All Types of Attacks and Defenses Flashcards
filename=../../../../../etc/passwd
what is this attack and what is the best defense for the attack
A directory traversal attack, also known as path traversal attack, occurs when an attacker exploits a vulnerability in a web application to access files and directories outside of the intended directory.
–best defense is proper input validation
Application attack that is freely available on the internet and exploit vulnerabilities in various operating systems enabling attackers to elevate privilege.
Rootkit (escalation of privilege)
–keep security patches up to date
–anti malware software
–edr/xdr
Undocumented command sequences that allow individuals with knowledge of the ____ to bypass normal access restrictions.
–often used in development and debugging
Backdoor
–countermeasures: firewalls, anti-malware, network monitoring, code review
type of virus-ransomware that encrypts files stored on a computer or mobile device in order to extort money
-back up computer
-store backups separately
-file auto versioning
Ransomware
Type of virus that is a nuisance that results in wasted resources. Used to “spread through email from a friend” but have changed with social media.
Virus Hoaxes
malicious code objects that infect a system and lie dormant until triggered by the occurrence of one or more conditions, such as time program launch, website login
logic bomb
Type of virus that is a software program that appears good and harmless but carries a malicious, hidden payload that has the potential to wreak havoc on a system or network
Trojan horse
–best defenses—only allow software from trusted sources
–dont let users install software
a type of malware that spreads copies of itself from computer to computer,
replicating itself without human interaction.
Worm
a program that may be an unwanted app, often delivered alongside a program
the user wants. PUPs include spyware, adware, and dialers
Potentially Unwanted Program (PUP)
type of malware Designed to log keystrokes, creating records of everything you type on a
computer or mobile keyboard.
Keylogger
Malware designed to obtain information about an individual, system, or
organization.
spyware
a type of malicious software that does not rely on virus
laden files to infect a
host. Instead, it exploits applications that are commonly used for legitimate
and justified activity to execute malicious code in resident memory.
Fileless Virus
a computer controlled by an attacker or cybercriminal which is used to send
commands to systems compromised by malware and receive stolen data
from a target network.
Command and Control
a malware program that gives an intruder administrative control over a
target computer.
Remote Access Trojan (RAT)
Use programs with built in dictionaries.
They attempt all dictionary words to try and find the
correct password, in the hope that a user would have
used a standard dictionary word.
Dictionary Attacks
–countermeasures:
MFA, biometrics, limit number of attempts, force reset after too many attempts
Attacker tries a password against many different
accounts to avoid lockouts that typically come when
brute forcing a single account.
Succeeds when admin or application sets a default
password for new users.
Password Spraying (brute force)
–countermeasures:
MFA, CAPTCHA, password change on first login
Attempts to randomly find the correct cryptographic key
attempting all possible combinations (trial and error)
Password complexity and attacker resources will determine
effectiveness of this attack.
Brute Force Attack
—Countermeasures:
cryptographic salts, CAPTCHA, throttling rate of repeated logins, IP blocklists
which contain precomputed values of cryptographic hashfunctions to identify commonly used passwords
Rainbow Tables
is random data that is used as an additional input to a one way function that hashes data, a password or passphrase.
Salt
–adding salts to the password before hashing them reduces effectiveness of rainbow table attacks
MFA (something you know, have, are) prevents these attacks
-Phishing
-Spear Phishing
-Keyloggers
-Credential Stuffing
-Brute and reverse brute force attacks
-MITM attacks
a collection of compromised computing devices (often called bots or zombies).
Botnet
criminal who uses a command
and control server
to remotely control the zombies
often use the botnet to launch attacks on other
systems, or to send spam or phishing emails
Bot Herder
Focuses on accomplishing “smart” tasks
combining machine learning and deep
learning to emulate human intelligence
Artificial Intelligence
A subset of
AI, computer algorithms that
improve automatically through experience
and the use of data.
Machine Learning (ML)