From the course: Cloud Security Considerations for the Financial Services Industry
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Case study: NetTraveler
From the course: Cloud Security Considerations for the Financial Services Industry
Case study: NetTraveler
- [Instructor] Our final case study is named NetTraveler, which is a spear phishing advanced persistent threat that targets two publicly known Microsoft Office vulnerabilities that organizations should have patched. Many malicious external groups initiate this attack by sending spear phishing emails to an employee containing either a URL link to a site that has executable programs or a Word attachment that delivers an executable payload. Opening the file leads to NetTraveler exploiting a weakness in Microsoft Windows common controls ActiveX, which allows a remote attacker to execute arbitrary code on the system with the privileges of the victim. Employees who are not properly trained to recognize and deal with phishing attacks are potential victims. Furthermore, systems must be sufficiently hardened in order to prevent successful attacks. Both data breaches and data loss can result from this attack. In some cases, military intelligence may also be made available to terrorists, placing…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.