Scribd
Upload
27 views33 pages

What Is Vulnerability

Uploaded by

jamal.icit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
27 views33 pages

What Is Vulnerability

Uploaded by

jamal.icit
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 33

Course Name: Vulnerability assessment and Reverse Engineering

Recommended Books:
A: Finding and fixing vulnerabilities in Information Systems: The Vulnerability
(Philip)

B: Reversing: Secrets of Reverse Engineering (Eldad Eilam)

DR . JA M A L A N A S IR
Credit Hours: 3
Marks: 100
Distribution of Marks:
Assignments 10
Quizzes 10
Attendance 5
Mid Term Examination 25
Total Sessional 50
Terminal Examination 50
Total 100
Vulnerability Assessment
What is Vulnerability?
A vulnerability is a weakness that can be exploited by
cybercriminals to gain unauthorized access to a computer
system.

After exploiting a vulnerability, a cyberattack can run


malicious code, install malware, and even steal sensitive
data.
Vulnerability…
•Businesses use the Internet as a vital global resource for
huge benefits in linking workers, suppliers and customers.

•However, connecting with the global Internet exposes your


company network to many threats.
Vulnerability…
Expert criminals can use the Internet:
◦ to enter/penetrate into your network,
◦ put malware onto your computers,
◦ extract proprietary/important information and
◦ abuse your IT resources.
These attacks can be prevented by using a vulnerability management (VM)
program.
VM enables you to continuously monitor your network infrastructure, and
by using a VM program you can stay several steps ahead of the attackers
and protect your business resources.
Vulnerability…
These attacks can be prevented by using

Vulnerability Management (VM) program


Vulnerability Management (VM)
• VM enables you to continuously monitor your network
infrastructure

• And by using a VM program you can stay several steps


ahead of the attackers and protect your business resources.
Vulnerability analysis
Vulnerability
To a cyber criminal, vulnerabilities on a network are

high-value assets

These vulnerabilities can be targeted for exploitation, which


results in unauthorized access to the network.
Vulnerability…
Once cyber criminals are inside, they will look for:

◦ Personal information
◦ Credit cards
◦ Health accounts
◦ Health Accounts is a methodology used to describe the systematic financial flow of the
consumption of health care goods and services.

◦ A Health Savings Account (HSA) is a type of personal savings account you can set up to pay
certain health care costs
Vulnerability…
◦ Business secrets
◦ Business Secrets means any information that derives from actual or potential economic
value for the fact that it is not known and that should not be accessed by any people.
◦ Intellectual property
◦ Intellectual property (IP) refers to creations of the mind, such as inventions; literary and
artistic works; designs; and symbols, names and images used in commerce
◦ and in short, Anything that they can sell on the black
market.
Vulnerability…
In addition:
◦ the exploited computer is now a beachhead (strategic
position) for further attacks into your network and it becomes
part of a platform that attacks the network of other
organizations.
Vulnerability…
• Security researchers are continually discovering flaws
in:
• software
• Faulty configurations of applications and
• IT gear (A software platform from Google for running applications
locally)
Vulnerability…
Whatever their source:
◦vulnerabilities don’t go away by themselves.

◦detection, removal and control require vulnerability


management (or VM)

◦the continuous use of specialized security tools that


proactively help eliminate exploitable risks.
How Vulnerabilities Expose Your Network to Danger?
In the last few years:
◦criminal attackers have realized the monetary payback of
cyber crime, and
◦now there are successful attacks made via the Internet
almost every day.
The universal connectivity provided by this global pathway
gives hackers and criminals easy access to your network and
its computing resources
Criminals don’t waste much time in getting started.

If your computers are running without current security


updates, they are immediately vulnerable to a variety of
exploits.
University of Michigan study
How Vulnerable are Unprotected Machines on the Internet?

Study found that servers with open ports and other vulnerabilities
were scanned by attackers within about 23 minutes of being
attached to the Internet and
vulnerability probes(inquiries) started in 56 minutes.
The average time to the first exploit being made was less
than 19 hours.

Any business that doesn’t proactively identify and fix


vulnerabilities is susceptible to abuse and information theft.
Where do vulnerabilities come from?

• Programming mistakes
• Bugs
cause most vulnerabilities in software.
For example, a common mistake
– which happens in the memory management area of programs
– data blocks still being used after they’ve been declared free by
other parts of the programs.
Where do vulnerabilities come from?...
When this ‘use-after-free’ programming mistake is found by
attackers:
they can often exploit it and gain control over the computer.
Where do vulnerabilities come from?...

Computer scientists estimate:


• that every thousand lines of software code in well-managed
software products contain about one bug,
• with that number rising to 25 per thousand for unscrutinized code.
Modern software projects typically have millions of lines of code.
Where do vulnerabilities come from?...
For example:
• An operating system like Windows 7, has 40 million lines of code,
• Microsoft Office application between 30 and 50 million and
• Popular Internet browsers between five and 10 million.
Where do vulnerabilities come from?...
The best way to counter this threat is to quickly identify and
eliminate all vulnerabilities on a continuous basis.
For example:
• Microsoft and Adobe release advisories and patches on the second
Tuesday of each month (Patch Tuesday)
• Oracle releases vulnerability patches on a quarterly schedule.
Where do vulnerabilities come from?...
Many of the newer software projects such as:
• Google Chrome
• programs in the Android
• iOS and Windows app stores

have moved to continuous release patches


What are other sources?
Careless programmers aren’t the only source of vulnerabilities
A study by Hewlett–Packard Co. found that:
80 per cent of applications contain vulnerabilities exposed by incorrect
configuration.
For example:
- improper configuration of security applications, such as a firewall, may allow
attackers to slip through ports that should be closed.
The exploitation of vulnerabilities via the Internet is a huge problem
that requires immediate proactive control and management.

That’s why companies need to use VM – to proactively detect and


eliminate vulnerabilities in order to reduce overall security risk and
prevent exposure.
Detecting and Removing Vulnerabilities
VM has evolved from simply running a scanner on an application,
computer or network to detect common weaknesses.
Scanning remains an essential element of VM.
But continuous VM now includes other technologies and workflow
that contribute to the bigger picture required for controlling and
removing vulnerabilities.
Objectives of VM
•Maintain a database of the computers and devices of your
network – your hardware assets.

•Compile a list of installed software – your software assets.

•Change a software configuration to make it less


susceptible to attack.
Objectives of VM…
•Identify and fix faults in the installed software that affect
security.
•Alert to additions of new devices, ports or software to the
databases to allow an analysis of the changed attack surface
and to detect successful attacks.
•Indicate the most effective workflow for patching and
updating your devices to prevent attacks (such as malware,
bots and so on).
Bot or robot?
A bot, short for "robot", is a type of software application or script:

◦ that performs automated tasks on command.

◦ Bad bots perform malicious tasks that allow an attacker to


remotely take control over an affected computer.
Objectives…
•Document the state of security for audit and compliance
with laws, regulations and business policy.

•Continuously repeat the preceding steps so as to ensure the


ongoing protection of your network security.

You might also like