Thursday, February 27, 2014

CISSP CPE8: Rapid7 webinar: Vulnerabilities, Dissected: The Past, Present & How to Prepare for their Future

Length 01:00:00

Vulnerability – configuration issue OR programming error that can be exploited.

Why should we care? Because vulnerability put things that we value at risk.

4 categories of vulnerabilities: 
1.    remote code execution
2.    elevation of privilege
3.    information disclosure
4.    DoS

Past: attacker going after company
Present: attacker going after individual (stealing ID & credit card info)

CVE run by MIST  standard to describe vulnerability

Vulnerability risk impact:
1.    Vulnerability category ( remote execution > elevation of privilege > Info disclosure > DoS)
2.    Ease of exploitation
3.    Location of asset
4.    Importance of asset

Attacker motives & techniques:
1.    Discover/recon
2.    Probing of system/network
3.    Passive engagement
4.    Active engagement
5.    Post exploitation
Chaining vulnerabilities together:
Exploiting one vulnerability to exploit other vulnerabilities
Low severity vulnerabilities matter

Example: leaking credentials
Get trivial data as foothold -> gaining limited access -> elevation of privilege
Exploit is the attack that take advantage of the vulnerability

The Near future of Vulnerabilities:
-    Windows XP EOL
-    Mobile & cloud platform
-    Directly attacking payment system
-    Cyber-warfare: asymmetrical battleground/APT engaged in economic espionage

Tip to prepare for the future:
1.    Know your environment
2.    Keep system up to date
3.    Use mitigation techniques

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home