Copyright Infringement Instagram Scam
Learn how spot and ignore copyright infringement threats from hackers claiming you stole their art.
CyberHoot Newsletter – Volume 6
CyberHoot is your authority for cybersecurity news and understanding what the news means. From in-depth analysis articles to a library of 500 cybersecurity terms with related videos, CyberHoot provides you the information and training you need, when you need it.
Critical Microsoft Vulnerabilities
Infrequently, Microsoft released critical vulnerability alerts and patches that are so important to know about, that you should stop what you’re doing and review them and plan to patch as soon as possible. This is one of those times.
Root Cause Analysis
A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.
Eradication
Eradication refers to what happens following containment of a cyber attack incident. After the threat has been contained, it is necessary to eradicate (remove) key components of the security incident. …
CyberHoot Newsletter – Volume 1
The Department of Homeland security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a National Terrorism Advisory Bulletin on Jan. 4th, 2020. This agency only issues such warnings when there is a credible, specific and impending terrorism threat against the United States. In this case, their warning focused primarily upon cybersecurity attacks against US government and business entities in retribution for the killing of Iranian IRGC-Quds Force commander Qassem Soleimani. Iran has a history of cyber-attacks against US Businesses and government entities. Companies should be on high alert and remind employees to be especially vigilant in email phishing attacks amongst other cybersecurity best practices.
Need to Know
Need to Know often gets applied to Classified Top Secret information. However, understanding how it applies could provide insights in how to better protect your SMB’s data and spot errors, omissions, and potentially malicious insiders.
Social Engineering 101
This 2-minute video outlines how social engineers manipulate people in social settings to gain information on how to hack systems and steal valuable information. The video outlines various methods social …
Cloud Computing
Cloud Computing is a model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be …
Computer Network Defense
Computer Network Defense is the actions taken to defend against unauthorized activity within computer networks. Some examples of network defenses are firewalls, demilitarized zones (DMZs), Virtual Private Networks (VPNs), and …
Built-In Security
Built–In Security is a set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks. A simple example …
Authorization
Related Terms: Access Control, Access Control Mechanism, Authentication Source: OASIS SAML Glossary 2.0; Adapted from CNSSI 4009 What Does This Mean for my SMB? It’s vital to ensure that your …
Authentication
Authentication is the process of verifying the identity or other attributes of an entity (user, process, or device). Entering in log in credentials to gain access to a website is …
Bug
A Bug is an unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. These small defects or faults are generally due to human error when …
Access Control Mechanism
An access control mechanism is a security safeguard (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized …
Block List, Deny List
A Block List or Deny List, (deprecated: Blacklist), is a list of entities that are blocked or denied privileges or access. Hosts or applications that have been previously determined to …
Active Content
Active content is software that is able to automatically carry out or trigger actions without the explicit intervention of a user. When you are visiting a webpage on the Internet, …
Attack
An Attack is an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. In other words, the intentional act of attempting …
Attacker
An Attacker is an individual, group, organization, or government that executes an attack. Not to be confused with a vulnerability. An attack in the physical world might be someone who …
Data Loss
Data Loss is the result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorized party. Data loss is typically better than a data …
Decrypt
Decrypt is a generic term encompassing decode and decipher. Decrypting is the process of taking encrypted text or data and converting it back into text or data you can understand …
Decryption
Decryption is the process of transforming ciphertext into its original plaintext. This is done through a decryption process. Decryption transforms ciphertext into plaintext for an authorized user, in possession of …
Digital Forensics
Digital Forensics is the processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes. In the NICE Workforce Framework, cybersecurity work where a person: …
Cyber Criminals
Cyber Criminals are individuals or teams of people who use technology to commit malicious activities on digital devices or networks with the intention of stealing sensitive company information, personal data, …
Education and Training
In the NICE Workforce Framework, Education and Training in cybersecurity work is where a person conducts training of personnel within pertinent subject domains. Additionally, this individual develops, plans, coordinates, delivers, …
Encode
Encode is to convert plaintext to ciphertext by means of a code. This is done to prevent important information from getting into the wrong hands. Encoding scrambles letters and numbers …
Encipher
Encipher is to convert plaintext to ciphertext by means of a cryptographic system. This process is done to keep important information safe and only deciphered with the proper key. What …
Bot, Botnet, Bot Herder, and Bot Master
Bot(s) A Bot is a computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of …
Denial of Service (DoS)
Denial of Service (DoS) is an attack that prevents or impairs the authorized use of information system resources or services. A DoS is simply when hackers try to prevent legitimate …
Distributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS) attacks are a type of Denial of Service (DoS) attacks. A DDoS attack involves multiple connected online devices, collectively known as a botnet, which are used …
Data Breach
A Data Breach is the unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. What …
Data Exfiltration
Exfiltration is the unauthorized transfer of information from an information system. The types of data commonly exfiltrated are Social Security Numbers, credit card information, passwords and email addresses. What Does …
Data Loss Prevention
Data Loss Prevention is a set of procedures and mechanisms to stop sensitive data from leaving a security boundary. This helps you hold onto your important data and information so …
Exploit
An exploit is a technique to breach the security of a network or information system in violation of security policy.This strategy takes advantage of the application or systems flaw so …
Exploitation Analysis
Exploitation Analysis is cybersecurity work where a person: analyzes collected information to identify vulnerabilities and potential for exploitation. This is done to attempt to “fill in the gaps” in the …
Exposure
Exposure is the condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network. For example, an …
Firewall
A firewall is a capability to limit network traffic between networks and/or information systems. This is a hardware/software device or a software program that limits network traffic according to a …
Failure
A failure is the inability of a system or component to perform its required functions within specified performance requirements. For example, a computer shutting down unexpectedly would be considered a …
Hacker
A hacker is an unauthorized user who attempts to or gains access to an information system. This is someone who uses various methods to breach defenses and exploit weaknesses in …
Hash Value
A Hash Value is a numeric value resulting from a mathematical algorithm applied to a set of data such as a file. A common hash value is called the MD5 …
Hazard
A hazard is a natural or man-made source or cause of harm or difficulty. A hazard can be a threat to your business if realized such as water damage, a …
Hashing
Hashing is the process of translating an input as a key into a uniform length output code. The input key may be fixed length, such as an integer, or variable …
Supply Chain Threat
An Supply Chain Threat is a man-made threat achieved through exploitation of the information and communications technology (ICT) system’s supply chain, including acquisition processes. What Does This Mean For An …
Identity and Access Management
Identity and Access Management (IAM) are the methods and processes used to manage subjects and their authentication and authorizations to access specific objects. What Does This Mean For An SMB? …
Incident
An incident is an occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system …
Event
An event in cybersecurity is an observable occurrence in an information system or network. This sometimes provides an indication that an incident is occurring or at least raise the suspicion …
Incident Management
Incident Management is the management and coordination of activities associated with an actual or potential occurrence of an event that may result in adverse consequences to information or information systems. …
Incident Response Plan
An Incident Response Plan is a set of predetermined and documented procedures to detect and respond to a cyber incident. This is the actual procedure carried out if there is …
Information Assurance
Information Assurance are the measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality. What Should My SMB Do? If you own a business, …
Information Assurance Compliance
Information Assurance Compliance in cybersecurity work is where a person: Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new IT systems meet the organization’s …