Software-

based
Threats
Security Threats and
Vulnerabilities
 Group 2

CEIT-37-703A
ITP410

Evangelista, Erika S.
Fabula, Mauren Fiel F.
Fuentes, Vinz Jayson A.
Hernandez, Jon Rhem Ax'l B.
Magpili, Emily
Morales, Jamaica 0.
Rellores, Kenneth S.
SOFTWARE-BASED THREATS

● Software threats are malicious

computer programs and applications
that can harm your computer and
steal personal or financial
information. As a result, these
dangerous applications are
frequently referred to as malware
(short for "malicious software.")
SOFTWARE-BASED THREATS

To counteract the consequences of

software threats and risks, several
antivirus programs and complete
security tools are available.

● Anti-spyware and dedicated adware

removal tools are included in a
SECURITY comprehensive security suite, as well
as virus protection. Most vendors
also release updates or patches to
address security flaws exploited by
email viruses.
Examples of
Software-
based Threats
Threat #1: Vulnerabilities

How they attack:

Vulnerabilities are flaws in computer software that create

weaknesses in your computer or network’s overall security.
Vulnerabilities can also be created by improper computer or
security configurations. Threats exploit the weaknesses of
vulnerabilities, resulting in potential damage to the computer or
its data.
Threat #2: Spyware

How it attacks:

Spyware can be downloaded from Web sites, email messages,

instant messages and direct file-sharing connections.
Additionally, a user may unknowingly receive spyware by
accepting an End User License Agreement from a software
program.
Threat #3: Malware

How it attacks:

Malware is a category of malicious code that includes viruses,

worms and Trojan horses. Destructive malware will use popular
communication tools to spread, including worms sent through
email and instant messages, Trojan horses dropped from Web
sites and virus-infected files downloaded from peer-to-peer
connections. Malware will also seek to exploit existing
vulnerabilities on systems making their entry quiet and easy.
Threat #4: Phishing

How it attacks:

Phishing is essentially an online con game, and phishers are

nothing more than tech-savvy con artists and identity thieves.
They use spam, malicious Web sites, email messages and
instant messages to trick people into divulging sensitive
information, such as bank and credit card information or access
to personal accounts.
 02
INCIDENTS RELATED
TO SOFTWARE-
BASED THREATS
Incidents Related to Software-based Threats

● COLONIAL PIPELINE COMPANY

RANSOMWARE ATTACK

On May 7, the Colonial Pipeline

Company announced that it had been the
victim of a "cybersecurity attack" that
included "ransomware." When an employee
discovered a ransom note from hackers on a
control-room computer at daybreak on May
7, the Colonial Pipeline operator realized it
was in trouble.
● FRUITFLY SPYWARE ATTACK

Philip R. Durachinsky, 28
years old from North Royalton,
Ohio has been indicted due to
spying. Prosecutors revealed that
Durachinsky created and installed
a malware called “Fruitfly ” on
thousands of people for 14 years
from 2003 to January 20, 2017.
● TWITTER PHISHING ATTACK

On July 15 2020, a Tweet was shared on a

variety of high-profile pages, including Barack
Obama, Joe Biden, Bill Gates and Elon Musk. “I’m
giving back to the community. All bitcoin sent to the
address below will be sent back doubled! If you
send $1000, I will send back $2000. Only doing this
for 30 minutes,” it reached more than 350 million
people and resulted in the recovery of £86,800 in
stolen ‘donations’ within hours.
 Security Tips
● To avoid viruses you should run anti-virus software (Norton, MacAfee, and Avast are examples
of reputable programs) and avoid clicking on unexpected attachments. Installing patches (a
software “fix” designed to address holes and vulnerabilities in software) issued by software
vendors can also protect you as they can close down vulnerabilities exploited by viruses.

● Avoid opening any documents that are not from a sender you know and trust. If any of your
programs begin behaving oddly, run a scan using your anti-virus software immediately.

● Most antivirus software detects adware and labels it as “potentially unwanted applications”.
You can then authorize the adware or choose to remove it.
● Most computers come with embedded security features including a firewall. This prevents
unknown programs and processes from accessing the system but is not a replacement for
anti-virus software.
 Security Tips
● Don't click on links within pop-up windows

● Never click "Agree" or "OK" to close a window that you suspect might be spyware. Instead, click
the red "x" in the corner of the window or press Alt + F4 on your keyboard to close a window.
● Be wary of free downloadable software

● Don't follow email links claiming to offer anti-spyware software

● Read all security warnings, license agreements, and privacy statements that are associated
with any software that you download.

● Only download programs from sites that you trust.

● Use a standard user account instead of an administrator account.