Jeff Bezos and the WhatsApp Security Flaw

Knowing how to protect yourself and your critical accounts from compromise is becoming ever more important. Learn what can happened to and setup 2FA into all of your online critical accounts.

Media Access Control (MAC) Address

A Media Access Control (MAC) Address is a hardware identification number that is uniquely assigned to each device on a network. The MAC address is manufactured into every network card, …

Lightweight Directory Access Protocol (LDAP)

A Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. The networks …

Zero Day Vulnerabilities

A Zero Day Vulnerability is a security flaw that is unknown to the software vendor or the business it is found in and there isn’t a patch released yet for …

Responsible Disclosure

Responsible Disclosure refers to the best practice followed by most security researchers of not disclosing a critical vulnerability in a software product until a vendor patch or fix has been …

Revenge Porn

Revenge Porn is sexually explicit images or videos of a person posted online without that person’s consent especially as a form of revenge or harassment. Revenge Porn is typically seen …

Privileged User

A Privileged User is a user of a computer who is authorized to bypass normal access control mechanisms, usually to be able to perform system management functions. Cybersecurity governance policies …

Command and Control (C&C) Server

A Command and Control (C&C) Server is a computer being controlled remotely by a cyber criminal that is used as a command center to send commands to systems that have …

Honeypot

A Honeypot in cybersecurity refers to a strategy used to catch cyber criminals in the act of trying to exploit a vulnerability and compromise a company. A honeypot can be …

Computer Emergency Response Team (CERT)

A Computer Emergency Response Team (CERT) is a group of security experts who respond to cybersecurity incidents. These teams work on many unique cybersecurity incidents involving malware, viruses, and cyber …

coronavirus cybersecurity scam ftc

FTC Warns of Potential Coronavirus Scams

The Coronavirus has been on the front of everyone’s mind lately, causing fear and concern across the world. This deadly virus opens up yet another way for attackers to hack …

Transport Layer Security (TLS)

Transport Layer Security (TLS) is a security protocol made for privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between …

Information Dissemination

Dissemination of Information refers to the distributing of a company’s or customer specific information to the public, whether through printed or electronic documents, or other forms of media.  “Dissemination of information” …

Information Resources Management (IRM)

Information Resources Management (IRM) is the planning, budgeting, organizing, directing, training, and control associated with an organization’s information.  The term encompasses both information itself and the related resources, such as personnel, …

Packet Sniffing

Packet Sniffing is the practice of gathering, collecting, and logging the packets that pass through a computer network, regardless of how the packet is addressed. In this way, every packet …

Network Based Intrusion Detection System (NIDS)

A Network Based Intrusion Detection System (NIDS), or Network Based IDS, is security hardware that is placed strategically to monitor critical network traffic. Traditional Network Based IDS analyzes passing network …

Backdoor

A Backdoor in the world of cybersecurity refers to the strategy used to get around normal security measures and gain privileged user access on a computer system, network, or software …

SQL Slammer Virus

The SQL Slammer Virus, also known as the Sapphire Virus, is malware in the form of a worm that caused a Denial of Service on many internet hosts in 2003, and …

Hack Back Bill

The Active Cyber Defense Certainty Act (ACDC), also known as the “Hack Back” bill was first introduced in the U.S. House of Representatives in 2017. The bill has been worked …

HowTo: Delete A Training Program

This video outlines step-by-step how to delete a training program. Deleting a training program will get rid of the training program forever, whereas archiving a training program will allow you …

HowTo: Archive A Training Program

This video outlines step-by-step how to archive a training program. Archiving a training program is different from deleting a training program in the way that you are able to restore …

Morris Worm

The Morris Worm goes down in history as the first worm in existence.  This self repeating computer program that was written by Robert Tappan Morris, a student at Cornell University, …

Stuxnet

Stuxnet is a computer worm that was uncovered in 2010, which many people believe was in development since at least 2005. Stuxnet was targeting supervisory control and data acquisition (SCADA) …

Crypto-Mining or Cryptojacking

Crypto-Mining, also known as Cryptocurrency Mining, is a process in which transactions of various forms of cryptocurrency are verified and added to the blockchain digital ledger. Each time a cryptocurrency transaction …

Brute Force Attack

A Brute Force Attack is a strategy used by hackers trying to break into your data, password, or network. In this attack a computer, or its Graphics Processing Unit (GPU) will …

Zombie

A zombie is the term for a computer that is infected and being used remotely by a bot. A bot, short for “robot”, is a type of software application or …

Secure Shell (SSH)

Secure Shell (SSH) is a cryptographic network communications protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network …

Password Cracking

Password Cracking refers to the various methods hackers use to learn exactly what password you use to protect one of your computer accounts. This can be accomplished by recovering passwords …

Reverse Engineering

Reverse Engineering occurs when you take a finished product and working backwards to determine how it was constructed or engineered. By breaking a product or piece of software down into …

Melissa Virus

The Melissa Virus is malware that was was deployed in late March of 1999. A programmer by the name of David Lee Smith took over an America Online (AOL) account …

Reverse Intent

Reverse Intent the name given to a common hacker technique of flip-flopping a piece of security knowledge to identify a potential weakness. For example, identifying the version of Bind running …

Separation of Duties

Separation of Duties involves dividing roles and responsibilities to minimize the risk of a single individual subverting a system or critical process without detection.  The classic example used in Separation of …

General (Public) Information

General Information, also known as Public information, is data that is commonly found in marketing campaigns, emails, and print media and generally requires less protection of its confidentiality and availability …

Intellectual Property

Intellectual Property (IP) refers to the ownership of a specific idea, design, manuscript, etc. by the person or company who created it. Intellectual property may give the person or company …

Swatting

Swatting is a cyber harassment tactic where the attacker deceives emergency response personnel such as the police by reporting an active shooter or hostage situation at a targeted person’s home …

ILOVEYOU Virus

The ILOVEYOU Virus, also known as, the Love Bug, is a computer worm that infected over 10 million Windows computers in May of 2000. The virus was an email that …

Mandatory Access Controls (MAC)

Mandatory Controls, also known as Mandatory Access Controls (MAC), are a type of access control that restricts the user’s ability to access certain restricted data or to perform restricted actions.  …

Discretionary Access Controls (DAC)

Discretionary Access Controls, also known as DAC, are types of cybersecurity measures that allow or restrict access based upon the discretion of the file or resource owner. For example, if …

Sensitive (Restricted) Information

Sensitive (or restricted) Information is data from a company or organization that is generally not regulated but that requires very important protections of its confidentiality, integrity and availability. Examples of sensitive …