lec2

Cards (52)

  • Hardware vulnerability
    An exploitable weakness in a computer system that enables attack through remote or physical access to system hardware
  • Hardware backdoor
    Might be removed by replacing the hardware or reflashing BIOS, or firmware for net devices, graphics processing, power management, etc.
  • Directory traversal

    Also known as file path traversal, a web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application. This might include application code and data, credentials for back-end systems, and sensitive operating system files. In some cases, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data or behavior, and ultimately take full control of the server.
  • Rowhammer
    • A vulnerability affecting some recent DDR DRAM devices where repeated access to a memory row can result in bit flips in adjustment rows, allowing a hacker to change any value of the memory's bit
  • Meltdown RDCL (Rogue Data Cache Load)

    • Takes advantage of how modern processors optimize performance by storing frequently accessed data in a fast-access cache memory, tricking the processor into loading sensitive data into the cache memory even though the attacker shouldn't have access to it
  • Meltdown RDCL
    • Imagine your computer's processor is like a busy librarian. It's constantly fetching and storing information in different places to make sure everything runs smoothly. Normally, it's very careful about who gets to see what books (or data). However, Meltdown is like a sneaky trickster who finds a way to exploit the librarian's system. It distracts the librarian with a request for a book that shouldn't be accessible, but the librarian, being busy, doesn't double-check if it's okay to access that book. Now, RDCL is like the sneaky trick Meltdown uses. While the librarian is distracted, RDCL convinces the librarian to load the secret book (or sensitive data) into a place where the trickster can easily sneak a peek — the cache memory. Even though the trickster shouldn't have access to this book, they manage to see it because of the distraction and the way the librarian handles the request.
  • Thunderclap
    • A collection of hardware vulnerabilities that reside in the Thunderbolt hardware interface produced by Intel, which can be used by hackers with physical access to a Thunderbolt port to overtake a target system in just a few seconds, executing arbitrary code at the highest level of privilege and gaining access to encryption keys, passwords, banking logins and other data
  • Screwed drivers
    • Security flaws in kernel mode drivers used by Windows operating systems, revealed in 2020 by security researchers at Eclypsium, a cybersecurity firm
  • Foreshadow
    • An execution-related vulnerability that affects Intel CPUs, which hackers use to extract sensitive data from the CPUs' L1 data cache, which is accessible to all processor cores
  • Bounds Check Bypass Store (BCBS)

    • Enables hackers to compromise the branch prediction capability of modern-day CPUs, and then utilize the CPU's cache as a side-channel exploit to extract data from the memory of other processes
  • USBAnywhere
    • A collection of USB vulnerabilities that affect the BMC (baseboard management controller) on Supermicro's server hardware, which hackers can use to hijack thousands of server boards
  • Malware
    A catch-all term for various malicious software, including viruses, adware, spyware, browser hijacking software, and fake security software
  • Viruses
    The most commonly-known form of malware, which can do anything from erasing the data on your computer to hijacking your computer to attack other systems, send spam, or host and share illegal content
  • Spyware
    Collects your personal information and passes it on to interested third parties without your knowledge or consent, and is also known for installing Trojan viruses
  • Adware
    Displays pop-up advertisements when you are online
  • Fake security software
    Poses as legitimate software to trick you into opening your system to further infection, providing personal information, or paying for unnecessary or even damaging "clean ups"
  • Browser hijacking software
    Changes your browser settings (such as your home page and toolbars), displays pop-up ads and creates new desktop shortcuts, and can also relay your personal preferences to interested third parties
  • Memory-resident viruses

    Hide inside the computer's memory (RAM) and are activated when the computer is turned on, infecting opened files
  • Macro viruses
    A type of computer virus that is written in a macro language, such as Visual Basic for Applications (VBA), and typically embedded within documents or files that support macros, such as Microsoft Word documents (.doc, .docx) or Excel spreadsheets (.xls, .xlsx)
  • File infectors
    Attach themselves to program files, usually certain .COM or .EXE files, and run when the program file is run
  • Boot sector viruses
    Attach to the DOS boot sector on diskettes or the master boot record on hard disks, and find their way onto your computer from floppy disks containing the boot disk virus
  • Virus countermeasures
    • Detection
    • Identification
    • Removal
  • First-generation scanner
    Requires a virus signature to identify a virus, and is limited to the detection of known viruses
  • Second-generation scanner
    Does not rely on a specific signature, but uses heuristic rules to search for probable virus infection
  • Third-generation programs
    Identify a virus by its actions rather than its structure in an infected program
  • Fourth-generation products
    Packages consisting of a variety of antivirus techniques used in conjunction
  • Generic decryption (GD) technology
    The ability of security researchers or antivirus software to develop techniques capable of decrypting files that have been encrypted by certain types of ransomware or other malware
  • CPU emulator
    A software-based virtual computer where instructions in an executable file are interpreted by the emulator rather than executed on the underlying processor
  • Virus signature scanner

    A module that scans the target code looking for known virus signatures
  • Emulation control module
    Works together with the CPU emulator to analyze potentially malicious files in a safe, controlled environment, detect malicious behavior, and take appropriate actions to protect the user's system from security threats
  • Intrusion Detection System (IDS)

    A system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered
  • Classification of Intrusion Detection System
    • Network intrusion detection systems (NIDS)
    • Host intrusion detection systems (HIDS)
    • Protocol-based intrusion detection system (PIDS)
    • Application Protocol-based Intrusion Detection System (APIDS)
    • Hybrid intrusion detection system
  • Signature-based IDS
    Detects attacks based on specific patterns such as number of bytes or number of 1's or number of 0's in the network traffic, or known malicious instruction sequences used by malware
  • Anomaly-based IDS
    Uses machine learning to create a trustful activity model, and declares anything not found in the model as suspicious
  • Password
    A set of strings provided by users at the authentication prompts of web accounts
  • Password management
    A set of principles and best practices to be followed by users while storing and managing passwords in an efficient manner to secure passwords as much as they can to prevent unauthorized access
  • Password attacks
    • Login spoofing
    • Sniffing attack
    • Shoulder surfing attack
    • Brute force attack
    • Data breach
  • Traditional methods of password management
    • Writing down passwords on sticky notes, post-its, etc.
    • Sharing them via spreadsheets, email, telephone, etc.
    • Using simple and easy to guess passwords
    • Reusing them for all web applications
    • Often forgetting passwords and seeking the help of 'Forgot Password' option
  • How to manage passwords
    • Use strong and unique passwords for all websites and applications
    • Reset passwords at regular intervals
    • Configure two-factor authentication for all accounts
    • Securely share passwords with friends, family, and colleagues
    • Store all enterprise passwords in one place and enforce secure password policies within the business environment
    • Periodically review the violations and take necessary actions
  • VIRUS COUNTERMEASURES
    Detection- Once the infection has occurred, determine that it has occurred and locate the virus.