Skip to content

Category: Vulnerabilities

Published on Leave a comment on Term of the Week: Dark Web

What is it?

A part of the internet that is intentionally hidden from standard browsers. It is accessible only through specialized software with an appropriate configuration or authorization. The dark web -- sometimes called darknet -- provides anonymous access to the internet for people who want to keep information about themselves hidden from view. It also provides anonymous hosting.

Why is it important?

Although the dark web is primarily known to the general public as a place where illegal activity takes place, its original intent was to provide a private environment. Any business that has a need for anonymous browsing or anonymous communication may find the dark web useful. Business professionals also need to know about the dark web because it is used for illegal activities, including storage of stolen information.

...continue reading "Term of the Week: Dark Web"

Published on Leave a comment on Term of the Week: Zero-day Vulnerability

What is it?

A product vulnerability that the developers are unaware of.

Why is it important?

Zero-day vulnerabilities are important because there is the potential for them to be exploited before developers have a chance to patch the affected product. Once a zero-day vulnerability has been detected, companies often have very little time to correct the issue before the vulnerability is used to attack the product.

...continue reading "Term of the Week: Zero-day Vulnerability"

Published on Leave a comment on Term of the Week: Insider Threat

What is it?

A hostile action against an organization performed accidentally or maliciously by individual(s) who possess intimate knowledge of, and access to, a company’s infrastructure, security, and business processes.

Why is it important?

The term is important because insider threat is one of the main causes of data exfiltration – theft of data – affecting organizations today. Insider threats can cause grave damage to an organization’s finances and reputation.

...continue reading "Term of the Week: Insider Threat"

Published on Leave a comment on Term of the Week: Shadow Security

What is it?

Security measures that staff create to manage security to the best of their knowledge and ability, avoiding official security policies and mechanisms that get in the way of their tasks and reduce productivity.

...continue reading "Term of the Week: Shadow Security"

1

Published on 1 Comment on Term of the Week: Security Fatigue

What is it?

The psychological state one reaches when security decisions become too numerous and/or too complex, thus inhibiting good security practices.

...continue reading "Term of the Week: Security Fatigue"

1

Published on 1 Comment on Term of the Week: Social Engineering

What is it?

A human-centric manipulation technique that uses deceptive tactics to trigger emotionally driven actions that are in the interests of a cybercriminal or attacker.

...continue reading "Term of the Week: Social Engineering"