In cyber security, vulnerability is a weakness that can be exploited by cybercriminals to gain unauthorized access to a computer system. After exploiting vulnerability, a cyber attack can run malicious code, install malware and even steal sensitive data.
Vulnerabilities can be exploited by a variety of methods including SQL injection, buffer overflows, cross-site scripting (XSS) and open-source exploit kits that look for known vulnerabilities and security weaknesses in web applications.
I. Causes of Vulnerabilities
There are many causes of vulnerabilities including:
Complexity
Complex systems increase the probability of a flaw, misconfigurations or unintended access.
Familiarity
Common code, software, operating systems and hardware increase the probability that an attacker can find or has information about known vulnerabilities.
Connectivity
The more connected a device is the higher the chance of a vulnerability.
Poor Password Management
Weak passwords can be broken with brute force and reusing passwords can result in one data breach becoming many.
Operating System Flaws
Like any software, operating systems can have flaws. Operating systems that are insecure by default and allow any user to gain access and potentially inject viruses and malware.
Internet Usage
The Internet is full of spyware and adware that can be installed automatically on computers.
Software Bugs
Programmers can accidentally or deliberately leave an exploitable bug in software. Sometimes end users fail to update their software leaving them unpatched and vulnerable to exploitation.
Unchecked User Input
If your website or software assumes all input is safe it may execute unintended SQL commands.
People
The biggest vulnerability in any organization is the human at the end of the system. Social engineering is the biggest threat to the majority of organizations.
II. Vulnerabilities Classification
Vulnerabilities can be classified into six broad categories
1. Hardware
Susceptibility to humidity, dust, soiling, natural disaster, poor encryption or firmware vulnerability.
2. Software
Insufficient testing, lack of audit trail, design flaws, memory safety violations (buffer overflows, over-reads, dangling pointers), input validation errors (code injection, cross-site scripting (XSS), directory traversal, email injection, format string attacks, HTTP header injection, HTTP response splitting, SQL injection), privilege-confusion bugs (clickjacking, cross-site request forgery, FTP bounce attack), race conditions (symlink races, time-of-check-to-time-of-use bugs), side channel attacks, timing attacks and user interface failures (blaming the victim, race conditions, warning fatigue).
3. Network
Unprotected communication lines, man-in-the-middleattacks, insecure network architecture, lack of authentication or default authentication.
4. Personnel
Poor recruiting policy, lack of security awareness and training, poor adherence to security training, poor password management or downloading malware via email attachments.
5. Physical site
Area subject to natural disaster, unreliable power source or no keycard access.
6. Organizational
Lack of audit, continuity plan, security or incident response plan.
THANKS SIR ☺️
ReplyDelete