Cyber security focuses on protecting computers networks and data from unauthorized access or destruction.
An insecurely designed system might cause huge damage in the form of information theft, cyber warfare and cyber terrorism. Small vulnerabilities in the systems may lead to terrible losses.
Some of the major cyber threats are
- Cyber terrorism
- Cyber warfare
- Cyber espionage
With the growing volume of sophisticated cyber attacks, it is important to protect sensitive business and personal information by knowing the Common cyber security vulnerabilities
In these types of attacks, users’ personal and sensitive information like bank account numbers is exposed to third parties who use this data to perform unethical practices. The data can be at rest in the systems, in transit between client and server, in backups or browsing session. This is achieved using malwares, man-in-the-middle attack, and lack of data encryption.
Poor configured authentication
These attacks occur when flawed authentication mechanisms and poor session management techniques are used. When such weaknesses are exploited, attacker can impersonate himself, access user data and privileged settings, change account passwords and perform malicious activities resulting in adverse losses.
Injection vulnerabilities occur when a small piece of code is injected after exploiting a weakness in the system. Usually SQL, XPath, XML parser, LDAP systems are attacked by injection. Consequences are exposure of sensitive data, data loss or denial of access. These vulnerabilities are easy to exploit and difficult to spot during testing.
Buffer overflow attack
Buffers overflow in an attempt of putting excessive amount of data on them. This results in overwriting of data in turn data loss and execution of malicious code. These defects are difficult to exploit. The attacker needs to know the memory management and stacks used in the application. However, they are dangerous as they can target desktop as well as web applications.
These vulnerabilities are most common and dangerous. They occur due to running older version of the software, running applications in debug mode, running unnecessary services, not changing default factory settings, using default credentials etc. This can cause disastrous effects for new era of internet of things. In IoT scenario, poorly configured many devices can bring down an entire system.