Whiteboard Wednesday:

Common Vulnerabilities: Halloween Edition

October 31, 2018

Justin Buchanan, Solutions Manager for Vulnerability Management and Offensive Security, walks through 4 common vulnerabilities—MS08-067, SQLi, Spectre (and Meltdown), and EternalBlue by personifying them as popular Halloween costumes. Understand how these vulnerabilities operate and how they should be perceived in today’s cybersecurity landscape.

Video Transcript

Hi and welcome to this week's Whiteboard Wednesday, and Happy Halloween. My name's Justin Buchanan, Solutions Manager for Vulnerability Management and Offensive Security Products here at Rapid7. Today we're going to talk about common vulnerabilities as personified by Halloween costumes.

The first vulnerability that we're going to talk about is MS08-067. A buffer overflow vulnerability known for its ability to provide unauthenticated remote code execution and for its involvement in the spread of the Conficker worm. Released in 2008, this vulnerability has been around for a long time, and it's an old classic, just like taking a white sheet and throwing it over your head and saying, "I'm a ghost." Similar to having a white sheeted ghost lurking around in your environment, having MS08-067 in your environment today is also still very scary.

The next vulnerability is SQL injection (or SQLi). A code injection technique that uses the input field of an application to view or manipulate the contents of the database. Commonly found in penetration tests the world over, as exhibited by Rapid7's Under the Hoodie Report, but also commonly found in general because it is one of the most used web hacking techniques. As a result, you're going to see SQLi everywhere because it's easy and it's for those that are maybe feeling a little bit lazy about their Halloween costume. As a result, we're going to see our friends that are dressed up as mice, our friends that are dressed up as angels, and maybe me and my Halloween costume, where this year, I'll be a lumberjack.

The next vulnerability is Spectre. A vulnerability that impacts computer chips, giving low level users access to sensitive information. It's like when you go to a Halloween party and you walk in and you see your friend and they're just as a smurf, and then you look around and you see another smurf, and another smurf, and it's this giant group costume of smurfs. All of my friends are smurfs. All of the different processor types are impacted. That's horrifying. And also, a special shout out to Spectre and Meltdown for being the awkward couple's costume of this year's Halloween.

We wrap up todays spooktacular extravaganza with EternalBlue. An SMB vulnerability popular for its involvement with the spread of the WannaCry worm. The new fad, EternalBlue, is the thing that everybody is going to be using right now. It's going to be like dressing up as 11 to go to your Halloween party this year. It's cool this year. It probably won't be next year.

Well, that's all the time that we have for today. I hope that these vulnerabilities don't continue to haunt you in your environment. Thanks for watching. See you next week.

Assess Your Environment for Common Vulns

Try InsightVM to assess for common or critical vulns like EternalBlue—free for 30 days.

Try Now

Quick Guide: Securing Against Critical Vulnerabilities

Learn how to discover, assess, and remediate new and critical vulnerabilities with InsightVM.

Read More

Ready to try InsightVM?