CSEC 280 Module 01

Threat

The potential occurrence of an undesirable event that can eventually damage and disrupt the operational and functional activities of an organization

Threat Vector

Is a medium through which an attacker gains access to a system by exploiting identified vulnerabilities

Malware

Is a malicious software that damages or disables computer systems and give limited or full control of the system to the malware creator for the purpose of theft or fraud

Trojan

A program where malicious or harmful code is contained within an apparently harmless program or data, which later can cause damage

Virus

A self-replicating program that produces its own copy by attaching itself to another program, computer boot sector, or document

Ransomware

Restricts access to the computers system's file and folders. Attacker will demand an online ransom payment

Computer Worm

Independently replicate, execute, and spread across a network

Rootkit

Program that hides in a computer and allows someone from a remote location to take full control of the computer

Potentially Unwanted Application (PUAs)

Harmful applications that may pose severe risks to the security and privacy of data stored in the system where they are installed

Adware

A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

Spyware

A stealthy program that records the user's interaction with the computer and the Internet without the user's knowledge and sends the information to remote attackers

Keylogger

A small hardware device or a program that monitors seach keystroke a user types on the computer's keyboard.

Botnet

A collection of compromised computers under the control of a master node

Fileless Malware

A type of malicious software that uses legitimate programs to infect a computer. It does not rely on files and leaves no footprint, making it challenging to detect and remove.

Divergent

A type of fileless malware that depends mostly on the registry for the execution and storage configuration data

Vulnerability

Refers to the existence of weakness in an asset that can be exploited by threat agents

Risk

Refers to the potential loss or damage that can occur when a threat to an asset exists in the presence of a vulnerability that can be exploited

Misconfigurations

Most common vulnerability and is mainly caused by human error

Default Installations

Failing to change the default while deploying the software or hardware allows the attacker to guess the settings to break into the system

Application Flaws

Vulnerabilities in applications that are exploited by the attackers

Poor Patch Mangement

When a system properly doesn't install patches

Patch

A small piece of software designed to fix problems

Design Flaws

Logical flaws in the functionality of the system that attackers exploit to bypass the detection mechanism and acquire access to a secure system

Operation System Flaws

Vulnerabilities in the operating system

Zero-Day Vulnerabilities

Exploited by attackers before being acknowledged and patched by the software developers or security analyests

Legal Platform Vulnerabilities

Caused by obsolete or familiar code. Not supported when patching technical assets

System Sprawl

Arises in an organizational network because of an increased number of system or server connections without proper documentation or an understanding of their maintenance

Improper Certificate & Key Management

Allows the attackers to perform password cracking and data exfiltration attacks

Third Party Risks

Vulnerabilities that arise from dependencies in business relationships with suppliers and customers.