Exploit

Full Title

An Exploit is a malicious implementation of code that takes advantage of a Vulnerability in the design or implementation of a solution.

Context

1. Exploits are part of the standard Threat Model
2. Exploits are, as a rule, reported to the CVE
3. As a general rule Attacks are directed at known exploits, but can include simple exploration of the Ecosystem looking for an unknown Vulnerability.

Types

Social Engineering

• Uber security breach 'looks bad', caused by social engineering reported on 2022-09-15

Solutions

• See the wiki page on Indicators of Compromise for definitions of discovery when an Exploit has succeeded against a target.

References