Fearless

February 12, 2024

image Photo by Rami Al-zayat on Unsplash

Spent all my holding it closely, I played it innocent, a feel of discontent. I’m finally facing it all, fearless.

Hey folks, This is the part-18, days are moving pretty fast these days. Make them count by doing something you like, It doesn’t always have to be on academics, pursue your interests. Let’s get straight into our topics for today!

  • Compromised Infrastructure Like the name suggests, the infrastructure can be compromised. The compromised infrastructure can pave the way for a set of other linear attacks, the attackers can do almost everything If they have the control of the entire infrastructure, coming from employee details to company digital assets, bank information etc. How does it get compromised in the first place? Lack of employee training, not following recommended security measures and no appropriate security departments can be a good reason. Surprisingly little mistakes can cause big problems for the company, those little mistakes can be not spending enough money on improving security services, not upgrading network security from time to time, even a minor thing such as audit and reviews. These little things can cause big ruckus for the company. Being cyber safe and always being up-to-date with latest cybersecurity threats and technologies can be a benefit. 2. Compromised Domains What’s a domain? a domain can be a web-application which is controlled by a company to maintain their services and their usual routine tasks, as we all know having a website is good for business, It attracts customers and clients. But It has some flaws too, when a domain has been compromised by an attacker, It can be used to spread malware to the devices(mostly in the form of legit looking services), It can be used to redirect the user into another phishing page(where the user is tricked to enter their credentials), It can be a part of service disruption mostly done to blackmail the company to listen to their demands($$) and many more which I won’t be covering for today. How do they get compromised? For that we can explore many web-based attacks such as SQL injection, XSS(cross site scripting), CSRF forgery and many more. Check out this awesome list by owasp. We can minimize those attacks if we can follow the security protocols and enough secure web design practices. While we can do what we should, The security is never guaranteed, we may see a Zero day vulnerability just after we finished upgrading our website to the perfect shape, or even face a supply chain attack from one of the vendors we highly trust. Rest assured, the probability is lower(for the coming 3 or 4 years atleast).
  1. Compromised Virtual Private servers What are these VPMs? VPMs work just like how the traditional server-web hosting does, but in this, the servers are configured in a virtual machine such as vmware, virtual box. Let’s say I host about 10 websites’ servers, I need to configure each one of them regularly and Audit them time-to-time Making sure nothing out of place happens. For this I need a lot of individual systems designed specifically for server management, It’s a lengthy process and a hassle to setup each one of them. For this, we can use the vmware application to create a few virtual machines, instead of 10 individual systems, we now have 3 or 4 after setting them up in vmware, The servers run on linux so they can manage on low ram. Now I can quickly jump from #4 server to #9 without any delay or problems. That’s the small brief description of VPMs, How can these get compromised? Even if they are running on a virtual machine, don’t forget that it acts just like a “shell” , underneath that shell is just a normal system. If the attacker can get through the normal system without getting caught, he may plan for a more Linux-focused exploits(Linux is considered safe because of Its sophisticated file system and security measures). On the mean time, the victim might not be aware of what has been going on. It’s a big deal to hide the process and kill them(easy if you know some bash scripting). A compromised VPM can disclose sensitive information about the company’s infra and it’s server management, It can even let the attacker control its behaviour. It can be used to cause disruption among other servers(if it’s a part of other application’s services), the disadvantage is, if the attacker can compromise one system, all the VPMs inside that system can also be compromised. It might take some time, but these guys won’t be going home empty handed.
  2. Compromised Webservices Web services are a group of functions/processes that help manage and maintain the website. They help by transferring HTTP information securely. Web services can be used to do more tasks such as interacting with other web’s assets, catering the user’s needs while performing or looking up for certain things. So, if they get compromised the services come to a halt giving a huge loss to the company, the attackers can target victims saying that they are trusted persons from the company (to launder money), they can monitor user analytics and the target audience set by the company. If they can fetch a list of personal information from the services, later they can start spamming these new victims. It’s all a kind of Cat and mouse chase.
  3. Compromised serverless webs You might be wondering what this “serverless” term is, We discussed about traditional server hosting above, Now let’s see one without a need of a server. Serverless webs run solely on cloud computing, big companies like Amazon, google had began these services a lot of time ago, It’s all about saving the time to setup these big servers everytime when deploying a new function or feature to the website, We have to update our frontend and backend code and then have to to worry about this server management and the list goes on, if we switch to the serverless, the server is prebuilt on cloud ready to be used and deployed, we can update our code with necessary changes and then immediately launch it to the cloud and then we’re all set. This method is highly useful for companies who work on rapid development and constant scaling of their webs, Just as their benefits, the cons are there too. There is always a risk of cloud account theft or company’s accounts getting compromised due to internal human mistakes. But I believe the security is not to be taken lightly by these providers, Amazon web service Azure cloud, Google cloud for enterprises etc. These big guys use state of the art security infrastructure, that’s for sure. Or They might be using the oldest configurations too, we never know. That’d do for today, I don’t know if i can set that index soon, running late on schedule as always. It’s all good, Gotta try harder. I’ll see you tomorrow.