Articles by tag "cyber-security"

New remote execution vulnerability (CVE-2017-7269) was recorded in the National Vulnerability Database for Windows 2003 R2 IIS6 last week. Exploitation of this vulnerability allows a remote attacker to execute code on the vulnerable web server. 

Thus, potentially allowing hackers to take over the whole system, install remote control systems and propagate within local network conducting local attacks. Results of the exploitation might be catastrophic for organizations. Microsoft will not provide a patch for this vulnerability, as OS is not officially supported. 

Read the Digital Edge Security Team analysis and mitigation mechanisms here.

Digital Edge has decided to simply classified types of attacks, so that when we discuss tools and vectors we will refer this document. 

1. Frontal Assault

1.a - Code Tampering: This type of attacks are conducted from outside of a client's, by probing open ports and trying to force the code behind those ports to do unwanted actions, allowing hackers either remote execution, illegal upload with further execution, or system crash. 
1.b - Brute Force: An attacker uses techniques that are trying multiple combinations of passwords and keys trying to pick correct combination. 
1.c - Denial Attack: When an attacker creates either a large number of requests or specifically crafted requests or both at the same time to cause a client's system to stop responding. 
1.d - Floods: An attacker creates large amount of traffic, produced by hacker's controlled infected machines - "bots or zombies" to simply overflow capacities of the client networks or their ISPs.

2. Internal Assaults

2.a - Browser Scripting Attacks: During this attack, a hacker is convincing a user to go to a malicious website. Such website has a java or other scripting code that cause client's browser to perform unwanted actions, infect the computer, download unwanted software, etc. 
2.b - Email Attacks: During this attack, a hacker tricks a user to open an attachment that has a code that causes the opening program such as MS Office, Adobe PDF viewer, etc. to perform unwanted actions, such as infect the computer, download unwanted software etc.
2.c - Removable Media Attacks: This attack is conducted through an infected removable media. A USB memory card may have a malicious software that is executed when the storage is attached to the client's computer. 
2.d - BOYD Device Attack: A hacker would be able to infect client's personal desktop or personal phone and wait for when the user will bring it to the office. The infected "own" device can spread infection inside the local network. 

In the future, the Digital Edge Security Team will publish Security Solutions Reviews which will always refer to this classification, specifying which security challenge the solution is supposed to solve.