Chapt 2 threat types Flashcards
Vulnerability
A weakness that could be triggered accidentally or exploited intentionally to cause a security breach.
Threat
A potential for an entity to exercise a vulnerability (that is, to breach security).
Risk
Likelihood and impact (or consequence) of a threat actor exercising a vulnerability.
Shadow IT
Computer hardware, software, or services used on a private network without authorization from the system owner.
Threat Vector
A path or means by which a threat can gain access to a target.
Example: An email phishing campaign that targets employees to steal their login credentials.
Attack Vector
A specific path or method used by an attacker to carry out an attack.
Example: Using a vulnerability in a web application to execute a SQL injection attack and gain access to a database.
Unsupported Systems
An unsupported system is one where its vendor no longer develops updates and patches. vulnerable software will be exposed as a threat vector
An exploit technique for any given software vulnerability can be classed as either remote or local meaning?
Remote Exploit: Can be executed over a network without authentication.
Example: An attacker sends malicious packets to a web server to exploit a buffer overflow vulnerability, gaining control of the server.
Local Exploit: Requires an authenticated session or valid credentials to execute.
Example: An attacker gains access to a computer by logging in with stolen credentials and then exploits a privilege escalation vulnerability to gain administrative rights.
Lure
An attack type that will entice a victim into using or opening a removable device,
Supplier (B2B)
obtains products directly from a manufacturer to sell in bulk to other businesses. This type of trade is referred to as business to business (B2B).
Vendor B2B & B2C
obtains products from suppliers to sell to retail businesses (B2B) or directly to customers (B2C). A vendor might add some level of customization and direct support.
OEM
Original Equipment Manufacturers-
are companies that produce parts or equipment that may be marketed by another manufacturer
MSP
Managed Service Providers-
companies that offer a range of IT services to businesses, allowing them to outsource their IT needs
Pharming
attack is one that redirects users from a legitimate website to a malicious one.
Typosquatting
means that the threat actor registers a domain name very similar to a real one, such as exannple.com
business email compromise
An impersonation attack in which the attacker gains control of an employee’s account and uses it to convince other employees to perform fraudulent actions.
Watering Hole Attack
An attack where cybercriminals compromise a legitimate website that is commonly visited by a target group, infecting it with malware to capture sensitive information or gain unauthorized access.
For example, staff running an international e-commerce site might use a local pizza delivery firm. A threat actor might discover this fact through social engineering or other reconnaissance of the target. An attacker can compromise the pizza delivery firm’s website so that it runs exploit code on visitors. They may be able to infect the computers of the e-commerce company’s employees and penetrate the e-commerce company systems.
Attack Surface
The attack surface is all the points at which a malicious threat actor could try to exploit a vulnerability.