IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [attacks]

An attempt to exploit a weakness in a system, either for nefarious or research reasons. Questions with this tag should be about designing, carrying out, or defending against the attack itself, rather than about the underlying weakness.

A threat may be thought of as a person or group of people who wish to damage, disable, or extract value from a target system. A weakness is a component of a system which requires less effort to compromise than the rest of the system.

An attack differs from a weakness / vulnerability in that:

  • An attack is a specific instance of exploiting a weakness,
  • launched at a specific time,
  • against a specific target,
  • often using custom tools or payloads designed to exploit one or more vulnerabilities
  • to accomplish a specific goal.
1252 questions
26
votes
1 answer

How do attackers use compromised computers to do things over the internet?

How can an attacker use a compromised computer to do things over the internet? For example, if an attacker infects a PC with a general payload, other than searching through the computers files and changing things, what else can they do? For…
Rideboards
  • 587
  • 6
  • 8
12
votes
4 answers

What is a Shrink Wrap code attack?

On my C|EH course I have heard about term "Shrink Wrap Code Attack", but we've only mentioned it. Now trying to do some research and refresh the topics, I can't seem to find serious description of this attack type. Looking at presentation PDF I…
Alois Mahdal
  • 391
  • 1
  • 5
  • 16
10
votes
4 answers

Real life examples of web site attacks

I've been put in charge of educating developers on web application security. One way I will be doing this is through an explanation of various web attacks (e.g., OWASP top ten). In addition to an explanation of the attack and possible mitigations,…
Jay Lindquist
  • 203
  • 2
  • 6
7
votes
2 answers

Are cars with keyless proximity-based entry protected against range extenders?

Some cars unlock whenever the key fob is within a certain distance. Do such systems generally guarantee the maximum distance in a secure fashion (namely, by requiring the fob to respond within a certain time, thus relying on the speed of light for…
RomanSt
  • 1,220
  • 10
  • 25
7
votes
1 answer

Norse: Cyber Attack Map

This application analyzes web traffic and then beautifully displays attacks on a global map. How does it intercept web traffic so it can analyze it? Isn't web traffic private to everyone except to ISPs and powerful government agency like the NSA?…
burnt1ce
  • 177
  • 1
  • 5
7
votes
10 answers

Contract requires me to work with sensitive IP, severe penalties for loss of data to 3rd parties. Some protection pointers please

Background: The company I will be working for as a consultant has developed IP which could potentially be worth billions. The confidentiality clause in the contract has penalties for breaching the clause which are essentially open ended, a six…
MostlyHarmless
  • 71
  • 1
5
votes
4 answers

Difference between masquerading and replay attacks?

I know that masquerading is to impersonate a false identity and replaying is the same wherein unauthorized person uses the credentials of the authorized one to have the privileges.Then what is the difference between the two terms?
log N
  • 153
  • 1
  • 1
  • 4
4
votes
2 answers

What's a term to describe multiple shoulder surfing attacks to uncover different parts of the password?

Is there an existing term that describes shoulder surfing attacks where the adversary observes a different part of the password each time, to eventually construct the whole password? An example would be focusing on the left part of the keyboard at…
Mohamed Khamis
  • 169
  • 6
4
votes
1 answer

What does the Local exactly mean in CVSS?

CVSS (http://www.first.org/cvss/) provides the keyword local in the base vector. The definition given by FIRST is somehow not so clear for me: Local: Exploiting the vulnerability requires either physical access to the target or a local (shell)…
Phoenician-Eagle
  • 2,237
  • 17
  • 21
4
votes
3 answers

An attack from my Employer

I am working in an ISP company as a junior support specialist. Recently, I have a serious suspicions that one of our "head" stuff member is compromising me by being able to control(see) my traffic.. I think he uses such attacks as: "man in the…
user20823
  • 49
  • 2
4
votes
2 answers

How to check if a program is mining crypto in the background

I noticed a program I recently downloaded cause my CPU usage increase by 30 percent and 80% GPU usage increment in idle state. It is not a GPU intensive program at all. I am worried about it using my computer to mine crypto. Is there a way to check…
John Wang
  • 43
  • 2
3
votes
1 answer

challenge-responce and man-in-the-middle

Is man in the middle attack possible in a typical challenge-response based authentication? For a typical reference one can go through this paper. My question is that is it possible for an intruder to act as server(possibly using DNS spoofing; for…
Vineet Menon
  • 403
  • 4
  • 10
3
votes
1 answer

How to get informed in metasploit when a user does a reverse shell to my computer

I sometimes do reverse shells on metasploit but I'm not sure when my target will actually execute the payload. I would like an alarm of some sort to tell me when he does. this can easily be done in a script. Is there a way for metasploit to execute…
Steve Quezadas
  • 131
  • 1
3
votes
5 answers

Can you tell if your computer was hacked and pictures stolen from 2-6 months ago?

Can a home computer, not wireless, be hacked from the outside and have pictures copied? Can I track and see if that happened?
David Allen
  • 121
  • 1
  • 2
  • 4
3
votes
1 answer

What are the relation (difference and similarities) between Replay attack, reflection attack and relay attack?

What are the relation (difference and similarities) between Replay attack, reflection attack and relay attack? All of them together seems a mess to understand! Are they not MITM?
Mohammad
  • 527
  • 1
  • 6
  • 17
1
2 3 4 5