ESPC CERT

ESPC Computer Emergency Response Team (CERT) provides cyber incident response assistance to community and businesses. We work with industry partners, Computer Emergency Response Teams (CERTs) and authorities around the world to assist you with your cyber incidents. 

To subscribe to this service, please contact us at info@espc2go.com 

Above form collects your name & email address so that we can contact you in responding to your cyber incident(s). Check out our Privacy Policy for full story on how we protect and manage the data that you shared with us. 

Backdoor Exploit

Backdoors are hidden application methods to bypass security access.

Backdoor Exploits

They are normally used for pushing updates, log files and remote support. Exploit happen when people that know of these backdoors manipulate them to launch attacks.

Cyber Espionage

Cyber Espionage is the act or practice of obtaining an organisation's secrets without the permission of the owner.

Data Theft

Data theft is the act of stealing computer-based information from an unknowing victim with the intent to compromising privacy or obtaining confidential information.

Logic Bomb

A type of code that explodes or sets off certain malicious activities.

Logic Bomb

Payload is triggered when certain condition (logic) fulfilled. Most ransomware attacks has built in logic bomb.

Ransomware

A type of malware that uses public key encryption technology. It propagated using infected email attachments and malicious websites (drive-by downloads).

Ransomware

When users are infected, ransomware locks certain files and folders. It then display messages and the original files names to request user payment in exchange for decryption of the infected files.

Rootkits

Tools that are installed after obtaining root or admin level access to a system. The admin or root access itself can be gotten by exploiting system privileges vulnerabilities etc.

Rootkits

Can be used for good purposes or for bad - you can have full control of a computer. When a rootkit is successfully installed, it becomes hard to be detected unless the antivirus or antirootkit software is up-to-date.

Social Engineering

In the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.

Social Engineering

It is easy and extremely effective to gain information as it exploits the human factor. Method of Social Engineering: SMS, Phishing, Spear-Phishing, Shoulder Surfing etc.

SQL Injection

Code injection technique use to exploit application database's data validation vulnerabilities.

SQL Injection

It allows attackers to spoof identity, tamper with existing data, voiding transactions or changing balances as well as destroy the data or make it otherwise unavailable.

Trojan Horse

A malicious software that appears to be legit but executes a hidden harmful malware without the user's awareness.

Trojan Horse

Normally, they are triggered by "exe" attachments from emails and drive-by downloads. A trojan horse can be used to carry a payload for other malwares such as ransomware, virus, worms, rootkits, backdoor exploits, etc.

Virus

Portray harmful behaviour in an infected computer environment. It can erase files, corrupt file names and types.

Virus

Encrypted virus: Uses encryption and decryption modules to avoid detection. It renders computers inaccessible or useless.

Virus: Polymorphic code

Virus code mutates itself to avoid detection, only mutates slightly.

Virus: Polymorphic code

It uses built in encryption, decryption and polymorphic engines inside.

Virus: Metamorphic code

Totally rewrites itself to avoid detection.

Virus: Metamorphic code

It uses build metamorphic engine. Metamorphic viruses are considered to be more advanced threats than typical malware or even polymorphic viruses

Worm

Replicates itself in order to spread to other computer. Often used to replicate malware and their payloads.

Worm

Common payload is to install backdoor for creation of zombie computers. It also exploits vulnerabilities in operating systems.