Everything you need to know to understand CyberLite Issue 5. Read the issue here.
Ransomware: Ransomware blocks access to a computer system until a sum of money is paid. It does this by encrypting all of the victim’s files. It’s increasingly common for criminals to now threaten to leak the files they’ve encrypted online to further encourage victims to pay the ransom.
Domain: A distinct subset of the internet with addresses sharing a common suffix or under the control of a particular organization or individual. For example, google.com is a domain, and drive.google.com is part of the google.com domain.
Phishing: Phishing is a method of trying to gather personal information using deceptive e-mails and websites.
Cross-Site Request Forgery: CSRF is a type of web flaw that allows an attacker to trick web browsers into performing malicious, unauthorized commands. Typically, CSRF attacks are carried out by attackers with a link sent to the victim – and using social engineering to persuade them to click on it. When victims click on the link, they are inadvertently sending a forged request to a server – resulting in the attacker being able to perform various commands.
In this week’s case, attackers could create a link that forced the NextGen Gallery plugin to upload a photo to the victim’s site - they could then embed their own malicious code into the photo that would run on users’ computers whenever they visited the site. Attackers just needed to use social engineering to get the admin of the site to click-on their malicious link.
Buffer Overflow: A buffer is a memory storage region that holds data that is being used temporarily. A buffer overflow occurs when the volume of data exceeds the capacity of the buffer. This can cause processes to crash and behave in unanticipated ways.
In some cases it can be exploited by attackers to execute their own code. When an attacker overflows a buffer by inserting too much data it will start to overwrite the data that is next to the buffer - if this memory contains code that is being executed by the processor then overwriting it will cause the attacker’s code to be executed instead. This type of vulnerability occurs most prominently in the C programming language. When a developer creates a buffer but doesn’t set “bounds” or checks on what can be inserted into it.