FCF - Module 2

Exploitation

Accesses system to leverage vulnerablities

Cyberwarriors

nationally motivated citizens that may act on behalf of a political party or against another political party that threatens them. They have the resources to launch a big attack.

Processing Threat Intelligence

1) Identify the most vital cyberthreats to stop 2) Assemble threat information from internal and external sources 3) Process the information 4) Analyze the information and look for indicators of Compromise (IoC) 5) Disseminate analysis and any new information 6) Implement lessons learned

Cyber Kill Chain

1) Reconnaissance 2) Weaponization 3) Delivery 4) Exploitation 5) Installation 6) Command and Control 7) Exfiltration

Vishing

A form of attack that takes places over Voice-Over-IP

Smishing

A form of phishing that uses SMS text messages to trick a victim into revealing information.

MITRE ATT&CK

A knowledge base and framework of different attack techniques to understand and defend against an attacker. https://attack.mitre.org/

The Hacktivist

An attacker who launches attacks as part of an activist movement or to further a cause.

The Cybercriminal

An individual who uses computers, networks, and the Internet to perpetrate crime or financial gain

Delivery

Attacker deliver payload to the target

Installation

Attacker establishes a foothold in the system

Exfiltration

Attacker extracts the data

Reconnaissance

Attacker gather information on the target

Command and Control

Establishes a communication between the attacker and the victim

Birthday Attack

Exploits a weakness that exists in some hashing algorithms.

Common Vulnerability Scoring System (CVSS)

Is a free and open industry standard for assessing computer system vulnerabilities

Attack Vector

Is a method used by a bad actor to illegally access or inhibit a network, system, or facility

Rootkit

Is a software used by bad actors to gain control over a targeted computer or network

The explorer

Is curious about the kinds of weaknesses that exist on computer networks and stives to find and exploit them. They don't really have malicious intent.

Attack Path

Is the chain of events hat occurs when attack vectors are exploited

What is a threat landscape?

Is the collection of threats in a given context or domain, this includes all known and possible threats to computer networks

Payload

Is the malicious code

What 3 components compose an attack vector?

Pathway, Vulnerability and Mechanism

What is a Bad actor?

Persons who try to steal, sabotage, or stop you from using computer systems or accessing information that you are authorized to use and that is stored on or in transit between computing devices

Which three requisite qualities must information have for it to be threat intelligence?

Relevant, Contextual and Actionable

DoS and DDoS

Service that attacks on servers or networks to deny service for all or specific users

The Cyberterrorist

Someone who uses the Internet or network to destroy or damage computers for political reasons.

Spear Phishing

Targets a specific group or individual using email with the intent of stealing confidential information

Weaponization

The attacker creates payload code that will enable access with exploit code that will use a vulnerability to execute on the target system