OWASP Top 10

OWASP stands for Open Web Application Security Project and it is an international non-profit organization that works towards improving the security of software. OWASP has chapters worldwide including tens of thousands of members and through community-led open-source projects, they work to make the web more secure. All of the materials including documentation, tools, and videos are freely available on their website. One of the well-known projects of them is the OWASP Top 10. 

OWASP Top 10 is a regularly-updated report containing the top 10 most critical risks for web application security. It is a standard web application security awareness document which is really important for developers. This document is compiled by a well-qualified team of security experts. It is recommended for companies to refer to this document when developing web applications to minimize security risks. OWASP Top 10 is a very good initiative for writing more secure code ensuring information security in organizations. There are ten security risks for web applications reported in this OWASP Top 10 report. 

1. Injection: Different injection attack types like SQL injections, LDAP injections, NoSQL injections happen when untrusted data is sent to the interpreter as a part of the query or the code. If an attacker inserts SQL code into a form input and if these form inputs are not properly secured then there is a risk of that SQL code being executed. This is an example of SQL injection. These types of injections can be avoided by sanitizing or validating the form inputs before sending them to the backend. 

2.  Broken Authentication: Authentication is validating the identity of users allowing only authorized users to access the systems. If authentication is not properly implemented it will allow the attackers to compromise passwords, tokens, or keys. Two-factor authentication is one of the mechanisms that can be used to mitigate authentication vulnerabilities. 

3. Sensitive Data Exposure: If sensitive information such as financials, healthcare, and military are not properly protected in web applications and APIs, they can be stolen by attackers using them to do credit card frauds and other types of cybercrimes such as identity theft. 

4. XML External Entities (XEE): Poorly configured XML processors are vulnerable to attacks as they can reverence an external entity. Attackers try to exploit this vulnerability by ding data to unauthorized eternal entities. 

5. Broken Access Control: Broken access controls allow attackers to bypass authorization and perform tasks as though they were privileged. 

6. Security Misconfiguration: Displaying default configurations or displaying excessively verbose errors can be a vulnerability. This can be mitigated by removing unused features and making sure that the error is more general. 

7. Cross-Site Scripting: If the web applications allow the users to add custom code to URL paths then it can be a vulnerability. This can be exploited to run malicious javascript code on the victim's browser. 

8. Insecure Deserialization: This threat targets the many web applications which frequently serialize and deserialize data. Insecure deserialization often leads to remote code execution

9. Using Components With Known Vulnerabilities: Most web application developers use components like frameworks and libraries. These components will help the developers by minimizing redundant work. But the disadvantage of these components is that the attackers try to use vulnerabilities in these components. 

10. Insufficient Logging And Monitoring: Many web applications do not have a proper mechanism to detect data breaches. If there is not an efficient logging and monitoring process then it will allow attackers to further attack systems. Therefore it is crucial to have proper logging and monitoring mechanisms in web applications. 

REFERENCES

https://owasp.org/www-project-top-ten/

Cyberattack Techniques in the Modern World

A cyberattack is an assault launched targetting computer systems and networks. In the modern world, there are a variety of techniques and attack types used by hackers to achieve their objectives. 

Malware 

Malware is a malicious piece of software that is specifically designed to collect information or to damage a computer system by gaining unauthorized access. Examples of modern malware include WannaCry and HenBox. Wannacry is a ransomware attack that infected around 250,000 windows computers worldwide in 2017. The damage caused by Wannacry is estimated at around US$5 Billion. HenBox typically appears as a legitimate Android system and VPN apps, and sometimes embeds legitimate apps. The main goal of the HenBox apps is to spy on those who install them.

 There are several types of malware which include,

1. Viruses:  This is a special type of malware that is self-replicating. First, it needs to be executed by a user or a process  to infect the host system
   
2. Worms: Unlike viruses, worms do not need to be executed by a user or a process to infect the host system. Worms usually target the computer networks spreading rapidly through replication. 
3. Trojan horses: Malware that is disguised as a harmless program, but actually gives
   attackers elevated proviledge and full control of an endpoint when installed. Unlike other types of malware types, trojan horses are not self-replicating 
4. Ransomware: Malware that locks a computer or device or encrypts data  on an infected endpoint with an encryption key that only the attacker knows, thereby making the data unusable until the victim pays a ransom 
5. Back doors: This type of malware allows an attacker to bypass authentication to gain unauthorized access to a compromised system 
6. Logic bombs: Logic bombs are a special type of malware that is triggered when a specific condition is met (Like a special date) 
7. Rootkits: This type of malware allows the attackers to get root-level access to a computer. Usually, rootkits are installed to BIOS of a computer. This prevents operating system level security tools from detecting them.  

Spamming and phishing  

Spam and phishing emails are the most common methods of delivering malware. The volume of

spam email as a percentage of total global email traffic fluctuates widely typically from 45 to 75 percent. In contrast to spam phishing attacks, are becoming more sophisticated and difficult to identify.

Spear phishing is a targeted phishing campaign that appears more credible to its victims by

gathering specific information about the target, and thus has a higher probability of success.

Bots and botnets

Bots are individual endpoints that are infected with advanced malware that enables an attacker to take control of the compromised endpoint. A botnet is a network of bots working together under the control of attackers. In a botnet, advanced malware works together toward a common objective, with each bot growing the power and destructiveness of the overall botnet. The botnet can evolve to pursue new goals or adapt as different security countermeasures are deployed. Botnets themselves are dubious sources of income for cybercriminals. Botnets are created by cybercriminals to harvest computing resources. Control of botnets can then be sold or rented out to other cybercriminals.

REFERENCES

https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/
https://www.checkpoint.com/cyber-hub/cyber-security/what-is-cyber-attack/