Cybersecurity H Unit 2

Security Vulnerability

Any type of hardware or software defect that malicious users attempt to exploit.

Exploit

A program written to take advantage of a known security vulnerability.

Cyberattack

The act of using an exploit against a vulnerability with the goal of breaking into the target system.

Software Vulnerabilities

Usually caused by errors in operating system or application code.

Security Patches and Updates

Released by operating system and application producers to avoid exploitation of vulnerabilities.

Project Zero

Created by Google, this is an example of a third-party permanent team of researchers that is dedicated to finding software vulnerabilities.

Hardware Vulnerabilities

Security weaknesses caused by design flaws in computer devices and components. They are usually limited to specific device models and are commonly exploited through targeted attacks.

Buffer Overflow

A software vulnerability that occurs when data is written beyond the limits of memory areas that are allocated to an application. This vulnerability can cause an application to access memory that is allocate to other processes.

Non-Validated Input

A vulnerability in which data supplied to a program by a user or exploit causes the application to behave in an unintended way.

Race Conditions

A vulnerability that occurs when an ordered or times set of processes is disrupted or altered by an exploit.

Access-Control Problems

Improper use of practices that manage physical control of equipment, data, or applications.

Malware

Any computer code that can be used to steal data, bypass access controls, or harm or compromise a system.

Spyware

Malware designed to track the actions of users and capture data.

Adware

Software that automatically delivers advertisements. Some types contain spyware.

Bot

Malware designed to automatically perform actions over the internet.

Ransomware

A type of malware that holds a computer system captive, frequently by encrypting essential data, until a payment is made to the attacker.

Rootkit

Malware designed to modify operating systems to allow unauthorized remote access through a backdoor. Rootkits can modify user privileges, system files and system forensics and monitoring tools, which makes them extremely difficult to detect and remove.

Virus

Malicious executable code that can be attached to legitimate programs. Viruses usually require end user activation and can be relatively harmless or very destructive. They frequently spread by USB drives, optical media, network shares, or email.

Trojan Horse

Malware that carries out malicious operations while appearing to have a desired function. They are included in non-executable files, unlike viruses, which are executable.

Worms

Malware in the form of malicious code that replicated itself independently by exploiting vulnerabilities in networks. They spread very rapidly over a network because they run by themselves. All share similar patterns including an enabling vulnerability, a way to propagate themselves, and a payload.

Man-In-The-Middle (MitM)

A technique in which an attacker can take control of a device without the owner’s knowledge. The attacker can intercept and capture information that passes through the device on its way to another destination.

Man-In-The-Mobile (MitMO)

An attach that is a variation of (MitM). A mobile device is infected with malware that takes control of the device and causes it to forward sensitive information to attackers.

Social Engineering

A way of gaining access to resources that manipulated individuals into performing actions of divulging confidential information. Attackers attempt to exploit our willingness to help or exploit our weaknesses.

Pretexting

A type of social engineering attack in which an individual lies in order to gain access to privileged information.

Tailgating

A type of social engineering attack in which an attacker follows an authorized person into a secure location.

Something for Something

A type of social engineering attach in which an attacker requests personal information in exchange for something such as a free gift.

Wi-Fi Password Cracking

The act of discovering a password that is used to protect a wireless network.

Brute-Force Attacks

The use of a software program to challenge a password repeatedly with all the possible values that could be used for a password, or with a list of words that are commonly used in passwords. Complex passwords are much more difficult to guess.

Network Sniffing

The use of software to capture packets on a wireless network. Unencrypted passwords can be captured and used in an attack, and encrypted passwords could be cracked with a software tool.

Phishing

Use of a generic fraudulent email that appears to be send by a legitimate source. The email tricks people into installing malware or sharing confidential information.

Spear Phishing

A highly targeted attack in which emails that appear to be sent from a legitimate source are customized for specific persons. An attackers researches the interests of the target in order to create an email that tricks that specific person.

Vulnerability Exploitation

The use of various methods, including software tools or social engineering, to gain information about a system. This attacker uses this information to find weaknesses that exist in that specific system.

Advanced Persistent Threat (APT)

A multi-phase, long term, stealthy, and advanced attack against a specific target. APTs are complex and require a high level of skill, so the attacks are usually well-funded and target organizations or nations for business or political reasons. They usually involve network-based espionage that uses malware that is undetected on the target systems.

Whois

A public internet database that contains information about Internet domain names and the people or organizations that registered the domains. It is a source of information that can be used to exploit system vulnerabilities..

nmap

A popular port scanning tool that can be used to discover vulnerabilities in networked systems.

Denial-of-Service (DoS)

An attack that interrupts network services to user, devices, or applications.

Overwhelming Quantity of Traffic

A DoS attack in which an enormous number of packets are sent to a network at a rate that the network systems cannot handle. This results in a slowdown of network transmission or response, or the crash of a device or service.

Maliciously Formatted Packets

The use of network data structures that have been created to disrupt the operation of network devices.

Distributed Denial-of-Service (DDoS)

The use of multiple distributed systems to send data that disrupts services provided by networks and network devices.

Botnet

A network of distributed infected hosts that is used to launch a DDoS attack.

Search Engine Optimization (SEO) Poisoning

The manipulation of the ranking of a malicious website in order to attract users to the site so that malicious code will be distributed or social engineering can be used to gather confidential information.

Blended Attack

The use of multiple techniques to compromise a target.

Impact Reduction

The use of techniques to limit the damage caused by a successful attack. These techniques included ways of communicating about the attack to employees and clients, investigation of the attack, and measures to prevent future attacks.