Lesson 2 Security Threats and Vulnerabilities

In Information Assurance and Security, security threats and vulnerabilities are key concepts that focus
on identifying, assessing, and mitigating risks to systems, data, and assets. Below are some common
topics related to these concepts

1. Types of Security Threats

Security threats are events or actions that pose a risk to the confidentiality, integrity, or availability of
information systems.

a. Cybersecurity Threats
1. Malware (Malicious Software)
Software designed to damage, disrupt, or gain unauthorized access to systems (e.g., viruses,
worms, ransomware, trojans).

Types of Malware
1. Viruses
2. Worms
3. Trojans (Trojan Horses)
4. Ransomware
5. Spyware
6. Adware
7. Rootkits
8. Keyloggers
9. Bots and Botnets
10. Fileless Malware

How Malware Spreads

• Phishing
• Malicious Websites
• Removable Media
• Exploiting Vulnerabilities

Preventing and Mitigating Malware Attacks

1. Antivirus/Anti-Malware Software
2. Regular Software Updates
3. User Awareness and Training
4. Firewalls
5. Backup Data Regularly
6. Endpoint Protection
7. Least Privilege Principle
8. Application Whitelisting
2. Phishing Attacks
Fraudulent attempts to steal sensitive information (e.g., passwords, credit card details)
through deceptive emails or websites.

Types of Phishing Attacks

1. Email Phishing
2. Spear Phishing
3. Whaling
4. Vishing (Voice Phishing)
5. Smishing (SMS Phishing)
6. Angler Phishing

Signs of a Phishing Attack

• Urgency or Threats
• Suspicious Links
• Generic Greetings
• Unusual Attachments
• Spelling and Grammar Mistakes
• Unfamiliar Sender

Preventing and Mitigating Phishing Attacks

a. Verify Sources
b. Hover Over Links
c. Use Multi-Factor Authentication (MFA)
d. Be Cautious with Attachments
e. Educate Employees and Users
f. Use Anti-Phishing Software
g. Report Phishing Attempts

3. Denial of Service (DoS) / Distributed Denial of Service (DDoS)

Attacks aimed at disrupting the availability of systems by overwhelming them with traffic.

a. Denial of Service (DoS) Attack

It is a cyberattack where a single machine or a small group of machines sends a flood
of traffic or other requests to a target server or network, overwhelming it and
causing a system crash or resource depletion, rendering the service unavailable.

How DoS Attacks Work

• Overwhelming Requests
• Exploiting Vulnerabilities
• Single Source

b. Distributed Denial of Service (DDoS) Attack

It is an attack is a more sophisticated version of a DoS attack. Instead of coming
from a single machine, a DDoS attack originates from multiple machines, often
 spread across different geographic locations. This can make the attack more
difficult to defend against and harder to trace back to the attacker.

How DDoS Attacks Work

b. Botnets
c. Amplification
d. Flooding Traffic
e. Distributed Nature

c. Types of DoS and DDoS Attacks

• Volume-Based Attacks
• Protocol-Based Attacks
• Application Layer Attacks
• Amplification Attacks

4. Man-in-the-Middle (MitM) Attacks

Interception and potential alteration of communication between two parties, often through
insecure networks.

How MitM Attacks Work

1. Interception
2. Decryption (if needed
3. Impersonation
4. Data Capture or Alteration

Types of MitM Attacks

1. Wi-Fi Eavesdropping
2. HTTPS Spoofing
3. Session Hijacking
4. DNS Spoofing
5. Email Hijacking
6. SSL Stripping

5. SQL Injection
Exploiting vulnerabilities in web applications by injecting malicious SQL code into input fields to
access or manipulate databases.

How SQL Injection Works

1. Vulnerable Input Fields
2. Injection of Malicious Code
3. Execution of SQL Commands
4. Impact

Types of SQL Injection

1. Classic SQL Injection (In-Band SQLi)
 2. Blind SQL Injection
3. Error-Based SQL Injection
4. Out-of-Band SQL Injection

6. Cross-Site Scripting (XSS)

Malicious scripts injected into web applications that execute in a user’s browser, often
stealing session cookies or redirecting to malicious websites.

How XSS Works

1. Injection of Malicious Script
2. Execution in Browser
3. Exploitation

Types of XSS Attacks

1. Stored XSS (Persistent XSS)
2. Reflected XSS (Non-Persistent XSS)

7. Zero-Day Attacks
Attacks that exploit previously unknown vulnerabilities before they are patched.

Types of Zero-Day Vulnerabilities

1. Software Vulnerabilities
2. Hardware Vulnerabilities
3. Firmware Vulnerabilities
4. Network Protocol Vulnerabilities

b. Insider Threats

1. Malicious Insiders
Employees or contractors intentionally exploiting their access to systems to cause harm (e.g.,
stealing sensitive data or sabotaging operations).

Types of Malicious Insiders

1. Disgruntled Employees
2. Corporate Spies
3. Criminal Collaborators
4. Accidental Insiders

2. Negligent Insiders
Individuals who unintentionally expose systems to risks due to lack of awareness or improper
handling of sensitive information (e.g., sending sensitive data to the wrong person).

Characteristics of Negligent Insiders

1. Unintentional Actions
2. Lack of Awareness
 3. Access to Critical Resources
4. Common Across Roles

c. Physical Security Threats

• Theft or Loss of Devices

• Natural Disasters

2. Common Security Vulnerabilities

Vulnerabilities are weaknesses in systems that can be exploited by security threats. These can exist in
software, hardware, or human processes.

a. Software Vulnerabilities

• Unpatched Software
Systems running outdated software with known security flaws that can be exploited by attackers.

Why Unpatched Software is a Threat

1. Exploitation of Known Vulnerabilities
2. Automated Attacks
3. Wide Attack Surface
4. Delayed Patching Cycles

• Buffer Overflow
A vulnerability that occurs when a program writes more data to a buffer than it can hold,
allowing attackers to execute arbitrary code.

How Buffer Overflow Works

1. Memory Allocation
2. Overflow
3. Exploitation
Types of Buffer Overflows
1. Stack Buffer Overflow
2. Heap Buffer Overflow
3. Integer Overflow
4. Format String Exploits

• Insecure APIs
Vulnerabilities in poorly designed or insecure application programming interfaces (APIs) that
attackers can exploit to gain unauthorized access to backend systems.

Common Security Risks in APIs

1. Lack of Authentication and Authorization
2. Excessive Data Exposure
3. Injection Attacks
 4. Broken Object Level Authorization (BOLA)
5. Insufficient Rate Limiting
6. Security Misconfigurations
7. Unencrypted Communication
8. Improper Error Handling

• Improper Authentication
Weak authentication mechanisms (e.g., default or easily guessable passwords) that allow
unauthorized users to access systems.

Types of Improper Authentication Vulnerabilities

1. Weak Password Policies
2. Lack of Multi-Factor Authentication (MFA)
3. Unencrypted Authentication Data
4. Poor Session Management
5. Insecure Password Storage
6. Brute-Force or Credential Stuffing
7. Default or Predictable Credentials
8. Inadequate Authorization Levels

• Lack of Encryption
Sensitive data that is transmitted or stored without proper encryption, making it vulnerable to
interception or unauthorized access.

Types of Encryption Risks

1. Unencrypted Data in Transit
2. Unencrypted Data at Rest
3. Weak Encryption Algorithms
4. Mismanagement of Encryption Keys

b. Network Vulnerabilities

• Unsecured Networks
Open or poorly secured Wi-Fi networks that are susceptible to eavesdropping or unauthorized
access.

Types of Unsecured Networks

1. Public Wi-Fi Networks
2. Open Wireless Networks
3. Weakly Encrypted Wi-Fi (WEP/WPA)
4. Home or Small Office Networks with Poor Configuration
5. Bluetooth or NFC Networks
 • Weak Network Segmentation
Failure to properly segment network traffic, which can allow attackers to move laterally through
a network once they gain access.

Types of Weak Network Segmentation

1. Lack of Segmentation (Flat Network)
2. Overly Permissive Access Controls
3. Misconfigured or Inconsistent Segmentation
4. Uncontrolled Traffic Between Segments
5. Segmentation Gaps Between Critical and Non-Critical Systems

• Open Ports
Unnecessary open network ports that attackers can use to gain access to systems.

Examples of Exploited Open Ports

1. SSH (Port 22)
2. Remote Desktop Protocol (RDP - Port 3389)
3. FTP (Port 21)
4. Telnet (Port 23)
5. HTTP/HTTPS (Ports 80/443)
6. DNS (Port 53)

• Weak VPN Configurations

VPNs with weak encryption protocols or misconfigured settings, making remote access insecure.

Examples of Weak VPN Configurations

1. Using Outdated VPN Protocols
2. No Multi-Factor Authentication (MFA)
3. Failure to Implement DNS Leak Protection
4. Unsecured VPN Server Ports
5. Lack of Encryption or Weak Encryption
6. Improper Access Control and Permissions

c. Human Vulnerabilities

• Social Engineering
Manipulating individuals into revealing confidential information (e.g., via phishing, pretexting, or
baiting).

Common Types of Social Engineering Attacks

1. Phishing
2. Spear Phishing
3. Vishing (Voice Phishing)
 4. Baiting
5. Pretexting
6. Quizzes and Surveys
7. Tailgating (Piggybacking)
8. Impersonation

• Lack of Security Awareness

Users who are unaware of security best practices or fail to follow security protocols (e.g., reusing
passwords, clicking on suspicious links).

Consequences of Lack of Security Awareness

1. Increased Vulnerability to Phishing and Social Engineering Attacks
2. Improper Handling of Sensitive Data
3. Failure to Recognize Malicious Software
4. Weak Password Practices
5. Inconsistent Use of Security Tools and Protocols
6. Failure to Report Suspicious Activity
7. Data Loss and Compliance Violations

• Poor Password Practices

Using weak or reused passwords that make it easier for attackers to gain unauthorized access to
accounts.

d. Hardware Vulnerabilities

• Side-Channel Attacks
Exploiting physical characteristics (e.g., power consumption, electromagnetic leaks) to gain
access to information in hardware devices.

Types of Side Channel Attacks

1. Timing Attacks
2. Power Analysis Attacks
3. Electromagnetic (EM) Attacks
4. Acoustic Cryptanalysis
5. Cache Attacks
6. Data Remanence Attacks
7. Row Hammer Attack

• Hardware Backdoors
Hidden vulnerabilities intentionally built into hardware devices that can be exploited by attackers
for malicious purposes.
 How Hardware Backdoors Work
Key characteristics of hardware backdoors include

1. Undetectable by Software Tools

2. Persistent
3. Triggering Mechanisms
4. Exfiltration of Data or Control

Types of Hardware Backdoors

1. Embedded in Processors (CPU Backdoors)
2. Network Interface Card (NIC) Backdoors
3. Firmware Backdoors
4. Peripheral Device Backdoors (USB, Keyboard, etc.)
5. Supply Chain Attacks (Compromised Manufacturing Process)

• Firmware Vulnerabilities
Weaknesses in the firmware of devices, such as routers or IoT devices, that attackers can exploit.

What Makes Firmware Vulnerable?

1. Lack of Visibility and Detection
2. Persistent Nature
3. Low Update Frequency
4. Inadequate Authentication

Common Types of Firmware Vulnerabilities

1. Buffer Overflow Vulnerabilities
2. Insecure Firmware Update Mechanisms
3. Hardcoded Credentials
4. Lack of Secure Boot/Verification
5. Firmware Backdoors
6. Privilege Escalation Vulnerabilities
7. Insecure Communication Protocols
8. Weak Encryption or No Encryption

3. Emerging Threats and Vulnerabilities

With the rapid evolution of technology, new security threats and vulnerabilities are continually
emerging. Some examples include

a. Internet of Things (IoT) Vulnerabilities

IoT devices often have weak or non-existent security measures, making them susceptible to
attacks that can compromise networks or provide unauthorized access to sensitive data.

Common IoT Vulnerabilities

 1. Weak or Default Passwords
2. Lack of Encryption
3. Unpatched Software/Firmware Vulnerabilities
4. Insecure APIs
5. Insufficient Authentication and Authorization
6. Insecure Cloud Storage
7. Lack of Network Segmentation
8. Physical Security Vulnerabilities
9. Poor Device Lifecycle Management
10. Over-Collection of Data

b. Cloud Security Risks

Misconfigured Cloud Settings
Improper configuration of cloud services (e.g., open storage buckets, public access to private
resources) leading to data leaks or unauthorized access.

Common Types of Misconfigured Cloud Settings

1. Insecure Storage Buckets
2. Overly Permissive Identity and Access Management (IAM) Policies
3. Misconfigured Security Groups and Firewalls
4. Unrestricted Cloud Service Access
5. Misconfigured Backup Settings
6. Improper API Security Settings
7. Exposed Cloud Management Interfaces
8. Misconfigured Logging and Monitoring

C. Cloud Access Security Brokers (CASB)

Vulnerabilities related to the lack of centralized visibility and control over cloud
environments.

CASBs enable organizations to

1. Monitor cloud usage

2. Enforce security policies
3. Ensure compliance

Types of CASBs

There are different approaches to CASB deployment and functionality, depending on

how they interact with the cloud environment. The main types of CASBs are

1. API-Based CASBs
2. Proxy-Based CASBs
 3. Hybrid CASBs

c. Artificial Intelligence (AI) and Machine Learning (ML) Risks

• Adversarial Attacks
Attacks that manipulate AI/ML models to produce incorrect outputs or predictions.

Types of Adversarial Attacks

1. Evasion Attacks
2. Poisoning Attacks
3. Backdoor Attacks
4. Transferability Attacks

• Data Poisoning
Feeding malicious or biased data to train AI/ML models, which can impact decision-making
processes.

How Data Poisoning Works

1. Insertion Poisoning
2. Label Poisoning
3. Targeted Poisoning
4. Backdoor Poisoning

d. Blockchain and Cryptocurrency Threats

• Smart Contract Vulnerabilities Weaknesses in blockchain smart contracts that attackers can
exploit to steal funds or disrupt operations.

Below are some common vulnerabilities in smart contracts

1. Reentrancy Attack
2. Integer Overflow and Underflow
3. Gas Limit and Block Size Manipulation
4. Unprotected Self-Destruct
5. Front-running (Transaction Ordering Dependence)
6. Time Dependency and Oracle Manipulation
7. Inadequate Access Control
8. Unchecked External Calls
9. Delegate call Vulnerability
10. Insufficient Input Validation
4. Best Practices for Mitigating Security Threats and Vulnerabilities

• Regular Security Patching and Updates

Ensure all software and systems are up to date with the latest security patches.

• Encryption
Encrypt sensitive data both in transit and at rest to protect it from unauthorized access.

• Multi-Factor Authentication (MFA)

Implement MFA to add an additional layer of security against unauthorized access.

• Security Training and Awareness

Educate employees and users about the risks and best practices for avoiding social engineering,
phishing, and other human-centric attacks.

• Penetration Testing
Regularly conduct penetration testing and vulnerability assessments to identify and address
weaknesses before they can be exploited.

• Incident Response Planning

Have a well-defined incident response plan to address security breaches or threats effectively
and minimize damage.

References;
OpenAI. (2025). ChatGPT (Mar 14 version) [Large language model]. https://chat.openai.com/chat
Perplexity AI. (2025). How to reference an AI assistant. Perplexity AI https://www.perplexity.ai/.