csss5220week_4Article

docx

School

Webster University *

*We aren’t endorsed by this school

Course

5220

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

1

Uploaded by AdmiralGalaxy8674

Report
1. What type of attack was this and which attacker group were responsible? • The 2019 Capital One data breach was the result of a "Server-Side Request Forgery" (SSRF) attack • The attacker responsible for the breach was Paige A. Thompson, a former cloud hosting firm employee. 2. What was the software name and the vulnerability/weakness which led to the data breach? • The software name implicated in the event was not explicitly stated in publicly accessible reports. • The data breach was caused by a misconfigured firewall in Capital One's web application, which permitted SSRF assaults. 3. What was the CVE number, CVSS score, and severity of the vulnerability used to breach the network? • There was no precise CVE number or CVSS score connected with the vulnerability reported in publicly available sources. • The vulnerability's severity was serious since it permitted the attacker to access sensitive customer data. 4. How many companies were impacted by the data breach? • The incident primarily hit Capital One, but it also sparked worries about cloud security procedures in general, possibly impacting other firms that hold sensitive data in comparable cloud systems. 5. How did the company find out they were breached? • On July 19, 2019, Capital One detected the compromise when a security researcher disclosed the SSRF vulnerability to the firm. An anonymous email provided to Capital One sparked the FBI's investigation, which resulted in Paige A. Thompson's arrest. 6. What actions would you take to mitigate such a type of attack? To minimize SSRF attacks and other related vulnerabilities, companies should take the following steps: Review and update security configurations on a regular basis to avoid misconfigurations. Put in place strict access restrictions and monitoring to identify unwanted access. Inform staff on best security procedures. Conduct security audits and penetration testing on a regular basis. Put in place robust authentication and authorization methods. Constantly monitor network traffic for unusual activity. Improve cloud security controls and standards.
Discover more documents: Sign up today!
Unlock a world of knowledge! Explore tailored content for a richer learning experience. Here's what you'll get:
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Lab 10_Sandbox.docx
Bondy Unit 1 Text Depiction (1).pdf
Screen Shot 2023-12-04 at 7.50.58 PM.png
HITT Review 9.docx
csss5220week_3_article.docx
csss5220_midterm.docx
CSSS_5220_01.docx
Mondla_csss5220_chapter_4.docx
CYB227 Week 4 Paper.docx
week 7 key terms.docx
Module 10 Group Assn Summary.docx
northwind.docx