Most cyber-attacks happen because vulnerabilities in system or application software. Buffer Overflow, SQL Injection, Code/OS Command Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery and Race Conditions are very common vulnerabilities. (Refer to both NIST/DHS and MITRE databases of common vulnerabilities (http://nvd.nist.gov/cwe.cfm; http://cwe.mitre.org/top25/).) For this conference, explain what a specific vulnerability is, describe a famous attack that leveraged it (For example, the Morris worm leveraged the buffer overflow vulnerability), and how it can be prevented/minimized. Your post can either discuss a vulnerability that has not been discussed, or expand upon what someone has already posted. I encourage multiple postings by an individual. Try not to repeat what is already posted.
Vulnerability
Vulnerability is a digital security term that alludes to an imperfection in a framework that can leave it open to assault. A powerlessness may likewise allude to a shortcoming in a PC framework itself, in a lot of methods, or in anything that leaves data security presented to a danger
Different example of vulnerability are:
One such vulnerability is :- Missing capacity level access control
This is basically an approval disappointment. It implies that when a capacity is approached the server, appropriate approval was not performed. A great deal of times, designers depend on the way that the server side created the UI and they imagine that the usefulness that isn't provided by the server can't be gotten to by the customer. It isn't as basic as that, as an aggressor can generally fashion solicitations to the "covered up" usefulness and won't be hindered by the way that the UI doesn't make this usefulness effectively open. Envision there's a/administrator board, and the catch is possibly present in the UI if the client is really an administrator. Nothing shields an aggressor from finding this usefulness and abusing it if approval is absent.
Attack due to this vulnerabilty :-
In 2019 , due to vulnerabilty Missing capacity level access control , there was a data breach in facebook and around 540 million records were leaked and this was due to vulnerabilty of Missing Data Authentication in their system. It proved that due to a small mistake could result in such a huge data loss and hence brings company's reputation down.
Preevention :-
Most cyber-attacks happen because vulnerabilities in system or application software. Buffer Overflow, SQL Injection, Code/OS Command...