Fixing the top 5 Cyber Security Vulnerabilities

Cyber security vulnerabilities are what attackers are trying to exploit with the ultimate purpose to access a system and get a hold of private user data. In order to keep yourself prepared for such attacks, you must learn how these attack methods work. If you have this knowledge, it will help you prevent such attacks.

Let’s proceed by going through the top 5 cyber security vulnerabilities and what you can do to fix or prevent them.

Buffer overflow

How it works:

In this method of attack, an application is used with the purpose to use up more buffer memory than what has been allocated. The result is that the malicious code will force the application to take up more than the prescribed buffer size and will return the pointer of the new buffer location. This information will be exploited by attackers as they will have the ability to manipulate adjacent buffer addresses.

How it can be prevented:

A user can perform bounds checking so he will have info on the predefined bounds of the variable. Buffer overflow bugs can also be detected by static code analysis tools. Another option is the use of a canary value system. In this system, a function’s return pointer with a keyed hash, before it gets used, it can be stored in a stack so that if the values of the returned pointer match with the stored values we are assured that no buffer overflow bugs run in the system.

Exposure of Sensitive Data  

How it works:

A Man-in-the middle attack is used for breaking into a system and stealing or modifying user’s sensitive data.

How it can be prevented:

Encryption should be applied in order to protect the sensitive data. Other measures to take is disabling the “auto complete” forms since they can easily expose passwords and to use strong algorithms while exchanging sensitive data online.

Injection Vulnerability

How it works:

Untrusted data are sent to an interpreter, causing injection vulnerability, affecting mostly SQL, Xpath and XML parsers.

How it can be prevented:

Some methods to prevent this type of vulnerability are:

  • Adopt safe APIs which provide parameterized interfaces and validate the input data.
  • Prevent construction of fake SQL queries by referring to parameterized queries.
  • Make use of the “Least Privilege Principle” so that users will be granted with only the permissions that are required to do a specific job.

Broken session and authentication

How it works:

Weak spots in authentication and session management procedures are targeted by attackers who impersonate other users so as to get access to sensitive data.

How it can be prevented:

Putting in place strong authentication and session management procedures is the best way to go about it.

Security misconfiguration

How it works:

Attackers take advantage of misconfigured security systems and hack them. It is considered as the simplest cyber security vulnerability.

How it can be prevented:

Outdated software, unnecessary apps running on a machine and default settings should be avoided as attackers will attempt to exploit them.

Leave a Reply

Your email address will not be published. Required fields are marked *