LP - Threat Actors & Vectors Flashcards
MaaS stands for
Malware as a Service
APT stands for
Advanced persistent threats
What is the phishing variant whaling?
It is a spear phishing attack against high-level and highly privileged employees
What is the phishing variant smishing?
It uses various text messing formats to communicate
What is the phishing variant vishing?
It uses VoIP or phone as the hoax vector
XSS Variant DOM (document object model) -based is also called
local XSS or type 0
XSS DOM-base involve insecurely written
HTML pages or the end users system or local gadets and widgets
What are Shellcode?
A small stub of code used as a payload
DLL stands for
Dynamic link library
What is a DLL?
a shared library of functions that multiple programs can access
What is a process?
It is an instance of a program being executed
What is a thread?
It is a small sequence of instructions or a component of a process
What does a VirtualAllocEx do?
It reserves or changes a region of memory
Shellcode injects malicious code into a running
application of powershell
What is process hollowing?
It starts a legitimate process whose sole purpose is to be a container for malicious code.
What is a Reflective DLL injection?
contents of a rogue DLL are injected into memory.
Reflected XSS is also called
Non-persistent or type 1
Reflected XSS is a input
trust vulnerability, it is when the the attacker sends something the developer did not expect
Stored XSS is also called
Persistent or Type 2
In stores XSS the web server persists with the
input
CSRF/XSRF stands for
Cross-site request forgery
CSRF attacks force an end user to
perform undesirable actions in a web application in which they are authenticated
RCE stands for
remote code execution
RCE allows for some firmware to be
remotely reprogrammed
RCE (remote code execution) is also called
field programmable gate arrays
Hypervisors manage the
recources and interaction between the VM’s and the hardware
Type I (bare metal) hypervisors
run directly on the underlying hardware
Type II (hosted) runs on the
Installed OS
VM sprawl is have
no centralised control of the hypervisors and virtual machines
VM hopping is when administrators do not enforce the
partitioning of guests
VM escape is
when guest access the underlying hypervisior or hardware
Hyperjacking is when a privileged insider installs
malware
CSA stands for the
Cloud Security alliance
CSA Trecherous 12
- Data breaches
- Weak identity, credential and access management
- Insecure APIs
- System and application vulnerabilities
- Account hijacking
- Malicious insiders
- Advanced persistent threats (APTs)
- Data Loss
- Insufficient due diligence
- Abuse and nefarious use of cloud services
- Denial of service
- Shared technology vulnerabilities
Mobile Device vulnerabilities what is - side loading
install an app not from the official app store
Mobile Device vulnerabilities what is - Jailbreaking
mainly iPhone, is the act of exploiting a flaw of a locked-down device
EMM stands for
Enterprise Mobility Management
MDM stands for
Mobile device management
MAM stands for
Mobile application management
BEC stands for
business email compromise
