That some copied versions of xcode had been modified

This preview shows page 10 - 13 out of 20 pages.

that some copied versions of Xcode had been modified to embed malicious softwareinto apps.Once the infected apps are downloaded, researchers said, the malicious codecan open particular websites designed to infect the device with more viruses. It can alsoopen innocuous-looking pop-up screens that ask users for more information, likepasswords to their Apple account. Hackers did not crack Apple’s software instead theytook advantage of the fact that many Chinese developers use copies of Xcode that areheld on Chinese servers, since they load faster than the version of the code that’savailable from Apple.10
We have textbook solutions for you!
/Management-of-Information-Security-6th-Edition-9781337405713-1235/
The document you are viewing contains questions related to this textbook.
Chapter 6 / Exercise 3
Management of Information Security
Mattord/Whitman
Expert Verified
Course: CECS 7570Name: Edwin J Berrios NegronDate: 11/27/2016Term: WI 16Reference: KeyloggingLink to paper:-email-accounts.htmlDate retrieved: (Paper retrieved on March 16, 2016)Annotated Bibliography:This article discusses the attack campaign uses key logger to hijack key business emailaccounts. Companies from 18 countries were targeted with the Olympic Vision keylogger. Security from antivirus firm Trend Micro recently detected an attack againstcompanies from 18 countries where key employees were targeted with emails thatcontained a commercial key logger program called Olympic Vision. Once installed on acomputer, Olympic Vision steals information about: the system configuration; log-incredentials saved in browsers, email clients, FTP programs and instant messagingapplications; key strokes; network information; clipboard images and text. It can alsotake screen shots. This information helps attackers to identify valuable computers, gainaccess to email accounts and understand the internal accounting workflows of thetargeted companies. They can then use the information to convince others to initiatefraudulent payments. Trend Micro research was able to trace the identities of the actors,and positively identified two Nigerian cybercriminals one operating from Lagos.Business Email Compromise has become a serious issue over the past two years, theFBI estimating that businesses worldwide have lost over a billion dollars to such scams.11
III. Summary of each Chapter 1-4 CISSP Exam GuideChapter 1 Security and Risk ManagementChapter 1 provides us information on the following topics Security terminology andprinciples, Protection and control types, Security framework, models, standards andbest practices, Computer laws and crime, Intellectual property, Data breaches, Riskmanagement, Threat modeling, Business continuity and disaster recovery, Personnelsecurity and Security governance. Management of security risks applies the principlesof risk management to the management of security threats. It consists of identifyingthreats or risk causes, assessing the effectiveness of existing controls to face thosethreats, determining the risks consequence, prioritizing the risks by rating the likelihoodand impact, classifying the type of risk and selecting an appropriate risk option or riskresponse.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 20 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A
Tags
Computer Security, malicious code
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Management of Information Security
The document you are viewing contains questions related to this textbook.
Chapter 6 / Exercise 3
Management of Information Security
Mattord/Whitman
Expert Verified

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture