Privilege Escalation in Cybersecurity

Questions and Answers

What type of person might have restricted access to grounds, network, or system?

IT manager

System administrator

Service technician, pizza delivery driver, or security guard (correct)

Authorized personnel

What is the primary goal of dumpster diving?

To find medical records, resumes, and personal information (correct)

To recycle paper and reduce waste

To find valuable items to sell

To improve security measures

What is the main purpose of shoulder surfing?

To observe people's behaviors

To provide technical support

To steal sensitive data by watching over the shoulder (correct)

To improve network security

What is the main difference between phishing attacks and baiting?

Baiting offers free items, while phishing attacks ask for login credentials

How often should users receive social engineering attack training?

Bi-annually

Why should users avoid opening emails in the spam folder?

They may contain malware

What is the goal of malicious emails with password-protected archives?

To encourage users to open malicious attachments

What is the weakest link in social engineering attacks?

Humans

What is the purpose of training users about social engineering attacks?

To make users aware of the latest attacks

What is the goal of baiters who offer free music or movie downloads?

To compromise users' security

Study Notes

Privilege Escalation

• Begins by stealing one user's account, then attempting to gain elevated access to other resources
• Can use transitive attacks to gain additional access, exploiting permissions on one system to access another
• Insider threats, such as members of an organization's staff, can also use privilege escalation attacks

Zero-Day Attacks

• Occur before a vulnerability is announced or fixed
• No patch is available for a zero-day exploit when it occurs
• Can quickly compromise hundreds or thousands of systems
• Examples of zero-day libraries include the Zero-Day Vulnerability Database (zero-day.cz)

Identifying Types of Cyber Attacks

• Types of cyber attacks include:
  • Client-side Attacks
  • Web Attacks
  • Network Attacks
  • Wireless Attacks
  • Social Engineering Attacks

Web Attacks

• Common attacks include:
  • Cross-Site Scripting (XSS)
  • SQL Injection
• XSS exploits web application vulnerabilities, injecting scripts into webpages served to visitors
• SQL Injection is a common attack against web applications, injecting Structured Query Language (SQL) instructions into an application's input

Network Attacks

• Attacks that occur on the network during transmission of data
• Types of attacks include:
  • Spoofing
  • Packet Sniffing
  • Man-in-the-middle (MITM)
  • Denial of Service Attacks

Spoofing

• Providing false information on a network, such as email spoofing
• Can be used to gain restricted access to a system or network

Social Engineering

• Includes attacks such as:
  • Dumpster Diving (looking for sensitive information in trash)
  • Shoulder Surfing (watching someone enter sensitive data)
  • Baiting (offering free items or goods in exchange for login credentials)

Dealing with Social Engineering Attacks

• Do not open emails from unknown sources or attachments from unknown origin
• Train humans to be aware of the latest attacks through bi-annual training sessions
• Recognize and avoid malicious emails with password-protected archives

Description

Learn about privilege escalation attacks, where an attacker gains elevated access to resources by exploiting existing privileges. This includes transitive attacks, where access to one system is used to gain access to another trusted system.