1.6 - Various Types of Vulnerabilities Flashcards

Security Concerns Associated with Various Types of Vulnerabilities

1
Q

Zero-Day attacks

A
  • Vulnerability has not been detected or published
  • Increasingly common
  • Very difficult to mitigate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Open Permissions

A
  • Very easy to leave the door open (hackers will find it)
  • Increasingly common with cloud storage, higher statistical change of finding an open permissions (misconfiguration)
  • Attackers spend a lot of time in cloud repositories looking for these vulnerabilities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Unsecured Root Accounts

A
  • Can be a misconfiguration that leaves the administrator or superuser account open
  • Or using an easy to hack password
  • To combat - disable direct login to the root account (use the su or sudo option)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Error

A
  • Error messages can provide useful information to an attacker
  • Ex: may show service type, version information, debug data (memory values)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Weak Encryption

A
  • Weak Encryption protocol:
  • weak protocols: DES (3DES is stronger) but both are weaker than AES
  • weak length of encryption(< 128 bits)
  • weak Hash used (MD5 (outdated))
  • Wireless Encryption (WPA)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cipher suites

A
  • Stay up to date with industry latest approved
  • TLS (Transport Layer Security protocol) - is on the browswer, but there are over 300 cipher suites, some are very secure and some are not
  • Avoid weak or NULL encryption (128 bits or smaller)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Strong Encryption

A
  • Strong Encryption protocol:
  • Strong protocols: AES (DES = weak)
  • strong length of ( > 128 bits (like 256))
  • Hash used (SHA)
  • Wireless Encryption (WEP)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Insecure protocols

A
  • Some protocols aren’t encrypted
  • “In the clear” protocols sends all traffic in the clear
  • Ex: Telnet, FTP, SMTP, IMAP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Packet capture

A
  • See if you can read through packet capture, if you can read it in plain English, it’s not being encrypted in transport
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Secure Protocols

A
  • Use encrypted protocols

- Ex; SSH, SFTP, IMAPs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Default settings

A
  • Attackers know many ppl will not change default user name / password
  • Ex: Mirai botnet - takes advantage of deafult user/name password for these IoT devices
  • 60 + default configurations
  • Your camera, router, doorbell can become part of a botnet
  • Mirai botnet is open source so attackers can download and modify!
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Open ports and services

A
  • Services will open ports
  • This creates an opening into the server
  • Let the good ppl in and keep the bad ppl out
  • Often managed with Firewalls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Firewalls

A
  • Software based firewalls running on the server
  • Network based firewalls running on the ingress/ egress part of the network
  • Commonly have a rule set that will allow /disallow access to different ports on the IP address
  • Firewall rulesets can become complex can be easy to make a mistake
  • To combat - double, triple check (test and audit)
  • look for mistakes with ports/ ip addresses, anything that allows access to a service
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Patch managed

A
  • The update server determines when you path
  • test all of your apps patches, load onto central server, then deploy
  • efficiently manage bandwidth
  • Often centrally managed, priority for many orgs
  • Patches can be associated with firmware or OS or associated with applications
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Legacy systems

A
  • Often to turn off
  • Often systems are running beyond the end of life, security concern
  • May keep legacy systems, but may need to add additional firewalls/ security around the system
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Third- party

A
  • IT security doesn’t change b/c it’s a third party, there should be more security not less
  • Ensure that security policy and procedures are prepared
  • they are often on the internal network
  • May not be malicious but can be
17
Q

Vendors

A
  • Ensure that vendors are aware of problem, they need to be motivated enough to fix the problem if one arises
  • Can’t make the changes ourselves, need trusted vendors
18
Q

Supply-chain risk

A
  • Important to maintain security controls whether in house or third party
  • Have to check hardware and software coming from third parties
19
Q

Outsourced code development

A
  • If code is in house, may want to provide a VPN or have data stored in cloud, must make sure you have implemented correct security controls
  • Best practice that wherever developer is working is isolated from production
20
Q

Data storage

A
  • Consider the type of data (ex: healthcare, financial)
  • May be mandates about how to store data (esp. if it’s at a third party) - might need to be encrypted if it’s financial / health
21
Q

Vulnerability $ impact to the US

A
  • 57 - 109B cost the US economy
22
Q

Results of vulnerability

A
  • Data loss (ex: DB with no password)
  • Ex: Meow attack - using no password or default, this data was being deleted, all data overwritten by ‘meow’
  • Some attackers prefer to steal identity (Ex: Equifax)
  • Financial loss (Ex: Bank of Bangladesh)
23
Q

SWIFT

A
  • Society for Worldwide Interbank Financial Telecommunications
  • Attackers sent secure messages to transfer money via SWIFT network to transfer 1B to different banks in one attack
  • Bank to bank network that has been hacked
24
Q

Reputation Impacts

A
  • Organizations are often disclosed
  • Can cause stock prices to drop
  • Ex: Uber breach that they didn’t announce, UBER tried to pay off the hackers and then paid 148M in fines
25
Q

Availability loss

A
  • An attack could cause outages/downtime

- Ex: ransomware attacks that can bring down large networks