From the course: Cloud Security Considerations for General Industry
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Case Study: Net Traveler
From the course: Cloud Security Considerations for General Industry
Case Study: Net Traveler
- [Kevin] Our final case study is named NetTraveler, which is a spearfishing advanced persistent threat that targets two publicly-known Microsoft Office vulnerabilities that organizations should have patched. Many malicious external groups initiate this attack by sending spearfishing emails to an employee containing either a URL link to a site that has executable programs or a Word attachment that delivers an executable payload. Opening the file leads to NetTraveler exploiting a weakness in Microsoft Windows Common Controls ActiveX, which allows a remote attacker to execute arbitrary code on the system with the privileges of the victim. Employees who are not properly trained to recognize and deal with fishing attacks are potential victims. Furthermore, systems must be sufficiently hardened in order to prevent successful attacks. Both data breaches and data loss can result from this attack. In some cases, military intelligence…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.