We hear the term vulnerability in many contexts, but what is a vulnerability in cyber security?
Here’s vulnerability 101:
A vulnerability is a potential weak spot in software, hardware or a computer network. If exploited, it can provide an opportunity for malicious intent, resulting in threats delivered through various methods. Digital estates may have weaknesses at any of the security pillars, including identity, endpoints, infrastructure, networks or applications. In this blog we will cover the common vulnerabilities, however this by no means is an exhaustive list.
Let us look at the top 5 vulnerabilities:
- Injection
Injection attacks are a type of security attack where an attacker can access sensitive information (like credit card numbers, for instance) by injecting code into a vulnerable application. This code can take the form of a payload which can then be executed to gain access to usernames and passwords, and of course, company or personal data.
Examples of injection attacks include SQL injections, command injections, LDAP injections and CRLF injections.
- Broken Authentication
It is imperative for data security to be implemented with authentication and session management calls in the correct manner and order. Failing to do so exposes you to huge security risks such as credentials being compromised. Multi-Factor Authentication (MFA) is one way to counter broken authentication along with Azure AD Conditional Access.
- Sensitive Data Exposure
We all love APIs, however, they can be insecure if they rely on data transmission methods which can be exploited. This could allow access to user credentials and other confidential company data.
Some of the common methods to limit data exposure are data encryption, tokenization, proper key management and disabling response caching.
- Broken Access Control
If authentication and access restrictions are not in place, an attacker could gain access to sensitive information or even privileged settings.
Penetration testing is a common practice in the industry for detecting configuration errors and insecure access control practices.
Aside from automated processes, penetration testing is heavily used in the industry to detect configuration errors and insecure access control practices. The DevSecOps framework of secure coding practices, together with Multi-Factor Authentication security, can be enhanced together with technologies such as Privileged Access and Identity Management.
- Cross-Site Request Forgery & Cross-Site Scripting
Cross-Site Request Forgery (CSRF) attacks are designed to trick an authenticated user into taking action to deceive the end user. These attacks are often combined with social engineering techniques.
Cross-Site Scripting (XSS) is a type of attack where malicious code is injected into a website. This is done in a similar way to an SQL Injection attack. A Cross-site scripting attack targets website users, not the actual website, exposing sensitive user information at risk of theft.
That brings us to the end of our vulnerabilities highlights article. I hope you got some useful insights on how to protect your data to ensure you have a secure workplace.
As always, if you need any assistance on securing your workplace or require any other IT expertise, please contact us.
Until next time hasta-la-vista.