2. Threats, Vulnerabilities, Mitigations Flashcards
2.1 Shadow IT
unapproved IT operations, introduces new system risks
2.1 list of motivations for threat actors
- data exfiltration
- espionage
- service disruption
- blackmail
- financial gain
- philosophical beliefs
- ethical
- revenge
- disruption/chaos
- war
2.2 email attack surfaces and threat vectors
unprotected account, poorly configured filter, user unawareness
threat vectors: phishing, malware attachments, email spoofing
2.2 smishing
SMS phish, fraudulent SMS messages
2.2 vectors and surfaces for IM
social engineering, malicious link, file transfer, unsecured account, bad security settings
2.2 file-based vectors
malware, macros, email attachments, file sharing services
2.2 Vishing
Voice call impersonating legitimate entity
2.2 Attack surface vs. threat vector
a surface is an area where exploit is possible (USB port, landline network) whereas a vector is the method of attack (infected USB, Vishing)
2.2 MSP
Managed Service Provider
Vectors: insider threat, stealing client network data, supply chain infiltration
Surfaces: remote management tools, client network, third party software
2.2 pretext
attacker creates a fabricated scenario to trick the victim (urgency or authority figure)
2.2 watering hole
website that is visited frequently
2.3 Race Conditions
TOCTOU
(Time of Check, Time of Use)
2.3 Resource reuse vulnerability
sensitive info not removed from a resource before it is reused
2.3 Mobile vulnerability
Sideloading
Jailbreaking
2.4 Virus
attaches itself to a legit programs and spreads to others
