Wednesday, 13 September 2023

Information Security Threats and Attack Vectors

Lesson 03: Information Security Threats and Attack Vectors



3.01 Motives, Goals, and Objectives of Information Security Attacks

3.02 Top Information Security Attack Vectors

3.03 Information Security Threat Categories

3.04 Types of Attacks on a System

3.05 Information Warfare

threats - Malicious activity can be done by Attacker

Attack Vectors - way for attacker to enter




3.01 Motives, Goals, and Objectives of Information Security Attacks

1.Disturpt Business Continuity

2.Data Theft

3.Changing Data

4.Revenge

5.Organization Reputation

6.Military goal

6.Political 

3.02 Top Information Security Attack Vectors

1.Cloud computing threats 

software as a service - antivirus

platform              - os 

infrastructure        - aws cloud , google cloud ,microsoft azure

2.Advanced Persistant Threats

one close , another open

3.Virus & Worms threats

4.Mobile Threats

5.Botnets threats

6.Insider Threats

3.03 Information Security Threat Categories

1.Network threats

Information gathering - version 

spoofing - smtp

Man in the middle attack - http 

password attacks - default passwords

DOS - Bandwidth - (Denial of service)

Firewall & IDS attacks - Intrusion Detection System

2.Host Threats (Domain)

Foot printing - tech version

Malware attacks - 0ld tech

DOS - firewall & rate limiting

Unauthorized access

Privilege Escalation

Physical Attacks

Remote code Execution 

if you find PHP 8.1.0-dev then try RCE & SQLi

User-Agentt: zerodiumsleep(5);

User-Agentt: zerodiumsystem('id');

3.Application Threats

sql injection

Authentication Attack

Authorization Attack

Broken session management

Information Disclosure

Cryptography attack

Security Misconfiguration

4.People and Technology threats

3.04 Types of Attacks on a System

Operating System - unpatched system

Misconfiguration attack - database, webserver

application level attacks - sql, xss, ssrf

shrink-wrap code attacks - default configuration

3.05 Information Warfare (ICT - information Communication Technology)

offensive Information warfare - attacks, database, webserver, network, application 

defensive Information warfare - IDS , Alerts , Response , threat modelling




By -
Labels:
Location: 2nd Floor, Real Enclave, 43, Josier St, Tirumurthy Nagar, Nungambakkam, Chennai, Tamil Nadu 600034, India

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)