– ActiveX controls: in certain occasions, when we sailed by Internet, it appears to us a message that asks for our authorization to execute small programs in our own equipment, like requirement essential to be able to continue with our activity in the page Web in which we were. These programs come from the Web server to which we have acceded, but they are executed directly in the computer of the user, reason why the danger is clearly. – Unloading and execution of archives .exe: it can be obtained through techniques of social engineering, that is to say, through deceit of the user or the abuse of his confidence, affection, etc. – Instantaneous mail: at the moment the programs Messenger type very they are extended between the users, who even can get to accept like contacts at people who do not know, or who do not know the sufficient thing. In these cases the attacker will try that the victim accepts a file she executes and it in his equipment. – Operation of vulnerabilities of third parties through navigator: we cannot leave without commenting another one of the routes by which an attacker can get to control the team of a user, and that route is the one to take advantage of through navigator Internet the vulnerabilities or exploits that occurs in applications of third parties (different from the manufacturer of the navigator in the majority of the cases).
Special numerous attention is due to render to exploits that they affect well-known reproducers of video that the majority of us we used with remarkable frequency. And up to here the first approach to the most common attacks that they can be sent to take control of the control of a user team, who will be able to serve the attacker as platform as attack to a whole network or a servants of the organization to whom the user belongs. It is, then, patent the necessity to educate and to bring back to consciousness to the users, because it is the most effective form to protect in last instance all our network. udea Security of the Information Manuel Diaz Sampedro Department Management of the Security