Questions tagged [threats]
An actor, usually a person, who may attempt to exploit a vulnerability of an exposed system.
104
questions
1
vote
0
answers
39
views
Authenticating via device
I want to authenticate users based on their devices. Basically, when a user deletes my app, I want to make sure that their local storage is independent of who they are, so that they do not evade a ban ...
0
votes
1
answer
135
views
Difference between "circumstance" and "event" in the definitions of threat
On the Wikipedia page of threat (in textbooks too) various definitions are given where almost all agree in defining a threat as a "circumstance or event".
I'm having trouble understanding ...
0
votes
0
answers
96
views
Could a public IP with blocked public inbound/outbound traffic be a risk?
If we have a device that for some reason needs a public IP address and if at the same time the device should only be accessible from within a private network: Could the fact that the public IP of the ...
0
votes
0
answers
120
views
Is there any increase to known security risks by mounting the EFI System Partition, on a Windows 10 PC?
Security risks, as in malware, attackers, or known vulnerabilities.
Threats while the ESP is mounted, or after unmounting. E.g. Could it open access routes for future attackers. I aim to avoid ...
0
votes
1
answer
133
views
Attract Traffic on my Honeypot [duplicate]
I have deployed a low-interaction honeypot on my ec2 aws instance but I am not receiving any traffic. Where can I share the URL so that I can get more traffic especially from automated bots.
1
vote
1
answer
196
views
Why does threat model STRIDE only have six threat categories?
I know STRIDE (from Microsoft) stands for Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege.
How did Loren Kohnfelder and Prakrit Garg deduce ...
1
vote
1
answer
114
views
Static react native app security issues
I am creating a react native mobile application using Expo. This app simply renders information - there is no data collection or entry, no user accounts, no database (other than JSON storage). There ...
0
votes
2
answers
2k
views
What exactly is Application.Hacktool.AMZ?
I have been using Windows Product Key Viewer for ages to read current Windows' serial number. I had never any hack- or virus-related issue about this application.
A few days ago I have installed ...
1
vote
0
answers
592
views
Do anti-cheat software actually "patch" the UEFI firmware on your motherboard?
I've recently read about the new game called Bloodhunt containing an Anti-Cheat, which had a bug, in which the anti-cheat service would stay installed even though the game is removed. The top Steam ...
0
votes
1
answer
154
views
How to use pre-existing threat catalogue to determine if a certain system is vulnerable?
There are many risk assessment guidelines such NIST800-30 and ISO 27005 that provide a catalogue of known threats as reference. Using a qualitative approach, I selected one threat events catalogue and ...
3
votes
2
answers
1k
views
How to estimate threat and risk associated with that threat and not only vulnerability severity?
Having this simple formula Risk = Threat x Vulnerability x Information Value it is quite difficult to estimate risks quantitatively because of threat estimation seems to me the most difficult part.
I ...
2
votes
1
answer
2k
views
What is the difference between ATT&CK and CAPEC?
My question is on Cyber Threat Intelligence (CTI). I want to know the difference between Attack Patterns (as in MITRE CAPEC) and Tactics, Techniques and Procedures (as in MITRE ATT&CK). They both ...
1
vote
1
answer
6k
views
What is the difference between "local" and "Adjacent" threat agents?
I am using CVSS to do the vulnerability assessment for my project.
As per documentation here is the definition of local and adjacent
Adjacent (A) The vulnerable component is bound to the network ...
0
votes
1
answer
213
views
Insider threats vs. insider attacks
I understand that a threat is a possible security violation that might exploit the vulnerability of a system, and a attack is an action on a system that harms the organisation in some way. Therefore, ...
1
vote
2
answers
381
views
Secure a virtual machine during a lab exercise
I recently started the Offensive Security AWAE course.
On their connectivity guide page, they warn about the hazards of connecting to their labs:
you will be exposing your computers' VPN IP to other ...