"Trojan, a name adapted from the Trojan war story, is a computer program that masquerades as a normal file while in reality is a virus." Most Trojans penetrate a computer via email attachment. These emails are disguised to appear legit. After the user downloads these files, it starts to corrupt the system. A Trojan can also come unannounced as a payload with freeware and shareware that floods the internet. Although all freeware are not packaged with Trojan, it is advised to download such software from genuine sources. The multiple utilities of Trojan, which is directly proportional to the motive of the attacker, transform it into an internet gryphon. The utilities include identity theft, data theft, crashing computers, spying or tracking user activities. Installing good anti-virus software that keeps virus definition up-to-date and the one that cautions the user while opening an email attachment is the first step towards fighting Trojan.
Trojans can be classified in the following categories:
A backdoor Trojan gives the attacker control over the infected computer. This empowers the attacker to do anything he wishes. Be it sending, receiving, launching and deleting files, displaying data or rebooting the system. The most dangerous manifestation of Backdoor Trojan is uniting a group of victim computers to form a zombie network that can be used for criminal purposes.
Exploit Trojan uses the vulnerabilities of software to take advantage. These programs contain data or codes that facilitate such processes.
This variety of Trojan carries out a series of DoS (Denial of Service) attacks directed against a particular web address. By sending multiple requests from a single computer or via a zombie network, the attack can mutilate the target address resulting in denial of service.
Trojan-Dropper is a computer program used by hackers to plant or install Trojans and viruses – or to prevent detection of malicious files. Not all anti-virus are equipped with capabilities to scan and detect this type of Trojan.
This is the most talked about version of Trojan that has victimized many netizens. This virus program simulates anti-virus software activities and is used to extort money in lieu of removing the threats detected, which in reality are non-existential.
It is used to steal login passwords of the accounts used for instant messaging services such as ICQ, MSN Messenger, AOL, Yahoo Pager, Skype, among others.
Another kind of Trojan that has harassed people is Trojan-Ransom. This virus can modify data on the computer and make it non-functional. The attacker will restore normalcy of functioning only when the ransom is paid.
Best Practices for Selecting a Vulnerability Management (VM) Solution
White Paper By: Qualys
A complete Vulnerability Management (VM) solution can monitor your environment, enabling you to discover devices running in your network, and determine whether they are vulnerable to attack. The VM solution helps you to find fixes to the underlying problems, and protect yourself while those fixes are being implemented. This whitepaper provides insights on the best practices that will save...
An Insider's Guide to Easy SAP Audits
White Paper By: Revelation Software Concepts
SAP Audit Management helps to detect and correct risks to proper governance. The key to exception-free SAP audits is to maintain complete records and eliminate possible threats to record integrity. When auditors see you’ve done that, SAP audits become just another part of the normal IT process. This whitepaper on “An Insider’s Guide to Easy SAP Audits,” is a...
SAP Cyber Security in Figures: Global Threat Report 2016
White Paper By: ERPScan
How aware people are about SAP cyber security, regardless of how widely SAP in this region are implemented? This whitepaper shows a high level overview of SAP security in figures so that the problem area is not just theoretically comprehensible but based on actual numbers and metrics – from the information about the number of found issues and their popularity to the number of...
Vulnerability Management Maturity Level Control Security Risk Attacks and Data Breaches
White Paper By: Digital Defense
An organization’s vulnerability management maturity level is related to their ability to drive out security risk from their operations. The purpose of this model is to help organizations gauge their level of maturity with respect to their vulnerability management processes and their security maturity risk level. What truly is vulnerability management? Vulnerability management is a...
Information Sharing with SOPHIA “People, Process, and Technology”
White Paper By: Covenant Security Solutions, Inc
Information Sharing with SOPHIA has become an important aspect for organizations to improve the protection of their systems, process, or people based on the regional threat. By integrating SOPHIA's information sharing processes, it becomes easy for firms to share information on related risk profiles using modular functions. If you want to improve the protection of systems and processes...
Gamifying Cybersecurity for the Financial Services Sector
White Paper By: Circadence
Cyber‐attacks and threats against the financial services sector are ongoing – common targets include banks, payment processing companies, investment firms, and other organizations that manage financial transactions. A 2016 study reported that 83% of financial services companies cite defending against cyber threats and protecting personal data as one of their biggest challenges in...