adam's notes

Message-Based Vectors

  • common when using file-based lures
  • any features that allow direct messaging to network users must be considered as part of the potential attack surface:
    • Email
      • attacker sends a malicious file attachment via email, or via any other communications system that allows attachments
      • uses social engineering to persuade user into opening the file
    • SMS
      • file or a link to the file is sent to a mobile device using the text messaging handler built into smartphone firmware and a protocol called Signaling System 7 (SS7)
      • SMS and SS7 have numerous vulnerabilities
      • org is unlikely to have any monitoring capability over SMS
        • it is operated by the handset or SIM card provider
    • Instant Messaging (IM)
      • often use encryptoin
        • can make it difficult for an organization to scan messages and attachments for threats
    • Web and Social Media
      • malware may be concealed in files attached to posts or presented as downloads

Info

The most powerful exploits are zero-click.

  • Most file-based exploit code has to be deliberately opened by the user
  • Zero-click means that simply receiving an attachment or viewing an image on a webpage triggers the exploit

Graph View

Backlinks