Information Assurance - 5 Flashcards
It allows attackers to insert malicious inputs into an application or relay malicious code through an application to another system.
INJECTION ATTACKS
- an open-source Expression Language (EL) for Java objects
- enables the evaluation of EL expressions in Apache Struts, which is the commonly used development framework for Java-based web applications in enterprise environments.
OGNL INJECTION
Injection is involved in four prevalent attack types
- OGNL injection,
- Expression Language Injection,
- command injection,
- SQL injection
has the ability to create or change executable code, it is also capable of introducing critical security flaws to any framework that uses it.
OGNL INJECTION
very serious server-side vulnerabilities, as they can lead to complete compromise of the application’s data and functionality, as well as the server that is hosting the application. Expression Language Injection attacks can also use the server as a platform for further attacks against other systems.
EXPRESSION LANGUAGE INJECTION
- the goal is to hijack a vulnerable application in order to execute arbitrary commands on the host operating system.
- made possible when an application passes unsafe user-supplied data (forms, cookies, HTTP headers, etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application.
COMMAND INJECTION
most often found in older, legacy code, such as CGI scripts. By identifying a critical vulnerability, attackers can insert malicious code in an application, gaining functionality and ultimately executing specific commands that infect the targeted user and system networks.
COMMAND INJECTION
attack consists of an insertion or injection of a SQL query via the input data from the client to the application.
SQL INJECTION
exploit can read sensitive data from the database, modify database data (viz., insert, update, or delete), execute administrative operations on the database
SQL INJECTION
a type of cyberattack conducted by a threat actor (or cyber spy) who accesses, steals, or exposes classified data or intellectual property (IP) with malicious intent, in order to gain an economic, political, or competitive advantage in a corporate or government setting.
CYBER ESPIONAGE
malicious theft of data, information, or intellectual property from and/or through computer systems
Cyber espionage
METHODS OF ESPIONAGE ATTACKS
- social engineering,
- malware distribution,
- advanced persistent threat (APT),
- watering hole attacks,
- spear phishing
TYPES OF ESPIONAGE ATTACKS
- ZERO-DAY EXPLOITS
- WATERING HOLE ATTACKS
- PHISHING ATTACKS
- ADVANCED PERSISTENT THREATS (APTS)
- SUPPLY CHAIN ATTACKS
Attackers may exploit previously unknown vulnerabilities (zero-days) in software or hardware to gain unauthorized access to systems for espionage purposes.
ZERO-DAY EXPLOITS
- long-term targeted attacks aimed at high-value targets, such as government agencies, defense contractors, or large corporations.
- These attacks often involve sophisticated techniques to gain persistent access to systems and exfiltrate sensitive data over an extended period.
ADVANCED PERSISTENT
THREATS (APTS)