Privilege escalation is simply an attack where hacker moves vertically or horizontally from restricted to unrestricted. It allows attackers to gain unauthorized privileged access, resulting in more freedom to conduct attack, increasing attack vector. Example of it would be going from guest access to admin access.
There are multiple ways to conduct this attack and it can even be done with social engineering technique like taking a sneak peak at technical admin’s keyboard while they’re typing in their user and password. Popular attacks one can conduct is phishing, brute forcing, shoulder surfing, dictionary attack, credential stuffing, keyloggers, and spyware. To mitigate privilege escalation, do not click on suspicious links use strong passwords and credential management practices, user proper cookie handling, have strong data monitoring in place, and utilize zero trust model.
HansITAcademy 