Types of Cyberattack, Specific Risks and How to Mitigate those Risks
Please note that the list of cyberattack types is distributed by the Canadian Centre for Cyber Security and the means to mitigate is provided by third parties. This information is not meant to be exhaustive and Skyway West is not responsible for omissions or mistakes.
What is the Huawei HG532 router Vulnerability, what is the risk and how can you mitigate that risk?
What is it? A weakness has been identified in the Huawei HG532 router. This weakness has been observed being exploited “in the wild.” The source code for this exploit has been published, increasing the risk of copy-cat threats. Why is it a risk? An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead ...What is the Scanner Vulnerability, what is the risk and how can you mitigate that risk?
What is it? A honeypot is a trap intentionally set to attract malicious software or users. A simple example is a form field on a web page labelled “User Name” but which is rendered invisible when displayed on the screen. A computer scanning the page will fill this field in, but a human will not. A scanner ...What is the Exposed Service Telnet Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Telnet allows a user to open a command terminal on a remote computer or device and execute commands. Telnet runs on port 23. Telnet is primarily used to log in to a remote server, but it can also be used to log in to routers and other network devices. Why is it a risk? When ...What is the exposed service VNC RDP vulnerability, what is the risk and how can you mitigate that risk?
What is it? Virtual Network Computing (VNC) is a platform-independent remote desktop control system. There are numerous VNC implementations (LibVNC, TightVNC, UltraVNC, etc.) which run on Windows, Linux, macOS, iOS, Android and other operating systems. VNC uses port 5900 or 5800. VNC is used for work-from-home scenarios and for remote troubleshooting and maintenance by IT professionals. Why is ...What is the Exposed Service SSL enforced TCP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Remote Desktop Protocol (RDP) allows a remote computer to take control of a computer in your network. RDP comes pre-installed for Microsoft Windows but can also be used with Apple OSX computers. RDP is used by many to work-from-home; it’s also used by IT support departments to perform remote maintenance and troubleshooting. RDP ...What is the Exposed Service SMB Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Server Message Block (SMB), also called Common Internet File System (CIFS) allows Microsoft Windows computers to share files, serial ports and printers across a network. SMB uses ports 139 or 445. The UpGuard link below provides background on the protocol and how it works. Why is it a risk? Version 1.0 of SMB contains a ...What is the Exposed Service RDP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Remote Desktop Protocol (RDP) allows a remote computer to take control of a computer in your network. RDP comes pre-installed for Microsoft Windows but can also be used with Apple OSX computers. RDP is used by many to work-from-home; it’s also used by IT support departments to perform remote maintenance and troubleshooting. RDP ...What is the Exposed Service PostgreSQL Wire Protocol Vulnerability, what is the risk and how can you mitigate that risk?
What is it? PostgreSQL’s wire protocol ensures persistent, long-lived connections that are crucial for client-server communication in database operations. Why is it a risk? Port 5432 of your server is exposed to the internet. This may allow attackers to gain access to your database. How can you mitigate the risk? If you do not actually need to access your database ...What is the Exposed Service MDNS Vulnerability, what is the risk and how can you mitigate that risk?
What is it? The Domain Name System (DNS) is a network of computers that convert web addresses like “google.com” into Internet Protocol (IP) addresses like 192.168.0.1. The client computer connects to a DNS server and asks for the IP address of “google.com” and gets an answer back. Multicast DNS (mDNS) does the same thing but in a ...What is the Exposed Service LDAP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Lightweight Directory Access Protocol (LDAP) allows remote users to lookup directory data. An LDAP Directory usually contains information about users, but may also contain data about printers, servers, conference rooms, other equipment, etc. LDAP is the protocol used to access the proprietary Microsoft Active Directory. Although LDAP is not Active Directory specific, most exposed ...What is the Exposed Service IPP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Internet Printing Protocol (IPP), as its name implies, allows computers and mobile phones to send print jobs to a printer connected to the network. It is the basis for a number of proprietary network printing services like AirPrint, IPP Everywhere and Mopria Alliance. IPP not only allows queueing of jobs to be printed, but ...What is the Exposed Service CWMP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? CPE WAN Management Protocol (CWMP, also known as TR-069) allows a remote computer to manage broadband routers, VoIP phones, etc. If Universal Plug and Play (UPnP) is supported and configured, CWMP can be used to manage devices inside the local area network. By default, CWMP uses ports 7547-7550. A Man in The Middle (MiTM) ...