In cyber security, vulnerability is a weakness that can be exploited by cybercriminals to gain unauthorized access to a computer system. After exploiting vulnerability, a cyber attack can run malicious code, install malware and even steal sensitive data.
Vulnerabilities
can be exploited by a variety of methods including SQL injection, buffer
overflows, cross-site scripting (XSS) and open-source exploit kits that look
for known vulnerabilities and security weaknesses in web applications.
I.
Causes of Vulnerabilities
There are many causes of vulnerabilities including:
Complexity
Complex systems increase the probability of a flaw,
misconfigurations or unintended access.
Familiarity
Common code, software, operating systems and
hardware increase the probability that an attacker can find or has information
about known vulnerabilities.
Connectivity
The more connected a device is the higher the
chance of a vulnerability.
Poor
Password Management
Weak passwords can be broken with brute force and
reusing passwords can result in one data breach becoming many.
Operating
System Flaws
Like any software, operating systems can have
flaws. Operating systems that are insecure by default and allow any user to
gain access and potentially inject viruses and malware.
Internet
Usage
The Internet is full of spyware and adware that can
be installed automatically on computers.
Software
Bugs
Programmers can accidentally or deliberately leave
an exploitable bug in software. Sometimes end users fail to update their
software leaving them unpatched and vulnerable to exploitation.
Unchecked
User Input
If your website or software assumes all input is
safe it may execute unintended SQL commands.
People
The biggest vulnerability in any organization is the human at the end of the system. Social engineering is the biggest threat to the majority of organizations.
II.
Vulnerabilities Classification
Vulnerabilities can be classified into six broad
categories
1.
Hardware
Susceptibility to humidity, dust, soiling, natural
disaster, poor encryption or firmware vulnerability.
2.
Software
Insufficient testing, lack of audit trail, design
flaws, memory safety violations (buffer overflows, over-reads, dangling
pointers), input validation errors (code injection, cross-site scripting (XSS),
directory traversal, email injection, format string attacks, HTTP header
injection, HTTP response splitting, SQL injection), privilege-confusion bugs
(clickjacking, cross-site request forgery, FTP bounce attack), race conditions
(symlink races, time-of-check-to-time-of-use bugs), side channel attacks,
timing attacks and user interface failures (blaming the victim, race
conditions, warning fatigue).
3.
Network
Unprotected communication lines, man-in-the-middle
attacks, insecure network architecture, lack of authentication or default authentication.
4.
Personnel
Poor recruiting policy, lack of security awareness
and training, poor adherence to security training, poor password management or
downloading malware via email attachments.
5.
Physical site
Area subject to natural disaster, unreliable power
source or no keycard access.
6.
Organizational
Lack of audit, continuity plan, security or
incident response plan.
THANKS SIR ☺️
ReplyDelete