cybersecurity chapter 2 PART 1

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What are security researches and what is an example?

- people who specialize in finding vulnerabilities in software •Google's Project Zero is a great example of such practice. •Google formed a permanent team dedicated to finding software vulnerabilities.

Trojan horse

-A disguised malware -Trojans are found in image files, audio files or games. -It binds itself to non-executable files.

Hardware vulnerabilities

-introduced by hardware design flaws -specific to device models -more common in highly targeted attacks

Security vulnerability- Buffer overflow

-occurs when data is written beyond the limits of a buffer •Buffers are memory areas allocated to an application. •changing data beyond the boundaries of a buffer, application accesses memory allocated to other processes. •lead to a system crash, data compromise, or provide escalation of privileges.

Security vulnerability- Race conditions

-when the output of an event depends on ordered or timed outputs. -occurs when the required ordered or timed events do not occur in the correct order or proper timing

Who release patches and updates almost every day?

Microsoft, Apple, and other operating systems

What is an exploit?

a program written to take advantage of known vulnerability

What is an attack?

act of using exploit against a vulnerability

Types of malware

adware, spyware

What are security vulnerabilities?

any kind of software or hardware defect

How are software vulnerabilities introduced?

errors in the operating system or application code

Malware

malicious software -any code that can be used to steal data, bypass access controls, or cause harm to, or compromise a system.

What is the goal of software updates?

stay current and avoid exploitation of vulnerabilities

Man-In-The-Mobile(MitMo)

•A variation of man-in-middle, •Take control over a mobile device. •When infected, the mobile device can be instructed to exfiltrate user-sensitive information and send it to the attackers. •ZeuS, an example, allows attackers quietly to capture 2-step verification SMS messages sent to users.

Virus

•Attached to other executable files •Require end-user activation and/ or can activate at a specific time or date. •They can be harmless or they can be destructive •Viruses can also be programmed to mutate to avoid detection. •spread by USB drives, optical disks, network shares, or email.

Rootkits

•Create a backdoor. •Give access to the attackers to the computer remotely. •Take advantage of software vulnerabilities. •It modifies a system forensics and monitoring tools making them very hard to detect. •A computer infected by a rootkit must be wiped and reinstalled.

Security vulnerability- Weaknesses in security practices

•Do not attempt to create your own security algorithms because it will likely introduce vulnerabilities. •Use security libraries that have already created, tested, and verified.

Bot

•From the word robot. •Malicious bots are botnets. •Bots quietly wait for commands provided by the attacker. •Usually performs when it is online

Ransomware

•Hold a computer system or the data captive until a payment is made. •Works by encrypting data in the computer with a key unknown to the user. •Sometimes it can take advantage of a system vulnerability to lock down the system. It is spread by a downloaded file or some software vulnerability

Security vulnerability- Access-control problems

•Manage physical access to equipment •Dictates who has access to a resource •For example, no matter what you set a file's permissions to, the operating system cannot prevent reading the data directly off the disk. •To protect the machine and the data it contains, physical access must be restricted and encryption techniques must be used to protect data .

Scareware

•Persuade the user to take a specific action based on fear. •Forges pop-up windows that resemble operating system dialogue windows and messages. •These messages state that the system is at risk and needs a specific program to return to normal operation. •If the user agrees, his or her system will be infected with malware.

Security vulnerability- Non-validated input

•Programs often work with data input. •This data coming into the program could have malicious content •Consider a program that receives an image for processing. •A malicious user could craft an image file with invalid image dimensions. The maliciously crafted dimensions could force the program to allocate buffers of incorrect and unexpected sizes.

Example of hardware vulnerability

•RAM memory has capacitors installed very close to one another. Changes made to one of these capacitors could influence neighbor capacitors. Based on that design flaw, an exploit called Rowhammer was created.

Worms

•Replicate themselves. •Slow down networks. •Can run by themselves. •They spread very quickly over the network. •Responsible for some of the most devastating attacks on the Internet.

Man-In-The-Middle(MitM)

•Take control over a device without the user's knowledge. •attacker can capture user information before relaying it to its intended destination. •MitM attacks are widely used to steal financial information. •Many malware and techniques exist to provide attackers with MitM capabilities.

SYNful Knock-Cisco IOS

•allowed attackers to gain control of routers. •could monitor all network communication and had ability to infect other network devices. •vulnerability showed up when a new version of IOS was installed. •To avoid this, always verify the integrity of the downloaded IOS image (copy) and limit the physical access of the equipment to authorized personnel only.


Set pelajaran terkait

Chapter 7 - Social and Emotional Development in Infants and Toddlers

View Set

AP US Government and Politics Midterm

View Set

Types of Light Sources and Light Bulbs

View Set

A8 (Engine Performance, Tune Up) Questions

View Set

Line Interpretation and Basic Views

View Set

Lower Respiratory System Drugs(Exam3)

View Set