1_6_1 Section 1 – Attacks, Threats, and Vulnerabilities - 1.6 – Vulnerabilities - Vulnerability Types

Questions and Answers

What is the goal of security researchers?

To find vulnerabilities before attackers do

What is a characteristic of a zero-day attack?

It is a type of attack that uses a previously unknown vulnerability

Why is it difficult to mitigate a zero-day attack?

Because it is very difficult to stop something that you had no idea existed

What is the motivation of attackers to find vulnerabilities?

To use them to attack networks or sell them to the highest bidder

What is hidden in the code of many applications?

A potential way for an attacker to get into your network

What is the goal of attackers when it comes to finding vulnerabilities?

To find them before security researchers do

What is the primary purpose of the CVE database?

To identify and document vulnerabilities

What is the result of leaving data open on the internet without security?

It makes it easy for anyone on the internet to access the data

What was the outcome of Verizon's misconfigured Amazon S3 data repository in 2017?

A researcher found the data and closed the hole before it was exploited

What can happen if an attacker gains access to an administrator or root account?

They will have full control over the operating system

Why should access to root or administrative accounts be closely monitored?

Because an attacker may have full control over the operating system

What can be a problem with error messages in applications?

They may show sensitive information that can be used against us

What was the outcome of the Patreon website error in 2015?

Attackers were able to access the debugger and transfer customer data

Why is it important to encrypt data?

To protect the data from being accessed or transferred

What is a common problem with cloud repositories?

They are often misconfigured and left open

Why should policies and procedures be in place for administrative accounts?

To prevent casual use of these accounts

What is the importance of using strong encryption protocols?

To ensure that data is well protected

What is the common purpose of AES and triple DES?

To encrypt data

What is the purpose of using hashes in encryption?

To verify data integrity

What is the purpose of using TLS protocol?

To encrypt data during transport

What is the problem with using encryption keys of 128 bits or smaller?

They are not secure enough

What is the purpose of capturing packets and analyzing them?

To determine if data is being sent in the clear

What is the consequence of not configuring applications to use secure protocols?

Data will be sent in the clear

What is the purpose of the Wall of Sheep at Defcon?

To display a list of applications that are sending data in the clear

What is the problem with default usernames and passwords on IoT devices?

They are not secure enough

What is the purpose of the Mirai botnet?

To take control of IoT devices

What is the primary concern with legacy systems?

They are running software that has reached end of life.

Why might a security administrator decide to keep legacy equipment on the network?

Because it is still necessary for a particular function.

What is one way to protect a legacy system that cannot be patched?

Add a firewall around the system.

What happens when software reaches end of life?

It is no longer supported by the vendor.

Why is it important to assess the advantages and disadvantages of keeping a legacy system on the network?

To determine the security risks and benefits of keeping the system.

What is the goal of adding security tools around a legacy system?

To keep the system as secure as possible.

Why do attackers modify software to control more IoT devices?

To gain unauthorized access to the devices

What is the purpose of opening ports on a server?

To allow communication between the server and applications

What is the main function of a firewall?

To control and manage traffic to the network

What is the purpose of auditing a firewall's rule base?

To ensure that all rules are up to date and correct

What is the main reason organizations release software updates?

To fix security vulnerabilities in the software

What type of systems are referred to as legacy systems?

Older systems that may be running outdated operating systems

What was the consequence of Equifax not patching their systems in 2017?

They suffered a massive data breach, resulting in fines and reputational damage

What is the role of a group of people who test patches in an organization?

To test patches to ensure they operate properly in the environment

What is the purpose of patching a system?

To fix security vulnerabilities and keep the system up to date

What can happen if patches are not kept up to date?

The system may be vulnerable to attacks and breaches

Study Notes

Common Vulnerabilities and Exposures (CVE)

• CVE is a database of common vulnerabilities and exposures, located at cve.mitre.org.
• It serves as a resource to stay up-to-date on the latest vulnerabilities.

Open Permissions Problem

• An open permissions problem occurs when information is put on the internet without applying security, allowing anyone to access it.
• This is becoming more common as data is increasingly stored in the cloud.
• Example: Verizon's 2017 exposure of 14 million records due to misconfigured Amazon S3 data repository.

Administrator Accounts

• Leaving administrator accounts open can allow attackers to gain full control over an operating system.
• Proper security and policies should be in place to prevent casual use of administrator accounts.

Error Messages

• Error messages can reveal sensitive information, such as service and application details, version information, and debug information.
• Example: Patreon's 2015 error message vulnerability allowed attackers to execute code on their web server.

Encryption

• Encrypting data is essential, but it's not enough; encryption protocols and keys must be strong and up-to-date.
• Examples of strong encryption protocols include AES and triple DES.
• Wireless encryption protocols should also be kept up-to-date.

Legacy Systems

• Legacy systems, including devices with default usernames and passwords, can be vulnerable to attacks like the Mirai botnet.
• These systems may be running outdated software with known vulnerabilities.
• A security administrator must weigh the advantages and disadvantages of keeping these systems on the network.

Vulnerabilities and Zero-Day Attacks

• There are hidden vulnerabilities in software that attackers or security researchers can discover and exploit.
• A zero-day attack occurs when an unknown vulnerability is exploited, and it's difficult to mitigate.

Firewalls and Network Security

• Firewalls are used to manage traffic flow and keep bad actors out, but rule sets can become complex and unwieldy.
• Regular audits are necessary to ensure the rule base is up-to-date and correct.

Patching and Updates

• Patches are released to address security vulnerabilities, and organizations should prioritize keeping systems up-to-date.
• Example: Equifax's 2017 data breach due to an unpatched Apache Struts vulnerability.

Legacy Devices and IoT

• Legacy devices and IoT devices can be vulnerable to attacks if not properly secured.
• A transition plan is necessary to remove legacy software and replace it with more secure alternatives.