PART I

MALWARE

CASE STUDY: Please Review This Before Our Quarterly Meeting

Let’s look at a scenario of an organization being targeted for a breach.

Tuesday 3:20 pm   A fake but very realistic email is sent to the ten executives on the company’s management team from what appears to be the CEO of a medium-sized manufacturing firm. The email is titled, “Please review this before our meeting,” and it asks them to save the attachment and then rename the file extension from .zip to .exe and run the program. The program is a plug-in for the quarterly meeting happening that Friday, and the plug-in is required for viewing video that will be presented. The CEO mentions in the message that the executives have to rename the attachment because the security ...

Get Hacking Exposed Malware & Rootkits: Security Secrets and Solutions, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.