Introduction to Vulnerabilities

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
10 hours 25 minutes
Difficulty
Beginner
CEU/CPE
11
Video Transcription
00:00
>> Hey everyone and welcome back to the course.
00:00
In the last video, we just took a brief introduction
00:00
to myself, your instructor.
00:00
We also talked about the prerequisite,
00:00
which in reality there is non
00:00
since it's very entry-level type, of course,
00:00
however, it is a good idea,
00:00
as I mentioned in the last video,
00:00
to have some basic IT or security knowledge.
00:00
In this video, we're going to take
00:00
a brief introduction to vulnerabilities.
00:00
In specific, we're going to talk
00:00
about what our vulnerabilities as well
00:00
as we'll talk through some different types
00:00
of vulnerability assessments.
00:00
What are vulnerabilities? Well, really,
00:00
it's the easiest way to describe it as a weakness.
00:00
That could be at the application or the code level,
00:00
that could be in our system,
00:00
that could be in the operating system so
00:00
something we're not necessarily controlling,
00:00
that could be in our physical infrastructure,
00:00
that could be the fact that we leave the front door
00:00
unlocked and somebody comes in and takes our stuff.
00:00
Many ways that we can describe a vulnerability but
00:00
the easiest way to remember it
00:00
as some kind of a weakness in a system,
00:00
a process, an application of
00:00
physical thing so it's some kind of a weakness.
00:00
We normally would characterize
00:00
our vulnerabilities based off the severity level.
00:00
Is this something that we deem high vulnerability,
00:00
or high critical type of risk like, my goodness,
00:00
we need to fix this tomorrow or today or right
00:00
now or is it something low where we're like,
00:00
yeah, that is a vulnerability,
00:00
but we've got other things in place
00:00
and that's not really a critical business process,
00:00
so we don't necessarily care about that too much.
00:00
Then the exploit range,
00:00
is this something that can only be internally exploited?
00:00
Somebody needs physical access
00:00
to our systems or application,
00:00
or is this something that can be exploited remotely?
00:00
Can they maybe do something like
00:00
remote code execution where
00:00
they've got administrative type privileges,
00:00
they can escalate privileges.
00:00
We need to think through those things as we're thinking
00:00
through and identifying these
00:00
>> different vulnerabilities.
00:00
>> Let's talk through some classifications
00:00
of vulnerabilities.
00:00
We've got things like misconfigurations,
00:00
buffer overflows, etc.
00:00
We'll talk through each of these real quick.
00:00
Misconfigurations you might've heard in
00:00
the media when there's different data breaches about,
00:00
hey, there's a misconfigured S3 bucket.
00:00
What we're talking about there,
00:00
if you're not IT or cybersecurity person at all,
00:00
what we're talking about there, think of it this way,
00:00
is the S3 bucket holds our data.
00:00
If we think of it as candy,
00:00
let's say we have a bag of candy and
00:00
we don't want anybody to take
00:00
our candy because let's say,
00:00
it's gummy bears and we love gummy bears.
00:00
So we want to protect that data,
00:00
which is our gummies.
00:00
The way we do that is we set
00:00
things up properly security wise.
00:00
In our example with the bag of candy,
00:00
we might put that candy in a safe
00:00
and we might lock it in a safe
00:00
and then maybe we get
00:00
a guard dog to sit on top of the safe so somebody comes,
00:00
a dog will bite them, and if
00:00
that still doesn't stop them,
00:00
at least they can't get into safe.
00:00
We put these different things in
00:00
place to protect our data or
00:00
our gummies in this situation
00:00
because a couple of things,
00:00
we don't want someone to steal our
00:00
gummies because we want to eat them.
00:00
They're really good and
00:00
we don't want somebody to swap them
00:00
out for candy we don't want.
00:00
Like, I don't like Whopper candy at all,
00:00
so if you're like Whoppers out there,
00:00
good for you, but I can't stand that type of candy.
00:00
For me, if someone took
00:00
the candy I liked and swapped it out with Whoppers,
00:00
I'd feel pretty bad.
00:00
Same thing with our data.
00:00
If someone's swaps out our data that we need to
00:00
run our business or intellectual property,
00:00
they swap it out with
00:00
bad data or something corrupt, that's a problem.
00:00
That's where we talk about misconfigurations.
00:00
That's why it's a vulnerability
00:00
and that's why you hear about it in the media
00:00
is because that's misconfiguration
00:00
is something that happens unfortunately quite often,
00:00
especially in Cloud environments.
00:00
Specifically, you hear a lot about AWS, S3 buckets,
00:00
but it happens in Azure or
00:00
Google Cloud, etc. Buffer overflow.
00:00
The easiest way to think of this one
00:00
if you're nontechnical is
00:00
basically when the software engineer or engineers,
00:00
I should say, because it's not just one person, usually.
00:00
When they develop the code and put the code in,
00:00
there are certain parameters they set for certain things.
00:00
Let's say that they didn't set a parameter.
00:00
That said I couldn't pick a number over 10.
00:00
Because they didn't do that,
00:00
that could potentially give me
00:00
an option for buffer overflow.
00:00
Maybe I put 10 million digits
00:00
in there instead of the number 10,
00:00
I put 10 million or something and then overflows
00:00
the amount of space allocated for that variable.
00:00
What that does is it basically takes
00:00
that data usually and put it in that next space.
00:00
With a buffer overflow,
00:00
I'm trying to put so much data in
00:00
there that it allows me to get into a part.
00:00
Think of it as
00:00
maybe a cooler where you've got your picnic,
00:00
your lunch or whatever and you've
00:00
got it's sectioned off, right.
00:00
You've got tomatoes over
00:00
here and you've got, I don't know,
00:00
if you eat meat, you've got meat and you've
00:00
got bread and you got lettuce and whatever else.
00:00
Each of those is in a separate compartment.
00:00
With buffer overflow, what we're trying to
00:00
do is put so much data in that we
00:00
overflow those other compartments and we
00:00
hopefully find the compartment that
00:00
allows us to execute code that
00:00
maybe allows us to get better privileges
00:00
or allows us to put malware on the system or something.
00:00
That's a buffer overflow.
00:00
We put so much data in
00:00
because it wasn't programmed properly.
00:00
It allows us to take control
00:00
or potentially take control of the system.
00:00
Unpatched systems are pretty self-explanatory,
00:00
that's where we're not updating the software properly.
00:00
You hear a lot of security people.
00:00
If you're not security, you hear a lot of
00:00
security people talking about patch your systems,
00:00
keep your software update and
00:00
that's what we're talking about there.
00:00
A lot of the attacks that I've seen personally out in
00:00
the field are related to software that's not updated.
00:00
There are some targeted
00:00
like with the companies I've worked with,
00:00
but many of them over the years
00:00
were related to unpatched software.
00:00
OS flaws, sometimes you can't control that.
00:00
Like Microsoft Windows has a bunch
00:00
of flaws that have been around for a long time.
00:00
There's bunch of CVs out
00:00
there and not all of those are patchable.
00:00
Not all of those things are things,
00:00
at least that Microsoft has released a patch for it.
00:00
That's where we need to talk
00:00
about adding additional layers of security in there.
00:00
Default credentials is basically, let's say,
00:00
you get a home route if you aren't in the industry,
00:00
you get home router or
00:00
you get something from your cable company,
00:00
they set up your home network.
00:00
It's great because you can watch
00:00
Netflix and everything's great.
00:00
However, whatever router they've given you,
00:00
normally has default credentials,
00:00
that means a maybe a username of
00:00
admin and a password of password,
00:00
write the word password, which
00:00
by the way is a terrible password.
00:00
If we use default credentials, if we keep those,
00:00
it allows the bad hackers
00:00
to easily get into our stuff and take our stuff or
00:00
corrupt our stuff or maybe right in the midst of
00:00
our binge-watching of that show insecure or something,
00:00
our network goes out and we can't watch it.
00:00
That's what we're talking about, the default credentials,
00:00
that's why we want to keep them change,
00:00
because it's an easy method for someone to get in.
00:00
If we change them,
00:00
we make it a little more
00:00
challenging for someone to get in.
00:00
Design flaws and then we also want to look at
00:00
open services so what ports are we running?
00:00
Our various systems when services are running on
00:00
our host as well as our network systems,
00:00
just keeping all those things in mind.
00:00
Let's talk about what is a vulnerability assessment?
00:00
Really, the way to think about this
00:00
is can our systems or applications,
00:00
can they actually withstand an attack?
00:00
That's why we do a vulnerability assessment.
00:00
We want to figure out, yes,
00:00
maybe there is a vulnerability,
00:00
but what can actually be exploited?
00:00
Can this actually be used against me?
00:00
If the answer is yes, and even if it's no,
00:00
we need to also think through additional security.
00:00
Like what else can we do?
00:00
Can we put additional layers in place?
00:00
For example, if you identify something as
00:00
maybe a medium risk vulnerability,
00:00
can we add additional things in place
00:00
that make it a little more challenging
00:00
for someone to come in and take over systems or do
00:00
something nefarious and if yes,
00:00
what are those things, what else can we add in there?
00:00
What additional layers of security?
00:00
Just a quick quiz question
00:00
for you to test your knowledge.
00:00
Buffer overflow is not a classification of vulnerability.
00:00
Is that true or false?
00:00
If you're paying attention, you know that's false.
00:00
Buffer overflow was one of the things we
00:00
listed as a classification of a vulnerability.
00:00
We'll talk through the different types of
00:00
vulnerability assessments real quick.
00:00
We've got active, we've got passive internal, external.
00:00
Active assessments are where we're using
00:00
a network scanner and we're going to use
00:00
that to find various hosts services.
00:00
Passive is where we're sniffing
00:00
the network internal, external,
00:00
basically inside our threat versus an external attacker.
00:00
The network seamless systems, we have host-based,
00:00
so your actual computer or the system,
00:00
and then wireless as well.
00:00
We can see how's
00:00
our wireless network standing
00:00
up and then application which we
00:00
talked about a little bit with like buffer overflows
00:00
in the code and everything like that.
00:00
In this video, we've talked about what
00:00
our vulnerability has got a basic understanding of them.
00:00
We also talked through
00:00
some vulnerability assessment information.
00:00
We talked about the different types
00:00
of vulnerability assessments.
00:00
In the next video, we're going to jump in and talk
00:00
about the vulnerability management life cycle.
Up Next