Term
| Areas where vulnerabilities and associated impacts are assessed |
|
Definition
Understanding where vulnerabilities exist in:
-Hardware, Software, Networking
-Configuration Errors
-Business Process
-Architectural and Unplanned Growth |
|
|
Term
|
Definition
Two or more routine programming calls in an application do not perform in the sequential manner that was intended.
-Authentication: Causes application to fail leaving trust assigned to untrusted entity
-Integrity: Malicious code may be inserted
-Confidentiality: Data compromised, information disclosure |
|
|
Term
|
Definition
A race condition where attacker gains access prior to an authentication check
-Admin action to address the intrusion such as resetting passwords, but attacker remains logged in with old credentials
-Attacker inserts code or alters authentication to disrupt authentication processes |
|
|
Term
| Support Lifecycle Vulnerabilities |
|
Definition
Maintaining systems past EOL (End of Life), maintaining multiple versions of hardware and software.
-EOL
-Embedded Systems
-No Vendor Support |
|
|
Term
| Impact of Vulnerabilities |
|
Definition
Life Cycle Management on Hardware
-Laptops
-Storage
-Servers
-Smart TVs
-IoT - Internet of Things, embedded devices are often overlooked and should be not be ignored for vulnerabilities and end of life. |
|
|
Term
| Secure Coding - Improper Input Handling |
|
Definition
Guidelines - Recommendations from NIST
Web Form Validation to validate and sanitize entries before accepting and processing them.
-XSS attacks
-SQL Injection Attacks |
|
|
Term
| Secure Coding - Improper Error Handling |
|
Definition
| When a web server, application server, or database application fails, detailed internal error messages such as stack traces, database dumps, and error codes are displayed to the user (hacker). These messages reveal implementation details that should never be revealed. |
|
|
Term
| Open Web Application Security Project (OWASP) |
|
Definition
| A site dedicated to unbiased, practical, cost-effective information about application security. A non profit that provides guidelines and testing for application security. |
|
|
Term
| Impact of improper error handling |
|
Definition
Potential Impact
-Crash leaves a session open with elevated privileges
-Application crashes leaving internal error messages that provide internal system information to hackers
- |
|
|
Term
|
Definition
| Software Engineering Institute. Runs Cert.org Dedicated to helping create Better Software Through Secure Coding Practices. |
|
|
Term
| Misconfiguration / Weak Configuration |
|
Definition
-False sense of security with weak config
-Gaping holes in defenses
-Increased attack surface
Mitigation:
-Vulnerability Scan
-Security Audit - Make sure secure config baseline for each system is applied |
|
|
Term
|
Definition
-Not Secure out of the box
-Change admin accounts, default passwords
-Harden systems if possible
-Establish baseline config and audit for compliance |
|
|
Term
|
Definition
| Code executes on a target machine over and over until all resources are used |
|
|
Term
| Resource Exhaustion Attack Types |
|
Definition
|
|
Term
|
Definition
-Tailgating
-Application Updates
-Maintain Proper Config
-Social engineering don't give passwords
offer to call back.
-Phishing Scams
-Document Handling and proper disposal |
|
|
Term
| Improperly Configured Accounts and Shared Accounts |
|
Definition
-Sharing Accounts: No audit or log of who did anything
-No Non-repudiation: Being able to identify and validate user activity |
|
|
Term
| Vulnerable Business Processes - BPC |
|
Definition
Business Process Compromise
-Targets the unique processes or the systems facilitating those processes to covertly manipulate them |
|
|
Term
| Weak Cipher Suites and Implementations |
|
Definition
RC4
3DES Triple DES
NULL
Use AES-128 or AES-256 instead |
|
|
Term
| Cipher Suites 4 components |
|
Definition
1. Key Exchange
2. Authentication
3. Encryption
4. Integrity Algorithm |
|
|
Term
|
Definition
Application keeps using memory but fails to release it once it is no longer needed.
Lowers system performance
Crashes system
Denial of Service
Abnormal System Behavior
May take time to occur and problem may not be readily apparent. Reboot may appear to fix it and then the problem reoccurs overnight |
|
|
Term
|
Definition
| When result of arithmetic operation exceeds the size of the data type used to store it. Can lead to negative values which can reverse a monetary transaction since a credit now becomes a debit. |
|
|
Term
|
Definition
A vulnerability that can cause an application to throw an exception error. Causes the application to crash.
-DoS Attack
-Potential for Remot code execution |
|
|
Term
|
Definition
Inserting code into a running process
1. Attach to process
2. Allocate Memory within the process
3. Copy the DLL or the DLL Path into the processes's memory and determine the appropriate memory addresses
4. Instruct the process to execute your DLL |
|
|
Term
| Creating DLL Injection attack |
|
Definition
Manual creation
Pen Testing Tools
Metasploit |
|
|
Term
| System Sprawl and Undocumented Assets |
|
Definition
New devices added to network increase the attack surface. More targets.
-Hosts
-Printers
-IoT
-Wireless AP's
-Mobile Devices
-Dual homed systems access to other networks |
|
|
Term
| Architecture Design Weakness |
|
Definition
Business pressure to develop applications quickly can cause design to suffer due to lack of security not being included in the beginning.
-Security looked at as a road block or gating factor |
|
|
Term
|
Definition
Government/Nation States - Hoard these vulnerabilities, and keep them for when they need them
Dark Web - Sells them
Hackers - Derive Income from discovering and creating
-Organized Crime
-Script Kiddies |
|
|
Term
| Improper Certificate and Key Management |
|
Definition
-Manual Key Management
-Lack of insight, no automated reporting
-No centralized policies
-No method to replace compromised CA certs |
|
|
