Threats, Vulnerabilities, Mitigation 3 Flashcards
What is EOL / EOSL?
End of Life
* Manufacturer stops selling product
* May continue supporting the product
End of Service Life
* Manufacturer stops selling product
* Support no linger available for products
* no ongoing patches / updates
What are VM vulnerabilites?
Protection of virtualized environments
* VM´s, Virtual Networks, Cloud Infrastructures
Virtualization Vulnerabilities:
* Local Priviliege Escalation
* Command Injection
* Information Disclosure
Hypervisor:
* Manages Relationship between physical and virtual resource
* RAM, storage space, CPU availability
Resource use
* Resources like memory can be reused between VM´s
* Data can be shared between VM´s due to simultanious use of RAM
What are cloud specific Attacks?
- DoS
- Authentication Bypass
- Directory Traversal
- Remote Code Execution
What are cloud application Attacks?
-
Increase of web application attacks
Log4j and Spring Cloud Function - XSS
-
Out of Bounds write
Write to unauthorized Memory areas
Data corruption, crashing or code execution - SQL Injection
What are Misconfiguration Vulnerabilities?
- Open / unsecure Permissions leaving Data exposed
- Unsecured Admin Accounts
- Use of Insecure Protocols
- Unencrypted: FTP, SMTP, IMAP, Telnet
- Unchanged Default settings
- Services leave ports open
- Firewall misconfigured
Explain Mobile Device Security risks
Jailbreaking / Rooting
* Gaining Access to OS of device
* IOS - jailbreaking
* Android - Rooting
* Installation of custom Firmware
Sideloading
* Installing or running application on a device from sources other then official app store
What categories of Malware are there?
- Viruses
- Worms
- Trojan Horses
- Rootkit
- Spyware
- Bloatware
- Logic Bomb
What is a Virus and what Types are there?
- Malware that reproduces itself
- Reproduction through file system or network
- Spread by running programm
Program Virus
Part of The Application
Boot sector Virus
Infects master boot record or boot sector of mostly Hard Drive
Script Virus
OS / Browser based
Macro Viruses
Common in Microsoft Office
Macros: Set of commands that automate tasks
What is a Fileless Virus?
Stealth Attack
* Avoids often Anti-Virus
Operates in Memory
* Never installed in file or application
Often adds Auto start to registry to restart once system is rebooted
What is a worm?
- Self-replicates itself without intervention
- Uses Network as transmission medium
- Self-propagates and spreads quickly
What is Bloatware?
- Apps installed by manufacturer
- Use valuable space and could be entry for attacks