1.2 Compare and contrast types of attacks.

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Downgrade Attack

An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.

Smurf Attack

An attack that broadcasts a ping request to computers yet changes the address so that all responses are sent to the victim.

WPS Attack

Wi-Fi Protected Setup (WPS) is a wireless security standard meant for easy wifi configuration. Unfortunately, the 8-digit PIN used is susceptible to brute force attacks. Once an attacker has the PIN, they can get the WPA/WPA2 passphrase and gain access to the network.

Weak implementations

developers who try to create their own cryptographic methods, or who poorly implement other, existing methods.

ARP

helps translate between IP addresses and MAC addresses of devices.

Bluesnarfing

involves stealing information from a bluetooth connection (instead of sending unwanted information).

Collision Attack

An attempt to find two input strings of a hash function that produce the same hash result.

Pass the Hash

Websites do (or should) use hashed passwords and not passwords in plaintext. If a hacker can capture the hashed value, they might be able to use that to authenticate without ever knowing the password.

Whaling

Whaling refers to a phishing attack that specifically targets "high-value" persons, like CEOs.

Dumpster Diving

What could you find when dumpster diving? Personal information, IDs, passwords, company info (that would make the attacker seem more plausible), etc. They might also find hardware or other equipment that could be reverse engineered.

Social Engineering: Consensus

-People are often more willing to like something that other people like. -attackers take advantage of this by creating web sites with fake testimonials that promote a product. For example, criminals have set up some web sites with dozens of testimonials listing all the benefits of their fake antivirus software (rogueware)

URL Hijacking and Typo Squatting

-Redirecting a user to a fictitious website based on a misspelling of the URL. Also called typo squatting. -Buying a domain similar to one that's legitimate\ Done to host malicious code, earn ad revenue, or resell the domain to the legitimate one

Amplification

-Significantly increases the amount of traffic sent to, or requested from, a user. ex. smurf attack

Hoaxes

-a message that tells of impending doom from a virus or other security threat that doesn't exist. -often wants users to delete files from their computer to get rid of the threat

DDoS

-a type of attack where multiple virus-infected computers are used to target a single system, overwhelming it with traffic, rendering it useless or unresponsive -Attacks from botnets

ARP Poisoning

-an attack that convinces the network that the attacker's MAC address is the one associated with an allowed address so that traffic is wrongly sent to the attacker's machine

Rogue AP Attack

A rogue access point is similar to the evil twin one. An attacker can use a rogue AP to get users to connect, enter credentials, etc. From here, MitM and other attacks can occur. My understanding is that the difference between evil twin and rogue AP attacks is that an evil twin AP is made to look legitimate.

Evil Twin Attack

A wireless network with the same name as another wireless access point. Users unknowingly connect to the evil twin; hackers monitor the traffic looking for useful information. By using an access point with higher-gain antennas, devices will attach to that AP, as it will be the "better" connection option. From here, man-in-the-middle or denial-of-service attacks can occur.

Zero Days

A zero day is a vulnerability for which there's no previous knowledge, aside from the hacker or vendor.

MITB

-hacker sends a Trojan to intercept browser calls. Trojan sits between browser and libraries, allowing hacker to watch and interact within a browser session

Known Plaintext/Ciphertext

If an attacker has access to both plaintext and ciphertext copies of a message, they can (probably?) reverse engineer the encryption and decrypt other messages, too.

Social Engineering: Intimidation

Intimidation can go hand-in-hand with authority. It can range from very subtle to very direct

MAC Spoofing

MAC spoofing refers to changing a MAC address to bypass security checks that are looking for a specific MAC address.

Social Engineering: Authority

Many people have grown up to respect authority and are more likely to comply when a person of authority says to do so.

Privilege Escalation

Privilege escalation refers to starting an ordinary privilege level and working your way up to root or admin level. This can be done by stealing credentials (possibly left in plaintext somewhere). This can also be done in conjunction with other attacks on processes running with elevated privileges.

Rainbow Tables

Rainbow tables are precomputed lookup tables of hash values for a given password. Fastest way to guess a password

Replay

Replay attacks occur when an attacker captures some communication between two parties, and then re-transmits it later. This might get them authenticated, or repeat a transaction.

Shimming

Shimming refers to putting another layer of code between the driver and OS. This can be a way for developers to make future improvements easier. Changes the drivers behavior

Buffer overflow

A buffer overflow is where an input buffer is overwritten with more data than that buffer can hold. As a result, the user input spills into other parts of memory. This allows attackers to crash the program, or overwrite values.

Dictionary Attack

A dictionary will have a lot of possible passwords, which then might be combined or altered ("secret" => "s3cr3t") to generate passwords to try.

XSRF or CSRF

is "an attack that forces an end-user to execute unwanted actions on a web application in which they're currently authenticated."

NFC

is a wireless protocol that lets devices talk over a very short range (~4 inches). This has become more popular in mobile payment systems (the "tap to pay" thing). -Done through eavesdropping and the use of antennas to intercept the data between 2 devices

Phishing

phishing occurs when an attacker tries to obtain sensitive information from users by pretending to be a trusted entity. This can be in the form of an email, text-message, etc. Phishing often directs users to a reputable-looking (fake) copy of a website. The user then enters their credentials, which are stolen by the attacker, who owns the fake website.

Impersonation

pretending to be somebody else. In this case, we're talking specifically about pretending to be someone known to the victim, like their boss, or IT.

Spear Phishing

targets a specific group of people. While there are fewer potential victims, this method may be more successful because it looks less suspicious.

Bluejacking

which means sending unauthorized messages to a Bluetooth-enabled device.

Social Engineering: Urgency

This needs to happen quickly. Don't even think about it. Just provide this information right now so that we can solve this problem.

RFID Attack

This stands for radio frequency identification. RFID tags can either be active or passive. Active tags have their own power source, whereas passive tags are powered by (nearby) RF fields The radio frequencies in use are publicly known, so eavesdropping and replay attacks aren't that difficult. Anything that needs to be tracked (Inventory, Animals)

Vishing

Vishing is a type of phishing that uses voice communication. People are more trusting of a stranger over the phone than over email. Unfortunately, this trust can be exploited. It doesn't help that attackers can spoof calls using Voice over IP technology.

Watering Hole Attack

Water hole attacks involve infecting a target website with malware. When they visit the site, their computer will also be affected with malware.

Brute Force Attack

Brute force attacks try all possible password combinations. If you're trying this "online" (connected to the victim), then it's more likely that you'll get caught due to excessive traffic. If you do it "offline" (meaning you've stolen a copy of what you're trying to crack), detection and bandwidth is less of an issue.

Clickjacking

Clickjacking is where elements on the website result in a the user clicking something they didn't want to. This might be a translucent overlay, for example.

IP Address Spoofing

Creating Internet Protocol packets with a forged IP address to hide the sender's identity or to impersonate another computer system.

DNS Poisoning

DNS poisoning or spoofing is where you (similar to ARP poisoning) change a DNS record. This results in wrongly diverted traffic.

Disassociation Attack

Disassociation attacks mean disconnecting (or dissociating) a device from the network.

Domain Hijacking

Domain hijacking is the (unauthorized) act of changing a domain name's registration.

Spoofing

Spoofing refers to making something look like it has come from a different source. This usually means impersonating a well-known, reputable or authenticated source.

Tailgating

Tailgating means following closely behind a person who has used their own access card to get into a room or building.

Bluebugging

Taking control of a phone to make calls, send text messages, listen to calls, or read text messages.

Social Engineering: Familiarity

They become your friend. They talk about things that you like, and by doing that, they make you familiar with them on the phone and make you want to do things for them.

MITM

They occur when an attacker places himself (or herself) between two hosts that are communicating. This allows the attacker to observe all traffic, including modifying or blocking traffic. The attacker then forwards the traffic to the intended recipient, and they are none the wiser.

Social Engineering: Scarcity

-People are often encouraged to take action when they think there is a limited quantity. -Attackers can take advantage of this and encourage users to click a link for exclusive access to a new product.

Dos

-An attack on a computer resource that prevents it from performing its normal operations, usually by overwhelming it with large numbers of requests in an effort to monopolize its resources. -One attacker against one target

IV attack

-Attempts to discover the pre-shared key from the IV -Successful when an encryption system reuses the same IV -Uses packet injection to add more packets into the data stream. AP responds with more packets, increasing the chance that the IV will reuse a key -WEP should never be used since it is vulnerable to these attacks

XSS

Cross-site scripting (XSS) is where an attacker can include a script in their input. The injected script might be immediately executed by the backend but not persisted, making it a non-persistent XSS attack. It could be stored on the backend and then used against others later (making it a persistent attack).

Wireless Replay Attack

Essentially, you record traffic between endpoints and the wireless access point (you could do this with Bluetooth, etc. as well). Then you can replay those messages to authenticate, execute a transaction, etc.

Jamming Attack

Jamming refers to blocking wireless or radio signals and causing denial of service.

Injection

Like the buffer overflow attack, injection vulnerabilities are the result of poor or no input validation. Injection means that an attacker can provide input that is interpreted/executed by an application to malicious ends.

Social Engineering: Trust

Make them feel like they are doing the right thing

Refactored

Refactoring is another legitimate software development process. It means to restructure existing code without changing the overall behavior (so the OS and user won't notice a difference).

Birthday Attack

This is named after the "birthday paradox," which describes the high (50%) probability that two individuals (in a group of 23 or more) will share a birthday.

Session Hijacking

This is where an attacker takes over an existing session between a client and server. Since the user (likely) already authenticated, the attacker can carry on with full privileges once the attack is complete.

Shoulder Surfing

This is where the attacker can watch the victim enter in credentials, a keycode, etc. This can happen while the attacker is physically present and nearby. It can also happen through security cameras, binoculars, etc.


Ensembles d'études connexes

Chapter 6: Restraint and Handling of (Large) Animals

View Set

Disseminated Intravascular Coagulation (DIC) Practice Questions (Test #4, Fall 2020)

View Set