2.3 Flashcards
Memory injections, buffer overflows, race conditions, malicious updates, operating system vulnerabilities, SQL injection, cross-site scripting, hardware vulnerabilities, virtualization vulnerabilities, cloud-specific vulnerabilities, supply chain vulnerabilities, misconfiguration vulnerabilities, mobile device vulnerabilities, zero-day vulnerabilities
All software runs in ____
Memory
A method of attack where an attacker injects code into the memory of an existing process
This allows the malware to get access to the same rights, permissions, and data as that process–meaning it has performed a privilege escalation
Memory injection
A Windows library containing code and data for applications to use
DLL (Dynamic-Link Library)
DLL stands for
Dynamic Link-Library
One of the most common forms of malware injection
A method of attack where attackers inject a path to a malicious DLL on the victim process
This way, the victim process will use the malicious DLL instead of the default one
DLL injection
A type of attack where the attacker writes more data than what is expected into a particular area of memory
Buffer overflow
Checks to ensure that everything/everyone writing into memory is writing only as much as the memory can hold
Bounds checking
A vulnerability when two events happen at nearly the same time, and the application doesn’t take into account that the two things may be operating simultaneously. This often has an unexpected outcome.
Race condition
A type of attack where an event happens/a value changes between the time a process checks the value, and the time that the value is used.
TOCTOU
TOCTOU stands for
Time-of-check to time-of-use
2 best practices associated with updating/patching
Always have a known-good backup
Install only from trusted sources
What type of security check is performed automatically by your computer to ensure that updates are legitimate?
Digital signatures
True/False
If your software automatically updates itself, you can be 100% certain that the update is legitimate
False
It is possible for attackers to compromise the software itself and write their own updates, digitally signed by the legitimate company
The foundational computing platform for a computer is called
Operating system
True/False
Operating systems are remarkably simple, so they give little opportunity for security vulnerabilities
False
Operating systems are remarkably complex with many lines of code, so they have many opportunities for security vulnerabilities
4 best practices for updating your OS
Always update as soon as you can! It’s a race between you and attackers.
Test before deploying
Prepare for a reboot - save all data
Have a known-good backup
A type of attack where the attacker puts their own information into a data stream in an application
Code injection
What is the cause of enabling code injection?
Bad programming
A type of code injection that uses the most common relational database management system language
The attacker can put their own requests into an existing application
SQL injection (SQLi)
XSS stands for
Cross-site scripting
CSS stands for
Cascading style sheets
A type of attack where information from one website could be shared with another website
XSS