Additional information (re)


Redirection is broadly used by websites to lead a request to another destination for reasons of SEO (Search Engine Optimalisation) and functionality. It prevents a user being showed a (404) error-message that a website does not exist while it dóes but only is available on a different location (URL). The source-code of the website or the server itself redirects the visitor automatically to another destination. If this traffic is being intercepted, the intruder could change this destination into another one. Always check the URL in the browsers' adress-bar if it's well-known and safe, often website-clones use domainnames that strongly resemble the original one.

Registry resident software

This is software that sits resident in the windows-registry. The Windows Registry is a collection of databases of configuration settings for Microsoft Windows operating systems. The Windows Registry stores much of the information and settings for software programs, hardware devices, user preferences, and operating-system configurations.
For example, when a new program is installed, mostly a set of instructions and file references are added to the registry in a specific location for the program and others that interact with it, to refer to for more information like where the files are located, which options to use in the program, etc.
Registry resident malware is a type of fileless malware that sits resident in the windows registry. It's Windows-registry manipulation involves the use of a malicious file or link that uses a normal Windows process to write and execute fileless code into the registry. Examples are Kovter, Gootkit and Powelike, which can transform your infected system into a click bot by connecting with websites and click-through ads. Malware that modifies registry keys is highly likely to remain in place undetected for extended periods of time.

Remote login- / hacking attack.

This is more like a category of attacks in which remote hackers try to exploit weak network security and critical unpatched vulnerabilities to tamper with processes that could potentially do damage in serious ways, depending on the reason for the attack.

There are several types of port scanners:

Replay attack

A replay attack is a type of network attack in which the intruder intercepts a message from a trusted source, modifies it and forwards the message to the original destination. The receiver sees a message coming in from a trusted source and can easily be tricked. This can cause clicking on a malicious link, transferring money to an unknown bankaccount, giving away all login credentials etc.

Social (and other) things: