github
/
developer-roadmap
mirror of https://github.com/kamranahmedse/developer-roadmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Roadmap to becoming a developer in 2022
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4902 Commits
209 Branches
4 Tags
445 MiB
 
 
 
 
 
Tag: Branch: Tree: 052236ded3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '052236ded3'
${ noResults }
developer-roadmap/src/data/roadmaps/cyber-security/content/privilege-escalation@cvI8-s...

2.2 KiB
Raw Blame History

Privilege escalation / User based Attacks

Privilege escalation attacks occur when an attacker gains unauthorized access to a system and then elevates their privileges to perform actions that they should not have been able to do. There are two main types of privilege escalation:

  • Horizontal Privilege Escalation: In this type of attack, an attacker gains unauthorized access to a user account with the same privilege level as their own, but is able to perform actions or access data that belongs to another user.

  • Vertical Privilege Escalation: Also known as "Privilege Elevation," this type of attack involves an attacker gaining unauthorized access to a system and then elevating their privilege level from a regular user to an administrator, system owner, or root user. This provides the attacker with greater control over the system and its resources.

To protect your systems and data from privilege escalation attacks, consider implementing the following best practices:

  • Principle of Least Privilege: Assign the minimum necessary access and privileges to each user account, and regularly review and update access permissions as required.

  • Regularly Update and Patch Software: Keep your software and systems up-to-date with the latest security patches to address known vulnerabilities that could be exploited in privilege escalation attacks.

  • Implement Strong Authentication and Authorization: Use strong authentication methods (e.g., multi-factor authentication) and ensure proper access controls are in place to prevent unauthorized access to sensitive data or system resources.

  • Conduct Security Audits: Regularly check for any misconfigurations, vulnerabilities or outdated software that could be exploited in privilege escalation attacks.

  • Monitor and Log System Activities: Implement logging and monitoring systems to detect suspicious account activities or changes in user privileges that may indicate a privilege escalation attack.

By understanding the types of privilege escalation attacks and following these best practices, you can create a more secure environment for your data and systems, and reduce the risk of unauthorized users gaining unrestricted access.