Attacks Phases
Escalation of goals and privileges.
Public knowledge opens doors to private information and access to protected domains [Infiltration].
The first illicit access to a protected domain may not provide a relevant outcome.
The attacker must acquire more knowledge [Learning].
The additional knowledge allows to access other secure domain zones/devices/data with increasing relevance [Propagation].
At any phase, the attacker may require additional knowledge [Learning].
When a relevant outcome is acquired it must be transferred outside of the protected domain [Exfiltration].
Direct exfiltration may denounce the relevant points inside of the secure domain.
The relevant outcome must be first transferred inside the protected domain to a less important point [Aggregation].
The attacker chooses a point that may be detected and lost without harm.
Technical Network Vulnerabilities
Software
Applications.
Frameworks/API.
Protocols.
Operating Systems.
Kernel, kernel modules, drivers, and base applications.
Configurations!
Hardware
Physical tempering.
Physical emissions.
Electromagnetic emissions, sound, ...
Power stability, Electromagnetic Pulses (EMP), etc ...
Known vs. Unknown
CVE.
IDS/IPS and antivirus databases.
Last updated