top 10 vulnerabilities
play

Top 10 Vulnerabilities in past 5 years. #10 - DROWN Vulnerability - PowerPoint PPT Presentation

Apr 02, 2024 •203 likes •419 views

Top 10 Vulnerabilities in past 5 years. #10 - DROWN Vulnerability in downgrading to SSLv2 Can break encryption of TLS in ~8 hours Requires MITM March 2016 #9 - POODLE Vulnerability in downgrading to SSLv3 Decipher cipher

  1. Top 10 Vulnerabilities in past 5 years.

  2. #10 - DROWN ๏ Vulnerability in downgrading to SSLv2 ๏ Can break encryption of TLS in ~8 hours ๏ Requires MITM ๏ March 2016

  3. #9 - POODLE ๏ Vulnerability in downgrading to SSLv3 ๏ Decipher cipher text ๏ Requires MITM ๏ October 2014

  4. Bonus - TLS/SSL Vulnerabilities ๏ CRIME - Compression Ratio Info (Made Easy) ๏ BEAST - Browser Exploit Against SSL/TLS ๏ BREACH - Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext ๏ FREAK - Factoring RSA Keys ๏ NOMORE - Numerous Occurrence Monitoring & Recovery Exploit

  5. #8 - ImageTragick ๏ Improper filtering lead to RCE ๏ Dangerous due to SVG/MVG ๏ May 2016

  6. #8 - ImageTragick

  7. #7 - Mirai ๏ IOT Device scanning ๏ default user/pass ๏ Exploit w/ malware ๏ DDOS ๏ August 2016

  8. #7 - Mirai (Aggressive) ๏ Kill SSH, Telnet, HTTP ๏ Kill other bots from memory (QBOT) ๏ Remove other malware ๏ Growth of aggressive malware development

  9. #6 - KRACK ๏ WPA2 nonce reuse ๏ Trick victim into connecting to rogue network ๏ all-zero key during rekeying on some systems ๏ October 2017

  10. #6 - KRACK

  11. Bonus - Conficker ๏ Spread via MS 0days ๏ Family of malware (A-E versions) ๏ Upgraded themselves to E ๏ Goal: Install spyware ๏ November 2008

  12. #5 - WannaCry ๏ NSA (ExternalBlue) exploits ๏ Ransomware ๏ Kill switch found ๏ Windows XP ๏ May 2017

  13. #4 - Stagefright ๏ Overflow, into system user space ๏ No action required ๏ Android affected ๏ Pivot attack after ASLR ๏ July 2015

  14. #3 - Dirty COW ๏ Change on Write ๏ Race Condition ๏ Write access to read-only areas ๏ Difficult to detect ๏ November 2016

  15. #2 - Heartbleed ๏ Buffer overflow ๏ “heartbeat” from openSSL ๏ Could extract private keys ๏ Website, logo, etc ๏ April 2014

  16. #2 - Heartbleed (XKCD)

  17. Bonus - Stuxnet ๏ Very smart malware ๏ Specific host goal ๏ Multiple 0days together ๏ Rootkit to control rotational speed ๏ June 2010

  18. #1 - Shellshock ๏ Parser error in bash ๏ Led to ACE ๏ Bug since 1989 ๏ Discovered September 2014

  19. #1 - Shellshock ๏ Hide in headers (apache) ๏ ping/wget to identify infected ๏ Denial of Service ๏ DDOS ๏ Spam mail

  20. Connor Tumbleson 
 @iBotPeaches connortumbleson.com

Recommend

NECESSARY BACKGROUND ON MEMORY EXPLOITS AND WEB APPLICATION VULNERABILITIES Outline 2

NECESSARY BACKGROUND ON MEMORY EXPLOITS AND WEB APPLICATION VULNERABILITIES Outline 2

1 NECESSARY BACKGROUND ON MEMORY EXPLOITS AND WEB APPLICATION VULNERABILITIES Outline 2 Memory safety attacks Buffer overruns Format string vulnerabilities Web application vulnerabilities SQL injections Cross-site

901 views • 39 slides
vulnerabilities CVE, Common Vulnerabilities and Exposures CWE, Common Weakness Enumeration

vulnerabilities CVE, Common Vulnerabilities and Exposures CWE, Common Weakness Enumeration

Security & Knowledge Management a.a. 2019/20 There are a set of sources that provide updated information about security vulnerabilities CVE, Common Vulnerabilities and Exposures CWE, Common Weakness Enumeration CAPEC,

197 views • 8 slides
Operating System Hardening Vulnerabilities Unique vulnerabilities for: Different

Operating System Hardening Vulnerabilities Unique vulnerabilities for: Different

Operating System Hardening Vulnerabilities Unique vulnerabilities for: Different operating systems Different vendors Client and server systems Vendors try to correct Attackers try to exploit Security professionals must

620 views • 11 slides
Jonathan Pollet conference Part 1: Control System Vulnerabilities control system vulnerabilities

Jonathan Pollet conference Part 1: Control System Vulnerabilities control system vulnerabilities

Rome, May 31, 2011 Jonathan Pollet conference Part 1: Control System Vulnerabilities control system vulnerabilities > analysis of 5 years of field data Jonathan Pollet, CISSP , CAP , PCIP Red Tiger Security [on behalf of the DHS CSSP

413 views • 20 slides
HOWTO Reminders Basic Vulnerabilities and their Vulnerabilities Exploitation Security Samuel

HOWTO Reminders Basic Vulnerabilities and their Vulnerabilities Exploitation Security Samuel

HOWTO Basic Vulnerabilities and their Exploitation Samuel Angebault HOWTO Reminders Basic Vulnerabilities and their Vulnerabilities Exploitation Security Samuel Angebault staphylo@lse.epita.fr http://lse.epita.fr/ July 18, 2013 Table

969 views • 57 slides
TRENDS IN WEB VULNERABILITIES MICHEL CHAMBERLAND Introduction Agenda Introduction

TRENDS IN WEB VULNERABILITIES MICHEL CHAMBERLAND Introduction Agenda Introduction

TRENDS IN WEB VULNERABILITIES MICHEL CHAMBERLAND Introduction Agenda Introduction Session Goals Presenter and Trustwave SpiderLabs background Analysis Overview Data Source Most frequently found SEVERE vulnerabilities

907 views • 62 slides
The Road Ahead Security Vulnerabilities DoS and D-DoS Firewalls Security

The Road Ahead Security Vulnerabilities DoS and D-DoS Firewalls Security

CS 640: Introduction to Computer Networks Aditya Akella Lecture 25 Network Security The Road Ahead Security Vulnerabilities DoS and D-DoS Firewalls Security Vulnerabilities Security Problems in the TCP/IP Protocol

1.29k views • 13 slides
SpeechMiner: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities

SpeechMiner: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities

SpeechMiner: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities Yuan Xiao, Yinqian Zhang, Radu Teodorescu The Ohio State University SPEculative Execution side Channel Hardware (SPEECH) Vulnerabilities Leverage

512 views • 24 slides
The Beauty and the Beast Vulnerabilities in Red Hats Packages Stephan Neuhaus

The Beauty and the Beast Vulnerabilities in Red Hats Packages Stephan Neuhaus

The Beauty and the Beast Vulnerabilities in Red Hats Packages Stephan Neuhaus <Stephan.Neuhaus@disi.unitn.it> Thomas Zimmermann <tzimmer@microsoft.com> Vulnerabilities are important because fixing them costs a lot of money (2005

1.9k views • 73 slides
Root Canal A new class of SS7 vulnerabilities Agenda SS7 Vulnerable by design

Root Canal A new class of SS7 vulnerabilities Agenda SS7 Vulnerable by design

Outstanding Communications Solutions Root Canal A new class of SS7 vulnerabilities Agenda SS7 Vulnerable by design Acknowledged signalling vulnerabilities The root problem Mitigation The signaling band-aid A new class

787 views • 54 slides
Defending against Memory Corruption Vulnerabilities and Advanced Attacks Gang Tan Penn State

Defending against Memory Corruption Vulnerabilities and Advanced Attacks Gang Tan Penn State

Defending against Memory Corruption Vulnerabilities and Advanced Attacks Gang Tan Penn State University Spring 2019 CMPSC 447, Software Security * some slides adapted from those by Trent Jaeger Overflow Vulnerabilities Despite

901 views • 46 slides
Buffer Overflow overflows Defenses and other memory safety vulnerabilities Buffer overflow

Buffer Overflow overflows Defenses and other memory safety vulnerabilities Buffer overflow

Last time We finished up By looking at Buffer Overflow overflows Defenses and other memory safety vulnerabilities Buffer overflow defenses (and workarounds) Format string vulnerabilities Integer overflow vulnerabilities This time

1.29k views • 80 slides
Vulnerabilities in C/C++ programs Part I TDDC90 Software Security Ulf Kargn Department

Vulnerabilities in C/C++ programs Part I TDDC90 Software Security Ulf Kargn Department

Vulnerabilities in C/C++ programs Part I TDDC90 Software Security Ulf Kargn Department of Computer and Information Science (IDA) Division for Database and Information Techniques (ADIT) Vulnerabilities in C-based languages

633 views • 59 slides
Database Security Threats and Vulnerabilities John Bissonette Aaron McClure Introduction

Database Security Threats and Vulnerabilities John Bissonette Aaron McClure Introduction

Database Security Threats and Vulnerabilities John Bissonette Aaron McClure Introduction Databases are the crown jewels of a business or organization Security is paramount Vulnerabilities grant attackers keys to the

600 views • 14 slides
Dependence in IV-related bytes of RC4 key enhances vulnerabilities in WPA Sourav Sen Gupta 1

Dependence in IV-related bytes of RC4 key enhances vulnerabilities in WPA Sourav Sen Gupta 1

Dependence in IV-related bytes of RC4 key enhances vulnerabilities in WPA Dependence in IV-related bytes of RC4 key enhances vulnerabilities in WPA Sourav Sen Gupta 1 Subhamoy Maitra 1 Willi Meier 2 Goutam Paul 1 Santanu Sarkar 3 Indian

749 views • 30 slides
Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to

Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to

Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to Computer Security Intermission: gdb demo Day 3: Low-level vulnerabilities Basic memory-safety problems Stephen McCamant Where overflows come from

401 views • 8 slides
Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to

Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to

Outline Vulnerabilities in OS interaction Low-level view of memory CSci 5271 Introduction to Computer Security Logistics announcements Day 3: Low-level vulnerabilities Basic memory-safety problems Stephen McCamant Where overflows come from

521 views • 9 slides
Network and Internet Vulnerabilities Computer Security Lecture 9 David Aspinall School of

Network and Internet Vulnerabilities Computer Security Lecture 9 David Aspinall School of

Network and Internet Vulnerabilities Computer Security Lecture 9 David Aspinall School of Informatics University of Edinburgh 24th February 2014 Outline Introduction Network and transport-level vulnerabilities Higher-level protocol

1.01k views • 88 slides
Exploiting Memory Corruption Vulnerabilities in the Java Runtime Joshua J. Drake Inaugural

Exploiting Memory Corruption Vulnerabilities in the Java Runtime Joshua J. Drake Inaugural

Exploiting Memory Corruption Vulnerabilities in the Java Runtime Joshua J. Drake Inaugural DerbyCon October 2 nd 2011 About the Presenter Joshua J. Drake, aka jduck Employed with Accuvant LABS Research Vulnerabilities &

750 views • 45 slides
Objectives Objectives 1. Define vulnerabilities prevalent among 1. Define vulnerabilities

Objectives Objectives 1. Define vulnerabilities prevalent among 1. Define vulnerabilities

2/25/2017 What Can Geriatrics Teach Us About the Care of Vulnerable Patients? I have nothing to disclose Anna Chodos MD Assistant Professor Director, ZSFG Geriatrics Consult Clinics These slides heavily adapted from Helen UCSF February 25,

422 views • 11 slides
Programming Language Vulnerabilities within the ISO/IEC Standardization Community Stephen

Programming Language Vulnerabilities within the ISO/IEC Standardization Community Stephen

Programming Language Vulnerabilities within the ISO/IEC Standardization Community Stephen Michell International Convenor JTC 1/SC 22 WG 23 Programming Language Vulnerabilities Canadian HoD to ISO/IEC/JTC 1SC 22 Programming Language

557 views • 27 slides
ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through

ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through

ISO/IEC JTC 1/SC 22/WG 23 N0192 ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore, Secretary June 2009 1 The Problem Any programming

367 views • 26 slides
Cybersecurity Status regarding traditional vulnerabilities Some grand

Cybersecurity Status regarding traditional vulnerabilities Some grand

Topics Cybersecurity Status regarding traditional vulnerabilities Some grand challenges IT and counterterrorism Some legal and regulatory issues Ed Lazowska Security in open vs. closed systems IT & Public

301 views • 7 slides
Wh What t abou out t th the e sof oftw twar are? e? How many security vulnerabilities

Wh What t abou out t th the e sof oftw twar are? e? How many security vulnerabilities

Wh What t abou out t th the e sof oftw twar are? e? How many security vulnerabilities are there in the software implementing all this smart grid functionality and the underlying protocols? Erik Poll Radboud University Nijmegen Moti

351 views • 33 slides

More recommend