Common Vulnerabilities

Addressing common vulnerabilities

Critical vulnerabilities are a major security concern. The moment such a vulnerability is discovered, notices and patches should be quickly worked on so that the damage is minimized. Vulnerabilities dealing with authentication and authorization are especially devastating; harvesting classified data from an organization’s system (and then releasing it to the public) often spells its doom. Therefore, it’s necessary to devise measures that ensure that even if a hacker gains access to a system, unless they perform stealthy privilege escalation, they won’t be able to perform decent recon or cause much harm.

A rigid user policy and MFA checks are often enough to deter less crafty attackers. Still, it’s important to know about certain attack vectors, so let’s take a look at them.

Broken authentication

This vulnerability becomes a serious possibility when users are allowed to log in to a system without proper credentials. For example, if we have a user who wants to access a web application with a username and a password, then it’s likely that the credentials are stored in some database. Normally, as users log in, the system confirms whether the credentials entered match with those stored in the databases, and if a match is found, then the user gets logged in successfully. A session identification number is given to the user that allows them to access and interact with the web application, often for a set time.

However, if the configuration is not done correctly, then a cybercriminal can try one of the following general approaches.

Credential stuffing

Credential stuffing is when an adversary tries known login credentials they’ve collected from elsewhere in order to brute force the system. This is often carried out after first compromising more critical systems in order to loot the credentials. Hackers usually exacerbate the attack by employing botnets, which can then also result in a new botnet.