Vulnerabilities and exploits in cyber security:

Vulnerability :

A vulnerability is a weakness or flaw in a system, network, software, or device that can be

exploited by attackers to compromise its security.

Software Vulnerabilities:

● Coding Flaws: Bugs, errors, or weaknesses in the software code (e.g., buffer overflow,
SQL injection, improper input validation).
● Unpatched Software: Failure to update or apply security patches leaves software
vulnerable to known threats.
● Default Configurations: Using default settings or credentials without securing them can
create security risks.

Hardware Vulnerabilities:

● Weak Hardware Design: Flaws in the design of hardware components can be exploited
(e.g., the Spectre and Meltdown vulnerabilities in CPUs).
● Firmware Vulnerabilities: Outdated firmware can have weaknesses that attackers
exploit to gain control over hardware.

Network Vulnerabilities:

● Open Ports: Unnecessary open ports on a network can be exploited to gain

unauthorized access.
● Weak Encryption: Using weak or outdated encryption methods can expose sensitive
data to attackers.
● Misconfigured Firewalls: Poorly configured firewalls or security appliances can allow
unauthorized traffic to pass through.

Operational Vulnerabilities:

● Weak Passwords: Using weak or easily guessable passwords makes systems more
susceptible to brute-force attacks.

The password must be strong enough to protect your data or file whatever it could be

● Lack of Security Policies: Inadequate or non-existent security policies can result in

improper handling of sensitive information.
● Untrained Staff: Human error or lack of cybersecurity awareness can lead to accidental
exposure of vulnerabilities.Unintentional data exposure.
Physical Vulnerabilities:

● Unsecured Devices: Physical access to servers, laptops, or network devices can allow
attackers to bypass logical security measures.
● Inadequate Building Security: Lack of physical security measures (like locks or
surveillance) can expose critical systems to risks.

How Vulnerabilities Are Discovered

1. Penetration Testing: Ethical hackers (penetration testers) simulate cyber attacks to

identify and report vulnerabilities.

also known as pen testing or ethical hacking.

This will come under ethical hacking.

security test that simulates a cyberattack to identify vulnerabilities in a computer system.

2. Vulnerability Scanning: Automated tools like Nessus, OpenVAS, and Qualys are used
to scan systems and networks for known vulnerabilities.
3. Code Reviews: Manual or automated reviews of source code to identify potential
vulnerabilities.
4. Bug Bounty Programs: Organizations offer rewards to independent security
researchers who discover and report vulnerabilities.
5. Security Audits: Comprehensive security assessments that include reviewing
infrastructure, software, and policies to identify weaknesses.
6. Threat Intelligence: Gathering information from threat intelligence sources about newly
discovered vulnerabilities affecting systems.

The Vulnerability Lifecycle

1. Discovery: A vulnerability is identified by a researcher, security analyst, or attacker.

2. Disclosure: The vulnerability is reported to the affected software or hardware vendor, or
publicly disclosed if it’s already being exploited.
3. Fix/Patch: The vendor develops a patch or mitigation to address the vulnerability.
4. Deployment: Organizations apply the patch to affected systems and software.
5. Monitoring: Systems are monitored for signs of attempted exploitation of the
vulnerability.
Common Vulnerability Scoring System (CVSS)

The CVSS is a standard method for measuring the severity of vulnerabilities. It provides a
numerical score (from 0.0 to 10.0) that helps organizations understand the risk level:

● Low (0.1 - 3.9): Minimal impact or limited exploitability.

● Medium (4.0 - 6.9): Moderate impact, some potential exploitation.
● High (7.0 - 8.9): Severe impact, with easier exploitation.
● Critical (9.0 - 10.0): Extremely severe with easy exploitation, leading to significant
damage.

They will segregate the vulnerability based on the severity.

Reasons :

● Software bugs: Errors in coding can create entry points for attackers.
● Misconfigurations: Incorrect setup or permissions in software or hardware.
● Outdated software: Old software may lack the latest security patches.
● Human error: Weak passwords, lack of training, or unintentional data exposure.

Exploits :

An exploit is a technique, tool, or piece of code used to take advantage of a vulnerability to

compromise a system.

with these techniques Attackers can steal sensitive data or they can modify the data.

Examples of Common Vulnerabilities and Exploits:

1. SQL Injection (SQLi): Exploiting a vulnerability in a web application's database layer,

allowing attackers to execute SQL queries.
This manipulation can allow the attacker to view, modify, or delete database data, and in some
cases, execute administrative operations.
2. Cross-Site Scripting (XSS): Injecting malicious scripts into websites to target user sessions.
3. Buffer Overflow: Overloading a program’s memory buffer, which can lead to system crashes
or unauthorized code execution.
4. Zero-Day Exploits: Attacks on vulnerabilities that are unknown to the vendor and, therefore,
unpatched.
Take advantage of known vulnerabilities which take advantage of vulnerability.it wont give
chance to fix or create patch for developers.

Mitigating Vulnerabilities and Exploits:

1. Regular Patching and Updates: Keep software up-to-date to close known vulnerabilities.
2. Network Segmentation: Limits the spread of attacks within the network.
3. Access Controls: we have to give the required permission or access to the user. Implement
least privilege principles to minimize exposure. (Admin team)
4. Security Monitoring: Use Security Information and Event Management (SIEM) systems to
detect suspicious activity.with that help of that tool we can come to know the vulnerability is
present or this exploitation gonna happen.
5. User Training and Awareness: Educate users on safe practices to reduce human
error-related vulnerabilities. (cyberhoot)

Indicator of Attack (IoA): Proactive

IOAs are about identifying the methods and tactics used by attackers during an attack.

Purpose: To detect and stop an attack before it succeeds. IOAs focus on understanding the
behavior of an attacker to predict and interrupt their actions.

● Focus on attack is currently happening or about to happen.

● Focus on detecting the intention and tactics behind an attack.

● They are proactive indicators that help cybersecurity teams predict, prevent, and stop
attacks before they cause damage.

Key Focus:

● Analyzing attacker behavior.

● Detecting patterns and techniques.

Examples:

Unusual User Behavior: An employee accessing files or systems they typically don't use.

Indicator of Compromise (IoC): Reactive

Compromised means the system got hacked or affected.

After what are all the steps we need to take after a system or device gets compromised .

So completely The steps will depend on the particular attack or exploits.

 Aspect Indicator of Attack (IoA) Indicator of Compromise (IoC)

Timing Before or during the attack (proactive) After the attack (reactive)

Focus Detecting behaviors and intent of an Identifying evidence of a past breach or

attacker compromise

Nature Behavioral, focusing on tactics, Artifacts and digital footprints left

techniques, and procedures (TTPs) behind by an attack

Purpose To detect and prevent potential attacks To analyze, investigate, and respond to
completed attacks

Example Suspicious file transfers, unusual user Malicious IP addresses, file hashes,
activity, privilege misuse unauthorized registry changes

Use Case Real-time threat detection and Forensic analysis, post-incident

prevention investigation

process of identifying, evaluating, prioritizing, and mitigating security vulnerabilities