PM - Section 1.3 Threat Actors Flashcards
What is a Threat Actor?
Someone with malicious intent.
What are script kiddies?
- Someone who runs pre-made scripts without any knowledge if whats really happening.
- Typically external.
- Found scripts.
- Hunting for vulnerability for bragging rights.
What is a Hackivist?
Looking for specific data.
Funding is possible from crowd source.
How is organized crime a threat actor?
Moitivated by money and it’s very organized
- someone to hack
- someone to manage the exploits
- someone to sell the data
What is an APT?
Advanced Persistent Threat - Nation States - Governments.
Very sophisticated, massive resources and can perform constant attacks
How are insiders a threat actor?
They have access to everything and know what to hit.
How to competitors work as threat actors?
Might try
- DoS
- espionage
- harm reputation
What is PEN Testing?
A way to simulate an attack, where you actually to exploit the vulnerabilities, rather than just looking for them.
Often a compliance mandate by 3rd party.
Where do you get a list of all current threats?
National Institute of Standards and Technology (NIST)
National Vulnerability Database (NVD)
What is passive reconnaissance?
A way to gain information via open sources
- social media
- corporate website
- social engineering
- dumpster diving
What is active reconnaissance?
Try the doors and see if it locked.
- Ping scans, port scans
- DNS queries
- OS scans, OS fingerprinting
How do you exploit vulnerabilities with PEN testing?
Gain privilege escalation
- be careful not to cause a DoS
- try brute force
- database injections
- social engineering (test colleagues)
- buffer overflows
What is a white box testing?
Where the pen tester knows everything - OS, systems, network.
What is grey box testing?
A mix of black and white, the pen tester may get a subset of the different systems, but they still need to figure out what to focus on,
What is Metasploit?
A PEN testing software to exploit software.
