Time
2 hours 13 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:08
Welcome to the Palo Alto Networks Academy Secure Business Systems Administration presentation of vulnerabilities and exploits were also going to take a look at spamming, phishing and bots. In botnets,
00:24
Attackers seek to exploit vulnerabilities
00:27
and consistent patching and upgrading of devices and systems of the standard methods that we used to minimize those risks that are associated with those known vulnerabilities.
00:38
Yet his system and application vulnerabilities there constantly being discovered. Preventing exploits is an ongoing task.
00:46
Some attacks also occur a zero day events, meaning that the vulnerability that is being exploited was not discovered until the exploit has occurred.
00:55
The complexities associated with vulnerability, detection and mitigation for business computational services clearly identifies the need for an enterprise wide cybersecurity solution. Effective cybersecurity also has to incorporate the consistent employee training model as an effective deterrent
01:14
to social engineering attacks.
01:18
While spamming is the bulk delivery of unwanted messaging and malware, spin attacks also are delivered through social media messaging links and other instant messaging services.
01:30
Spin attacks could be equally as effective as a spam attack.
01:34
Fishing is the term that applies when attacked user clicks on unwanted spammer spin and proceeds to engage with an infected site. Often the end user provides valuable information for the attacker.
01:48
More focused terms such a spear fishing and whaling are actually targeted. Attacks that are directed at personnel with specific authority or higher level business roles and responsibilities.
02:00
Spamming and fishing and tax use farming to direct users to infected websites that often looked like replicas of legitimate sites.
02:08
Attackers will register a domain name Web address, which is very similar to the legitimate name, and the end user may not notice any difference.
02:16
These sides can also function as watering holes, and they may be mistakenly visited by a Web user when they actually include a typo or an improperly type two domain name. And they appear, for all purposes to look like a legitimate site. Phishing attacks and farming sites can sometimes be detected by examining
02:35
the source email address of the sender
02:38
or by performing a detailed examination of a Web page
02:44
you might notice formatting and language errors, and also farming sites or farming displays often display unusual urgent warnings or messages and phishing attacks that air delivered via email, spin mawr, even voicemail usually also contain unusual requests that seem to come from high level administrative
03:02
technical.
03:04
Her managerial personnel.
03:06
These impersonated attacks often seek personal information and usually seem to escalate over a series of notifications or events.
03:15
While fishing and farming attacks are often directed at personnel bought, attacks are typically directed it devices bought attacks are often delivered by automated scripts that exploit existing vulnerabilities or course and users into clicking on infected pop ups, attachments or links.
03:32
An infected device functions as a bought, often in a collection of bots known as a bought net and can then be remotely controlled when a command and control messages triggered. Bots can be dormant for long periods of time undetected until its specific commanding control trigger or messages received.
03:53
Criminal networks will often so access to botnets that can contain thousands of individual bots. The attacker can then employed the bots at their own discretion
04:02
or even performing functions such as Bitcoin mining. So the idea that a single bought can perform a denial of service attack eyes pretty difficult to detect and also fairly inefficient.
04:15
But a distributed denial of service attack would be performed by an entire collection of bots in a botnet, and that should be detectable.
04:23
It would generate an unusual amount of network traffic, and it would be easy to see where that focused attack can have a significant impact on both the attacker target and also on overall network performance.

Up Next