Vulnerabilities, Exploits, and Threat Actors Flashcards
Vulnerabilities, Exploits, and Threat Actors (30 cards)
What is a vulnerability in cybersecurity?
A weakness in a system, software, or configuration that can be exploited by a threat actor.
What is an exploit?
A piece of code or method used to take advantage of a vulnerability to gain unauthorized access or control.
What is CVE?
Common Vulnerabilities and Exposures, a publicly disclosed list of known vulnerabilities.
What is CVSS?
Common Vulnerability Scoring System, used to rate the severity of vulnerabilities on a scale from 0 to 10.
What is a zero-day vulnerability?
A vulnerability unknown to the vendor and the public, often exploited before a patch is available.
What is privilege escalation?
Exploiting a flaw to gain higher access permissions than originally granted.
What is buffer overflow?
An exploit that overwrites memory beyond buffer limits, potentially allowing code execution.
What is remote code execution (RCE)?
An exploit that allows attackers to execute code on a remote system without authorization.
What is SQL injection?
A vulnerability that allows an attacker to manipulate SQL queries to access or modify data.
What is cross-site scripting (XSS)?
An exploit where attackers inject malicious scripts into web pages viewed by others.
What is command injection?
Exploiting a system to execute arbitrary OS-level commands.
What is the purpose of a security patch?
To fix known vulnerabilities and prevent exploitation.
What is an exploit kit?
A toolset used by attackers to deliver exploits targeting common vulnerabilities.
What is vulnerability chaining?
Using multiple vulnerabilities together to achieve greater access or impact.
What is a Proof of Concept (PoC) in exploit development?
A demonstrative code or method showing how a vulnerability can be exploited.
Who are threat actors in cybersecurity?
Individuals or groups that pose a threat by performing or facilitating cyberattacks.
What are nation-state actors?
Government-sponsored threat actors engaging in espionage or sabotage.
What are script kiddies?
Inexperienced attackers who use pre-made tools or scripts to perform basic attacks.
What is an insider threat?
A threat originating from within an organization, such as an employee or contractor.
What are hacktivists?
Threat actors motivated by political or social agendas.
What is a cybercriminal group?
Organized groups aiming for financial gain through cyberattacks.
What is an Advanced Persistent Threat (APT)?
A prolonged, targeted attack by skilled threat actors, often state-sponsored.
What is a TTP in relation to threat actors?
Tactics, Techniques, and Procedures used by attackers.
What is threat attribution?
Identifying the responsible party behind an attack, often using intelligence and forensic data.
