Cyber Vulnerabilities: Difference between revisions

Cyber Vulnerabilities are weaknesses of information resources that may be exploited by a threat. Because these are weaknesses that can be addressed by the security specialist, they are examples of vulnerabilities.

• The lack of adequate controls represents a vulnerability, exposing sensitive information and data to the risk of malicious damage, attack or unauthorized access by hackers, employee error, environmental threat or equipment failure. This could result in a loss of sensitive information, financial loss, legal penalties or other losses.

• Vulnerabilities Classes
  • RCE, LPE.
• Vulnerability mechanisms including - Deserialisation, Path Traversal, Authentication Bypass.

Common Vulnerabilities

• Zero-Day Vulnerabilities
• War dialing
• Social engineering
• War driving
• Password cracking

Technology

• Vulnerability Database
• Vulnerability Technology
• Vulnerability Management Technology

Scanning

• A vulnerability scan will only find “known” vulnerability patterns and will, therefore, not find a programmer’s application back door.
• Vulnerability Scanner