The Wealth of Knowledge with Ashley J. Oliver: Injection Attacks

Monday, February 10, 2020

Injection Attacks | Remote Code Execution

First and foremost, let’s get straight to the point. Microsoft has identified a vulnerability that exists in their Excel application. This information comes to us (the general public) courtesy of MITRE’s CVE (common vulnerability and exposures). Essentially, the way the attack works is a hacker who has exploited the vulnerability running malicious code as if he or she were the current user. Also, say that user had admin rights – the hacker could completely take control of the system that’s been affected. Once the hacker is in, he or she is in control. There is an array of stuff for him/her to do, but most likely he will install programs, modify or delete important data, even create new accounts with full admin creds (user rights) - which would allow him to grant himself access to the system under a seemingly appropriate alias. If you are an Excel user, I encourage you to install Microsoft’s latest update to ensure that you are protected.

The title of this specific vulnerability is Remote Code Execution, but this is AKA an Injection Attack, and there are many of these types of attacks that exists. An Injection Attack is an exploitation where an attacker can send code to a target system with the aim of altering its processes, and/or corrupting its data set. Many exist, but one of the most common is a SQL Injection, which is an attack that stays in business by relying on SQL query statements and gathering information about your system’s database structure from those errors.

This is actually one of the most common web-based hacking practices. Not to mention, that code inject could potentially destroy your entire database. Me specifically, I like to respond to spam texts with SQL Injections – because you shouldn’t bring a knife to a gun fight. Among other injection attacks we have XSS (Cross Site Scripting) which is not as much of a risk as SQL Injections because XSS targets customers and visitors to websites, whereas SQL injections target organizational assets.

Join my next Webinar to learn more about Code Injections including SQL Injection in more detail, XSS Cross Site Scripting, Command injections, HTML Injections, Code Injections and File Injections! And remember to patch your systems!

No comments:

Post a Comment

Guest - Ashley Oliver - Cybersecurity, Cash, and You

Even though these are huge advances to the technology community, we still have to be concerned and be aware of the cyber risks that are imposed because if we're not, then we're gonna just make ourselves a target for those types of attacks. Kelly and Karin chat with Ashley Oliver, Syracuse's resident cybersecurity Subject Matter Expert, about her AVR of choice, the upcoming 5G network in Syracuse, and how to get started on a career in cybersecurity. We also discuss ethical hacking, penetration testing, and the difference between antivirus and malware protection. Connect with Ashley LinkedIn | Instagram Read Ashley's latest blog post on polymorphic viruses here Want to learn more about 5G?