Vulnerabilities and Attacks (OBJ 2.2, 2.3, 2.4, 2.5, & 4.1)

Vulnerabilities

• Weaknesses or flaws in hardware, software, configurations, or processes
• Consequences
  • Unauthorized Access
  • Data Breaches
  • System Disruptions

Attacks

• Deliberate actions by threat actors to exploit vulnerabilities
• Forms
  • Unauthorized Access
  • Data Theft
  • Malware Infections
  • DoS Attacks
  • Social Engineering

Hardware Vulnerabilities

• Focus
  • Firmware
  • End-of-life systems
  • Missing patches
  • Misconfigurations
  • Vulnerable hardware devices:
    • Servers
    • Workstations
    • Laptops
    • Switches
    • Routers
    • Network Appliances
    • Mobile Devices
    • Internet of Things
• Mitigation
  • Harden systems
  • Patch
  • Enforce baseline configurations
  • Decommission old assets
  • Isolation or Segmentation

Bluetooth Vulnerabilities and Attacks

• Vulnerabilities attacks like the following
  • Bluesnarfing
  • Bluejacking
  • Bluebugging
  • Bluesmack
  • Blueborne

Mobile Vulnerabilities and Attacks

• Topics
  • Sideload
  • Jailbreaking
  • Insecure connections
• Mitigation
  • Patch Management
  • Mobile Device Management
  • Prevent sideloading
  • Rooting

Zero-Day Vulnerabilities

• Newly discovered and exploited vulnerabilities
  • Exploited by malicious actors before a patch is designed
• Challenge
  • No known defenses or mitigations

Operating System Vulnerabilities

• Types
  • Unpatched systems
  • Zero-days
  • Misconfigurations
  • Data exfiltration
  • Malicious updates
• Protection
  • Patching
  • Configuration management
  • Encryption of Data
  • Installing Endpoint protection
  • Utilizing Host-Based Firewalls
  • Implementing Host-Based IPS
  • Configuring Access Controls and Permissions
  • Requiring the Use of Application Allow Lists

SQL and XML Injections

• SQL Injection
  • Exploits web app or database vulnerabilities
  • Allows the attacker to execute SQL commands within the applications database
• XML Injection
  • Targets XML data processing web applications
  • Also known as an X-path injection

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Attacks

• Cross-Site Scripting (XSS)
  • Injects malicious scripts into web pages
  • Web security vulnerability where malicious scripts are injected into web pages viewed by other users
• Cross-Site Request Forgery (CSRF)
  • Triggers actions on different websites without user consent

Buffer Overflows

• Software vulnerability when more data is written to a memory buffer than it can hold
• Allows malicious code to overwrite adjacent memory and execute arbitrary commands or cause the program to crash

Race Conditions

• Software vulnerability that occurs when multiple processes or threads in a concurrent system access shared resources or data simultaneously
• Key Terms
  • Time-of-Check (TOC)
  • Time-of-Evaluation (TOE)
  • Time-of-Use (TOU)