Threats, Vulnerabilities, Mitigation 1 Flashcards
How can you attribute threath actors?
- Internal/external
- Recources/funding
- Level of sophistication/capability
What are Message Based vectors?
- Message systems are one of the biggest threat vectors
- Email, SMS
- Often Phishing and Social Engineering attacks used
What are Image based vectors?
- Easier to disguise then text based
- Image formats: SVG, XML
- HTML Injection, Javascript attack code
What are File-based vectors?
For Example:
Adobe PDF
* File format can contain many other objects
ZIP/RAW Files
* Contains many different files
Microsoft Office
* Documents with macros
* Add-in files
What are Voice-Call vectors?
- Vishing
- Spam over IP (Large scale phone calls)
- Call tampering (Disrupting voice calls)
What are Removable device vectors?
- Get around firewall via USB interface
- Malicious software on USB flashdrive
- USB device acting as keyboard
- Data exfiltration
What are Vulnerable Software vectors?
Client Based
* Infected executables
* Known (or unknown) vulverabilities
Agentless
* No installed executables
* Compromised software on server could affect others
* Client runs new instance each time
What are Unsupported System vectors?
- Patching crucial since they are not patched
- Outdated operating systems
- Single systems could be entry
What are Unsecure network Vectors?
- Outdated security protocols (WEP, WPA, WPA2)
- Better uses 802.1.x protocol
- Via Bluetooth
What are Open service port vectors?
Most network-based services connects over TCP or UDP ports
* “Open” port
Every open port is opportunity for attacker
* Application vulnerability or misconfiguration
Every service needs port
* More services, more attack surface
Firewall Rules
* Must allow traffic to an open port
What are default credential vectors?
- Many devices have default usernames and passwords
- Right credentials provide full control
- Administrator access
What are Supply chain vectors?
- Tamper with underlying infrastructure or manufacturing process
- Suppliers, third parties
What are Human/social Engineering?
- Phishing
- Impersonating
- Watering Hole
- Misinformation
- Brand Impersonation