4
.docx
keyboard_arrow_up
School
Hillsborough Community College *
*We aren’t endorsed by this school
Course
2598
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
3
Uploaded by ElderOxide12578
Joshua Santos
CYB469-0
1.
What are some of threat intelligence feeds related to cyber-crime? Why
do you think your selection is different than others? How would you use
them?
The cyber-crime threat intelligence feeds selected for this analysis include
Open Threat Exchange, Cyber Threat Intelligence, and Information Security
News. The first two feeds provide indicators regarding the prevalence of
specific types of cyber-attacks. The third one provides coverage of cyber-
crime news from around the world. Each feed is unique in its own way--
Open Threat Exchange focuses on sharing indicators to protect against
critical infrastructure attacks, Cyber Threat Intelligence focuses on covering
global cyber espionage campaigns, and Information Security News covers
topics related to information security vulnerabilities and hacking attacks in
addition to cyber-crime news. The cybersecurity industry is exploding with
new products and techniques to detect, diagnose and protect companies
from cyber-attacks and data breaches. We are seeing an expansion of threat
intelligence feeds and services that provide valuable information regarding
emerging cyber threats. These threat intelligence feeds relate to topics such
as brand reputation risk management, supply chain risk mitigation and
threat prevention strategies. Out of all offerings in the cybersecurity
industry, our threat intelligence feeds provide value in several ways. First,
we are the only company that provides reports from multiple sources and
community platforms combined into one package. This allows organizations
to get a full view of what is happening around them more accurately than
using individual services alone. Second, we offer more comprehensive
reporting on threat information in a faster manner than other providers due
to our focus on this area of cybersecurity. Lastly, we offer ongoing upgrades
throughout the year to ensure all relevant threats are captured quickly and
effectively. Threat intelligence feeds are of two types: one that is based on
open-source content and the other that is based on confidential data.
Threat intelligence feed based on open-source content provides
information about latest cyber-attacks, vulnerabilities, and malware in real
time. These can be used to identify risks and threats in target networks.
Whereas the confidential threat intelligence feed provides access to
information from private sources such as government agencies, law
enforcement organizations and cyber-security firms.
2.
Refer to the log4j threat and cyber-attack. Provide brief analysis about the
attack. Your analysis should have explanation about the beginning and
end of the attack. By using your sources explain how and when a breach
occurs for the given attack.
The log4j threat and cyber-attack is a breach that has a high impact on its
users. This means there is no doubt that it will pose a great risk to its users
if not taken seriously by proper measures. The log4j threat and cyber-attack
begins by installing malicious application called icepick which can be used to
target system users through phishing links, malicious document
attachments and exploit kits. The project is initiated by the attacker so that
the user would not notice any kind of suspicious activities happening in
their system until it’s too late. Once the attacker gains access to victims’
machine then he proceeds to collect information from victim’s browser
history, email accounts, mail archives, passwords stored locally in browsers
or software such as KeePass and LastPass; additionally, they will also try to
get hold of company intellectual property through stealing large amounts of
data such as source code, internal documents etc. After collecting all this
information, the attacker can either use this information for making profit
or sell them off to another party for crime purpose.
What would be the expected damage:
The expected damage of the log4j
threat and cyber-attack is highly dependent on how the attacker chooses to
use it. For example, if an attacker wanted to target specific log files or
processes, they could cause harm to a company's Intellectual Property by
destroying or leaking data or stealing data for a ransom. In another
example, an attacker could use log4j to spread malware across networks
leading to further systems being affected such as through attacks at LANs or
WANs.
What are some remediation steps:
Remediation steps are mainly done to
prevent from being hacked. One of the first advantages is to use a virtual
network to make it invisible for hackers. Another way is to update and patch
your system as soon as possible. Use strong passwords and disable default
accounts, disable unused ports, and limit access through those that are
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help