a type of malware which consists of some trigger, and a payload which infects a machine and can then copy itself. Unlike worms, viruses must be activated. Viruses come in many different variates. IoCs known malicious files malicious use of system commands Defences awareness training patching anti-virus Intrusion Prevention Systems (IPS) reputation-based tools