BROADCASTS.com

b"

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 05 Today we're going to talk about malware infections,malware doesn't just appear on your computer.It doesn't just show up out of thin air.Somebody has to deliver it somehow and install it on your machine.Malware can be delivered in lots of different ways,including through software,messaging and media,from a botnet or zombies.It can have activate interception that's going to put malware into your network,or it can have a privilege escalation.Where somebody goes from being a regular user to a super user and infects your computer.Also, there's back doors and logic bombs.There is a lot of different ways

to get malicious software onto your machine.In fact, one of the simplest delivery methods is when somebody has physical access to your machine and plugs in something like a thumb drive that's already infected.

So, when we think about malware there's really two pieces of how malware gets onto your machine.The first, is what we call a threat vector. A threat vector is the method used by an attacker

to access a victims machine.Some examples of threat vectors are unpatched software, installation from a USB thumb drive, a fishing campaign,where one of your users clicks on a link to install a program, and many other

different methods that are out there.After we figure out what the threat vector is the next piece is what we call the attack vector.An attack vector is the means by which the attacker is going to gain access to that computer,

in order to affect you with malware.Now I know these two terms sound very similar, but there is a key difference.A threat vector is how we get to the machine itself, but the attack vector includes both the way we got to the machine

and how we're going to infect it. Let me provide you an example,to hopefully simply this just a little bit.Let's pretend that your house is a computer and I have a cupcake that's going to represent malware.My job as the attacker

is to get the cupcake from my house to your house and put it on your kitchen table.Now, that's my goal, as the attacker.You are going to try and defend against it.The threat vector I use might be that I can drive right up to your house,because your house isn't inside a gated community and there's no security guards looking for me.This would be a threat vector, your unguarded neighborhood. Now if I walk up to your door,and I start picking your lock,

and I enter your house,and I place the cupcake on your kitchen table, this represents the attack vector.It's all the things I did from driving to your house, to picking your lock, and delivering that poison

cupcake onto your kitchen table.That's the difference between the threat vector and the attack vector.Now, let's go back to the world of computers for a moment. Let's pretend that you have an old computer

that's running Windows 7 and you haven't bothered installing or downloading the latest security patches, because you've just been busy and haven't had time. Well, maybe you haven't installed these patches,in quite a long while.

So you have a computer that's missing a critical patch, like the Microsoft 17-010 patch, which came out in 2017. This was an essential security patch for the Eternal Blue vulnerability, this is a threat vector.This is your un-patched computer, but I don't yet have an attack vector, not yet.Now, as an attacker, I'm sitting there and I'm scanning the internet. I'm trying to find unpatched computers and lo and behold I find your computer and I determine that it's

missing this critical patch and therefore, you're vulnerable to an exploit against your file and printer services, which are known as SMB. Once I run this exploit, I'm going to be able to gain access to your machine

and install some kind of malware on it.This series of events now becomes my attack vector.