Attacks and Vulnerabilities

What is a cyberattack?
A cyberattack is an offensive act to make a computing device function maliciously with the
intent to steal user credentials, gain unauthorized access to a target system, disrupting services
and many other intentions.
What is a vulnerability?
A vulnerability is a flaw, a loophole, or an error that can be used to violate the security policy of
an organization.
- Types of Vulnerabilities
o Operating system flaws
o System misconfigurations
o Outdated or unpatched software
o Default or weak credentials
What is a threat?
A threat is an incident, man-made or natural that can have a negative impact on an organization.
What is an exploit?
A piece of code used to execute an attack against an application that appears to be vulnerable.
- Server-Side Exploit
o Loal – exploit requires access to a system and usually to increase privileges.
o Remote – exploit works over a network and does not require access to the
system.
- Client-side Exploit – exploit a user application and may require user interaction;
therefore, can be combined with social engineering.
How to prevent a cyberattack?
- Ensure that your system is up to date.
- Use strong passwords with different combinations of upper and lowercase letters,
numbers, and special symbols.
- Avoid clicking on suspicious links or opening suspicious email.
- Use a VPN to avoid a MITM attack.
- Install antivirus and good antivirus software.