1.6 Type of vulnerabilities Flashcards
What is a vulnerability?
A weakness in an IT system that can be exploited by an attacker to deliver a successful attack
What are the different vulnerability types ?
- Zero-day attacks
- System Misconfigurations
- Out-of-date or Unpatched Software
- Missing or Weak Authorization Credentials
- Missing or Poor Data Encryption
What is a zero-day vulnerabiliy
A vulnerability that has not been detected or published or exploited. Those are very difficult to mitigate because new
What is an open permission vulnerability?
Sometimes, attackers don’t need to find a hidden vulnerability that’s inside of software instead they wait for you to leave the door open and they simply walk in to that open door. This is an open permissions problem, where information has been put onto the internet but no security has been applied to that data
What is unsecured root accounts vulnerability?
The root account is not adequately secured due to misconfiguration or weak password policy.
What is errors vulnerability?
Errors message can provide useful information to an attacker (service type, version, debug info etc)
What is weak encryption vulnerability?
Encrypted data doesn’t mean data are fully secured. We need to use strong encryption protocols (AES, 3DES). An attacker can intercept communication between systems and extract critical information and inject false information onto a server. This can seriously undermine an organization’s efforts toward cyber security compliance and lead to fines from regulatory bodies
What is insecure protocols vulnerability (part of encryption vuln)?
Some protocols aren’t encrypted (Telnet, FTP, SMTP, IMAP) and can be viewed by an attacker. Instead use SSH, SFTP, IMAPS etc
What is defaults settings vulnerability ?
Every application and network device has default login. An attacker can gain access to a system using default credentials.
What is and open ports and services vulnerability?
To be able to communicated with a service/application, ports needs to be opened. Opening these ports create an opening into the server. To mitigate this, we can use a firewall to manage traffic flows and allow/deny based on port nb or application.
What is improper patch management vulnerability?
Hackers tend to probe networks for unpatched systems that are easy targets. These unpatched vulnerabilities can be exploited by attackers to steal sensitive information. To minimize these kinds of risks, it is essential to establish a patch management schedule so that all the latest system patches are implemented as soon as they are released.
Patches can concern OS, firmware, applications
What is system misconfiguration vulnerability?
Network assets that have disparate security controls or vulnerable settings can result in system misconfigurations. Cybercriminals commonly probe networks for system misconfigurations and gaps that look exploitable. Due to the rapid digital transformation, network misconfigurations are on the rise.
What is legacy platform vulnerability?
Legacy systems are devices that remain install for a long time andmay not be easy to uninstall because they may perform a particular function that can not be duplicated (e.g end-of-life software, old OS, middleware etc). These may require additional security protection (additional firewall rules, IPS sinature rules for older OS etc)
What is a third-party risks?
Any risk brought on to an organization by external parties. It can concern:
- system integration: perform professional maintenance/installation and can run software on the internal network
- Lack of vendor support: vendor do not keep the system updated and safe
- Supply chain: hardware/software can be infected with malware
- Outsourced code dev: access to source code must be secured and development systems should be isolated from the network, once complited, the code must be tested for security (backdoor, encryption etc)
- Data storage: consider the type of data stored, encryption at rest and transit
What can be the impact of a vulnerability?
- Data loss
- Identity theft
- Financial loss
- Reputation impacts
- Availability loss
