Learning about Cookies as Spyware
First party cookies are able to cache data such as authentication details and language settings to avoid the re-entry of huge clusters of information that users have generated during their previous online activities (Tirtea, Castelluccia & Ikonomou, 2010). Some of the information a user does not need to keep re-entering includes email addresses, usernames or even passwords. However, cookies are continuously being used as spyware on the internet, therefore, invading the privacy of the online users. An attacker can use the XXS (Cross Site Scripting) cookie to sniff through a computer and hijack someone’s account session.
The cookies are stored in plain text format and contain no personal information. This is because cookies contain information such as a session ID, sites visited and the time the session was established. Applications such as the Adobe Flash Player are able to use cookies to extract previous websites a user has visited. The subfolders that store this kind of information are placed on the user hard disk and can be reactivated every time the user visits the same web page. Attacks from hackers sometimes utilize the session hijack modes to reconstruct the browser history of a user thereby exploiting websites that contain vulnerable banking details. This can be done by rebuilding all the websites a user has visited and therefore gain access to sensitive private information or even modify the browser settings.
Delegate your assignment to our experts and they will do the rest.
Learning about a Virus
The Zeus virus is a Zbot banking Trojan that steals credit card information and banking information from the online banking websites (Doevan, 2018). The virus is easily propagated using e-mails and fake pop-up windows or advertisement sites. It utilizes the form grabbing technique that includes additional fields in the online forms. The attackers are able to spy on the data being transferred in these forms using the keystroke signatures. This virus consequently facilitates the process of money transfer from the users accounts without their knowledge.
The Zeus malware propagates itself by phishing and tracking the sites a user visits. It then tricks the online users into installing the virus by bombarding them with huge amounts of data and websites that contain the windows notification window. The virus imitates the windows blue screen alerting the user of a possible virus infection. The pop-up windows only stop when the user accepts to be redirected to an unknown website that is infected with the Zeus virus (Maria, 2018). The virus is consequently installed on the client machine where it is able to delete system files, generate system reboots, shutdowns or even crashes.
Recommending Security
The top 5 security controls recommended by SANS (Brooks, 2018).
1. Companies should keep an inventory of all devices that access the company website, whether authorized or unauthorized. This is because attackers are looking for vulnerable points that they can use to gain access to a network.
2. Companies should also keep track of all unauthorized software are used and installed within the company. I agree with this recommendation since most antiviruses are unable to detect the zero-day exploits that come with software’s that have not been patched (“SANS Institute Recommends,” 2011). An antivirus can only detect these zero-day vulnerabilities once the new signatures have been patched.
3. Companies should use automated administrative tools such as the Active directory to track unauthorized users who gain access into the company network. I agree that beyond trust privileges leads to elevating the administrative roles of an attacker thereby causing a breach in network security and theft of crucial company data.
4. Companies should control the entry points for malware and viruses. I agree with the limitations put on active and executable code such as JavaScript. The use of anti-viruses, firewalls and anti-spyware are some of the techniques companies should deploy to reduce the chances of these programs being installed into the company network.
5. Companies should focus on protecting any dedicated servers such as the file server, mail daemon, and web servers. This is because attackers can use the file transfer or email ports to gain remote access to the company network.
The Domain Name System (DNS) protocol
Jin Postel, Paul Mockapetris and Craig Patridge in 1984, developed the Domain Name System (DNS) protocol to enhance the process of name resolution of components connected to the internet (Pope, Warkentin, Mutchler & Xin, 2012). The users of the internet found it easy to remember names such as www.google .com on a URL or web addresses rather than IP address of the destination computer. These Internet Protocol (IP) addresses act like telephone numbers and are instrumental in the routing or transportation data packets around the internet.
The Domain Name System (DNS) protocol therefore is a name to address resolution protocol used on the internet to translate the Fully Qualified Domain Names (FQDM) such as www.google.com into its corresponding IP address such as 173.194.22.173. When a user enters the www.google.com into a web browser, this web browser must first know the IP address of the destination website such as www.google.com. First the DNS server will contact the local servers within its database to locate where all the .com root server IP addresses are stored. The.com root server then responds by sending the IP address of the Google network. The IP address of the google.com network is finally sent to the browser requesting it, and a session is established between the two computers before any information can be eventually exchanged between the two computers.
References
Brooks, R. (2018, February 1). Top 20 Critical Security Controls for Effective Cyber Defense. Netwrix, Netwrix Corporation. Retrieved on 27 June 2018 from https://blog.netwrix.com/2018/02/01/top-20-critical-security-controls-for-effective-cyber-defense/
Doevan, J . (2018, March 19). Zeus Trojan. How to remove? (Uninstall guide). 2-spyware.com Accessed on 27 June 2018 from https://www.2-spyware.com/remove-zeus-trojan.html
Maria, K. Zeus “Virus” Removal (Microsoft Support Scam) June 2018 Update.
HowToRemove.guide. Accessed on 27 June 2018 from https://howtoremove.guide/zeus-virus-scam-mac-microsoft/
Pope, M. B., Warkentin, M., Mutchler, L. A., & Xin (Robert) Luo. (2012). The Domain Name System-Past, Present, and Future. CAIS , 30 , 21.
SANS Institute Recommends Least Privilege Security Model to Reduce Impact of Zero-Day Attacks. (2011, May 31). BeyondTrust. Retrieved on 27 June 2018 from https://www.beyondtrust.com/resources/press-release/sans-institute-recommends-least-privilege-security-model-to-reduce-impact-of-zero-day-attacks/
Tirtea, R., Castelluccia, C., & Ikonomou, D. (2010). Bittersweet cookies: Some security and privacy considerations. ENISA (European Network and Information Security Agency) .
