Bahar Hussain

MCS, FSWD (MERN), DevOps Engineer,

MCSE, CCNA (R & S), CCNP (R & S), RHCSA,
RHCE, PGD-CS, DAT, DCS, CCNP (Security),
DCG, DMD, Certified in VMware
(Virtualization & Mobility), Data Backup &
Security , Specialist in Networks And
Multimedia Graphics
“As a Trainer, excels in imparting knowledge across Front-end Development, Graphic Design,
DevOps Engineering, and Multimedia Designing & Editing. Her hands-on approach, coupled with
industry experience, ensures learners gain practical skills in coding, design tools, and multimedia
creation, empowering them to thrive in creative and tech fields.”

Master Trainer
What Is a Cyberattack?
A cyberattack is a malicious and deliberate attempt by an individual or
organization to breach the information system of another individual or
organization. Usually, the attacker seeks some type of benefit from
disrupting the victim’s network.
What is a botnet?
A botnet is a network of devices that
has been infected with malicious
software, such as a virus. Attackers
can control a botnet as a group
without the owner’s knowledge with
the goal of increasing the magnitude
of their attacks. Often, a botnet is
used to overwhelm systems in
 What Are the Most Common Cyberattacks?
Malware
Malware is a term used to describe malicious software, including spyware, ransomware,
viruses, and worms. Malware breaches a network through a vulnerability, typically when a
user clicks a dangerous link or email attachment that then installs risky software. Once
inside the system, malware can do the following:
•Blocks access to key components of the network (ransomware)
•Installs malware or additional harmful software
•Covertly obtains information by transmitting data from the hard drive (spyware)
•Disrupts certain components and renders the system inoperable
Phishing
Phishing is the practice of sending fraudulent communications that appear to come from a
reputable source, usually through email. The goal is to steal sensitive data like credit card
and login information or to install malware on the victim’s machine. Phishing is an
Man-in-the-middle attack
Man-in-the-middle (MitM) attacks, also known
as eavesdropping attacks, occur when
attackers insert themselves into a two-party
transaction. Once the attackers interrupt the
traffic, they can filter and steal data.
Two common points of entry for MitM attacks:
1. On unsecure public Wi-Fi, attackers can
insert themselves between a visitor’s device
and the network. Without knowing, the visitor
passes all information through the attacker.
2. Once malware has breached a device, an
attacker can install software to process all of
the victim’s information.
Denial-of-service attack
A denial-of-service attack floods systems, servers, or
networks with traffic to exhaust resources and
bandwidth. As a result, the system is unable to fulfill
legitimate requests. Attackers can also use multiple
compromised devices to launch this attack. This is
known as a distributed-denial-of-service (DDoS) attack.

SQL injection
A Structured Query Language (SQL) injection occurs when an
attacker inserts malicious code into a server that uses SQL and
forces the server to reveal information it normally would not. An
attacker could carry out a SQL injection simply by submitting
malicious code into a vulnerable website search box. Learn how to
Zero-day exploit
A zero-day exploit hits after a network vulnerability is announced but before a patch or
solution is implemented. Attackers target the disclosed vulnerability during this window of
time. Zero-day vulnerability threat detection requires constant awareness.

DNS Tunneling
DNS tunneling utilizes the DNS protocol to communicate non-DNS traffic over port 53. It
sends HTTP and other protocol traffic over DNS. There are various, legitimate reasons to
utilize DNS tunneling. However, there are also malicious reasons to use DNS Tunneling VPN
services. They can be used to disguise outbound traffic as DNS, concealing data that is
typically shared through an internet connection. For malicious use, DNS requests are
manipulated to exfiltrate data from a compromised system to the attacker’s infrastructure.
It can also be used for command and control callbacks from the attacker’s infrastructure to
a compromised system.
omputer
Virus
A computer virus is a type of malware that, when executed, replicates itself by
modifying other computer programs and inserting its own code into those
programs. If this replication succeeds, the affected areas are then said to be
"infected" with a computer virus, a metaphor derived from biological viruses.
Computer viruses generally require a host program. The virus writes its own code
into the host program. When the program runs, the written virus program is
executed first, causing infection and damage. By contrast, a computer worm does
not need a host program, as it is an independent program or code chunk.
Therefore, it is not restricted by the host program, but can run independently and
actively carry out attacks. Or
A computer virus is an ill-natured software application or authored code that can
attach itself to other programs, self-replicate, and spread itself onto other devices.
When executed, a virus modifies other computer programs by inserting its code
Types of Computer Viruses
Every computer virus has a payload that performs an action. The threat actor can code
any malicious activity into the virus payload, including simple, innocuous pranks that don’t
do any harm. While a few viruses have harmless payloads, most of them cause damage to
the system and its data. There are nine main virus types, some of which could be
packaged with other malware to increase the chance of infection and damage. The nine
major categories for viruses on computers are:
Boot Sector Virus
Your computer drive has a sector solely responsible for pointing to the operating system so
that it can boot into the interface. A boot sector virus damages or controls the boot sector
on the drive, rendering the machine unusable. Attackers usually use malicious USB
devices to spread this computer virus. The virus is activated when users plug in the USB
device and boot their machine.
Web Scripting Virus
Browser Hijacker
A computer virus that can change the settings on your browser will hijack browser
favorites, the home page URL, and your search preferences and redirect you to a malicious
site. The site could be a phishing site or an adware page used to steal data or make money
for the attacker.
Resident Virus
A virus that can access computer memory and sit dormant until a payload is delivered is
considered a resident virus. This malware may stay dormant until a specific date or time or
when a user performs an action.
Direct Action Virus
When a user executes a seemingly harmless file attached to malicious code, direct-action
viruses deliver a payload immediately. These computer viruses can also remain dormant
until a specific action is taken or a timeframe passes.
Polymorphic Virus
Malware authors can use polymorphic code to change the program’s footprint to avoid detection.
File Infector Virus
To persist on a system, a threat actor uses file infector viruses to inject malicious code into
critical files that run the operating system or important programs. The computer virus is
activated when the system boots or the program runs.

Multipartite Virus
These malicious programs spread across a network or other systems by copying
themselves or injecting code into critical computer resources.

Macro Virus
Microsoft Office files can run macros that can be used to download additional malware or
run malicious code. Macro viruses deliver a payload when the file is opened and the macro
runs.
How Do Viruses Spread?
Computer viruses spread through various channels, and being aware of these channels is
essential to protect yourself and your organization from infection.

Email Attachments
One method of virus transmission is through email attachments. Hackers often disguise
their malicious code as seemingly harmless files, such as documents or images
unsuspecting users open without a second thought. For example, Ursnif banking Trojan
campaigns are known to spread via email attachments posing as invoices or financial
statements.

Internet Downloads
Viruses can also hide in software installers, media files, or even browser extensions that
you download from the web. It’s important to be cautious when downloading files from
unknown sources or sketchy websites. A notorious case was the Download.com scandal,
File Sharing Networks
File sharing networks like torrent sites and peer-to-peer platforms can easily transmit
viruses. Innocent-looking movie torrents or cracked software may carry hidden payloads
designed to compromise your device upon installation. For example, The Pirate Bay used a
browser-based cryptocurrency miner, so when someone visited the website, their
computer was used to mine cryptocurrency without their knowledge or consent.

Removable Media
Viruses can attach to removable media, such as USB drives and CDs/DVDs, infecting any
computer they’re plugged into. The infamous Stuxnet worm is a prime example of a virus
that spreads through removable media.
To protect yourself and your organization from computer viruses, always exercise caution
and employ robust cybersecurity measures like up-to-date antivirus software and regular
system scans. Remember, knowledge is power, especially when preventing viruses and
cyber-attacks.
 Examples of Computer Virus
The web contains millions of computer viruses, but only a few have gained popularity and infect record
numbers of machines. Some examples of widespread computer viruses include:
•Morris Worm – One of the earliest and most pervasive computer virus examples, this self-replicating
computer program spread through the early Internet in 1988, slowing down or crashing many
machines.
•Nimda – This particular type of worm targeted web servers and computers running Microsoft
Windows operating systems, spreading through multiple infection vectors in 2001.
•ILOVEYOU – A highly destructive worm that spread via email, disguised as a love confession and
caused widespread damage in 2000 by overwriting files.
•SQL Slammer – A fast-spreading computer worm that exploited a vulnerability in Microsoft SQL
Server, causing network congestion and disrupting Internet services in 2003.
•Stuxnet – A sophisticated worm designed to target and sabotage industrial control systems,
particularly Iran’s nuclear program, by exploiting zero-day vulnerabilities in 2010.
•CryptoLocker – This ransomware Trojan, which infected hundreds of thousands of computers in
2013, encrypted victims’ files and demanded a ransom for their decryption.
•Conficker – Emerging in 2008, this worm exploited vulnerabilities in Windows operating systems,
creating a massive botnet and causing widespread infection.
•Tinba – First discovered in 2012, this banking Trojan primarily targeted financial institutions, aiming
to steal login credentials and banking information.
•Welchia – A worm that aimed to remove the Blaster worm from infected systems and patch the
exploited vulnerability but caused unintended network congestion in 2003.
•Shlayer – A macOS-specific Trojan that primarily spreads through fake software updates and
downloads, delivering adware and potentially unwanted programs since 2018.