Hey, everyone, welcome back to the course. So in the last video, we just took a brief introduction to myself, Your instructor. We also talked about the prerequisite which in reality, there is none, since it's a very entry level type. Of course, however, it is a good idea, as I mentioned in the last video toe have some basic I. T. Or security knowledge.
And in this video we're gonna take a brief introduction to vulnerabilities and specific.
We're going to talk about what? Our vulnerabilities as well. Aziz will talk through some different types of vulnerability assessments.
So what are vulnerabilities? Well, really, it's the easiest way to describe it as a is a weakness, right? So that could be at the application or the code level that could be in our system that could be in the operating system. So something we're not necessarily controlling
that could be in our physical infrastructure. That could be the fact that we leave the front door locked and somebody comes in and takes our stuff
so many ways that we can you describe a vulnerability, but the easiest way to remember it as some kind of a weakness in a system a process and application of physical thing. So it's some kind of a weakness, and we normally would characterize our vulnerabilities based off the severity level. So is this something that we deem high
vulnerability, high critical type of risk? Like Oh my goodness, we need to fix this tomorrow or today or right now,
Or is it something low where we're like, Yeah, that isn't that is a vulnerability, but we've got other things in place, and that's not really a critical business process, so we don't necessarily care about that too much.
And then the exploit ranges is something that can only be internally exploited. So somebody needs physical access
to our systems or application. Or is this something that could be exploited remotely? So can they maybe do something like remote code execution, where they've got administrative type privileges that could escalate privileges? So we need to think through those things as we're thinking through and identifying these different vulnerabilities.
So let's talk through some classifications of vulnerabilities. So we got things like Miss configurations, buffer overflows, etcetera, center. We'll talk through each of these real quick,
so miss configurations you might have heard in the media when there's different data breaches about Hey, there's ah, miss configured as three bucket
what we're talking about there if you're not i t or some security
person at all. When we're talking about there, think of it this way is the s three bucket holds our data. So if we think of it as candy so we have let's say we have a bag of candy
and we don't want anybody to take our candy cause let's just say it's Gummi Bears and we love gummy bears, right? So we want to protect that data, which is our gummies.
The way we do that is we set things up properly, security wise. So in our example, with the Dagget candy, we might put that candy in a safe and we might lock it
in a safe, and then maybe we get a guard dog right to sit on top of the safe. So somebody comes a dog Bytom. And if that still doesn't stop him, at least they can't get in the safe. So we put these different things in place to protect our data or are gummies in this situation? Because, ah, couple of things we don't want someone to steal our gummies because we want to eat him. They're really good.
we don't want somebody to swap them out for candy we don't want, like, I don't like Whopper candy at all. So if you like Whoppers out there, that good for you. But I can't stand that type of candy. So for me, if someone took the candy I liked and swapped it out with whoppers, I'd feel pretty bad, right? Same thing with our data. If someone swaps out our data that we need to run our business
or intellectual property, they they swap it out
with bad data or something corrupt. That's a problem, right? So that's where we talk about Miss Configurations. That's why it's a vulnerability. And that's why you hear about it in the media is because that's that Miss Miss Configuration is something that happens Unfortunately, quite often,
especially in clouds cloud environments, Right? Specifically, you hear a lot about a ws as three buckets, but it happens in a sure Google cloud. It center
a buffer overflow. The easiest way to think of this one, if you're nontechnical, is basically
there's when the software engineer or engineers, I should say, because it's not just one person. Usually, um,
when they developed the code and put the code in there certain parameters they set for certain things,
right? So let's just say that they didn't set a parameter that said I couldn't pick a number over 10.
So because they didn't do that, that could potentially give me an option for buffer overflow. Maybe I put 10 million digits in there instead of the number 10. I put 10 million or something, and that overflows the amount of space allocated for that variable. And so what that does is it basically
takes that data usually and put it in sort of that next space. And so with the buffer overflow,
I'm trying to put so much data in there that it allows me to get into a part. So think of it, um,
as maybe a cooler where you've got your picnic, right? Your lunch or whatever. And you got it sectioned off. Right? So you've got tomatoes over here, and you got I don't know if you eat meat, you got meat and you got bread and you've got lettuce and whatever else and so Each of those is in a separate compartment, And so, with buffer overflow,
what we're trying to do
is put so much data in that we overflow those other compartments and we hopefully find the compartment that allows us to execute
That may be allows us to get better privileges or laws to put malware on the system or something. Right? So that's a buffer overflow. We put so much data in because it wasn't program properly.
It allows us to take control or potentially take control of the system.
Unpatched systems are pretty self explanatory. That's where we're not updating the software properly. You hear a lot of security people. If you're not security. You hear a lot of security people talking about Patrick Systems. Keep yourself were update. That's what we're talking about there. A lot of the attacks that I've seen personally out out in the field are related to
software that's not updated. Yes, there are some targeted, like what the company's I've worked with. But many of them over the years were related to unpatched software OS flaws. Sometimes you can't control that. So, like Microsoft, Windows has a bunch of flaws that have been around for a long time. Uh, there's a bunch of CVS out there,
and not all of those are passable, right? Not all those. All those things are
things at least that Microsoft has released a patch for. So that's where we need to talk about adding additional layers of security in there.
Default credentials is basically, let's say you get a home router if you If you aren't in the industry, your home router or you get something from the cable company, they set up your home network. You know it's great cause you can watch Netflix and everything's great. However,
if the whatever router they've given you normally has default credentials, that just means a maybe a user name of admin and password of password, right? The word password, which, by the way, is a terrible password. Eso if we use develop credentials. If we keep those, it allows the bad hackers
to easily get into our stuff and take our stuff or corrupt our stuff. Or maybe right in the midst of our
binge watching of that show and secure or something our network goes out, we can't watch, right, So that's what we're talking about the default credentials. That's why we want to keep them changed because it's an easy method for someone to get in. So if we change them, we make it a little more challenging for someone to get in
design flaws. And then we also want to look at open services. So what ports are we running? Various systems where services are running on our on our host as well as our network systems? I'm just keeping all those things in mind. So let's talk about what is a vulnerability assessment.
So really, the way to think about this is, can our systems or applications gonna actually withstanding attack? And that's why we
do a vulnerability assessment. Want to figure out yes, maybe there is vulnerability, but
what can actually be exploited, right? Can this actually be used against me?
If the answer is yes, and even if it's know we need also think through additional security, like what else can we do? Can we put additional layers in place? So, for example, if I'd identify something is maybe a medium risk
vulnerability, can we add additional things in place that make it more just a little more challenging for someone to come in and take over systems or do something nefarious. And what if Yes, what are those things? Right. What else can we add in there with additional layers of security?
So just a quick, quick question for you to test your knowledge. But for over overflow is not a classification off vulnerability. Is that true or false?
All right, so if you're paying attention, you know that's false, right? Well, buffer overflow was one of the things we listed as a classification of a vulnerability.
So we'll just talk through the different types of vulnerability assessments real quick. We've got active, We've got passive internal, external, and so active assessments are where were using a network scanner. We're gonna use that to find various host services. Passive is where we're sniffing the network internal, external, basically
insider threat versus an external attacker.
The network seeing what systems we have host based. So your actual computer or the system and then wireless as well. So we could see how is our wireless network standing up and then application, which we talked about a little bit with, like, buffer overflows in the code and everything like that.
So, in this video. We talked about what our vulnerabilities got a basic understanding of them. We also talk through some vulnerability assessment information. We talked about the different types of vulnerability assessments. In the next video, we're gonna jump in to talk about the vulnerability management lifecycle.