CyberHoot Newsletter – Volume 5

CyberHoot’s monthly Newsletters summarize the important events from the past month of cybersecurity news. Come to one place and Become More Aware to Become More Secure.

April 15th, 2020

attribution cyber security

Attribution

Attribution in the cybersecurity world refers to the process of tracking, identifying and placing blame on the hacker (perpetrator) or organization behind an attack. Following an attack, an organization should …

January 14th, 2020

Cloud Computing

Cloud Computing is a model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be …

December 26th, 2019

Built-In Security

Built–In Security is a set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks. A simple example …

December 26th, 2019

Authorization

Authorization is a process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. In simpler …

December 26th, 2019

Authentication

Authentication is the process of verifying the identity or other attributes of an entity (user, process, or device). Entering in log in credentials to gain access to a website is …

December 26th, 2019

Moth in the Mark II

Bug

A bug is an unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. These small defects or faults are generally due to human error …

December 26th, 2019

Access Control Mechanism

Access Control Mechanism

An access control mechanism is a security safeguard (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized …

December 26th, 2019

Active Content

Active Content

Active content is software that is able to automatically carry out or trigger actions without the explicit intervention of a user. When you are visiting a webpage on the Internet, …

December 26th, 2019

Attack

An Attack is an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. In other words, the intentional act of attempting …

December 26th, 2019

Attacker

An Attacker is an individual, group, organization, or government that executes an attack.  Not to be confused with a vulnerability.  An attack in the physical world might be someone who …

December 26th, 2019

Typosquatting

Cybersquatting

Cybersquatting, also known as “Typosquatting“, is the act of registering, trafficking, or using a domain name in bad faith. For example, phishing attacks are used against users to gain their …

December 26th, 2019

Data Loss

Data Loss is the result of unintentionally or accidentally deleting data, forgetting where it is stored, or exposure to an unauthorized party. Data loss is typically better than a data …

December 26th, 2019

Decrypt

Decrypt is a generic term encompassing decode and decipher. Decrypting is the process of taking encrypted text or data and converting it back into text or data you can understand …

December 26th, 2019

Decryption

Decryption is the process of transforming ciphertext into its original plaintext. This is done through the encryption process. Software decrypts the ciphertext into plaintext the user is able to easily …

December 26th, 2019

Digital Forensics

Digital Forensics is the processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes. In the NICE Workforce Framework, cybersecurity work where a person: …

December 26th, 2019

Sextortion Explained in 30 Seconds

Cyber Criminals

Cyber Criminals are individuals or teams of people who use technology to commit malicious activities on digital devices or networks with the intention of stealing sensitive company information or personal …

December 26th, 2019

Education and Training

In the NICE Workforce Framework, Education and Training in cybersecurity work is where a person conducts training of personnel within pertinent subject domains. Additionally, this individual develops, plans, coordinates, delivers, …

December 26th, 2019

Encode

Encode is to convert plaintext to ciphertext by means of a code. This is done to prevent important information from getting into the wrong hands. Encoding scrambles letters and numbers …

December 26th, 2019

Encrypt

Encrypt is the generic term encompassing encipher and encode, which means to convert plaintext to ciphertext by means of a code. This is done to protect important information from being …

December 26th, 2019

Encipher

Encipher is to convert plaintext to ciphertext by means of a cryptographic system. This process is done to keep important information safe and only deciphered with the proper key. Synonyms: …

December 26th, 2019

Bot, Botnet, Bot Herder, and Bot Master

Bot(s) A Bot is a computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of …

December 26th, 2019

Denial of Service (DoS)

Denial of Service (DoS) is an attack that prevents or impairs the authorized use of information system resources or services. A DoS is simply when hackers try to prevent legitimate …

December 26th, 2019

Distributed Denial of Service (DDoS)

A Distributed Denial of Service (DDoS) is a denial of service technique that uses numerous systems to perform the attack simultaneously. This is typically done maliciously with a Botnet, that …

December 26th, 2019

Data Breach

A Data Breach is the unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. Related …

December 26th, 2019

Sucking Data out of a Company

Data Exfiltration

Exfiltration is the unauthorized transfer of information from an information system. The types of data commonly exfiltrated are Social Security Numbers, credit card information, passwords and email addresses. Related Term: …

December 26th, 2019

Data Loss Prevention

Data Loss Prevention is a set of procedures and mechanisms to stop sensitive data from leaving a security boundary. This helps you hold onto your important data and information so …

December 26th, 2019

Sources of Exploits in Software

Exploit

An exploit is a technique to breach the security of a network or information system in violation of security policy.This strategy takes advantage of the application or systems flaw so …

December 26th, 2019

Exploit Analysis

Exploitation Analysis

Exploitation Analysis is cybersecurity work where a person: analyzes collected information to identify vulnerabilities and potential for exploitation. This is done to attempt to “fill in the gaps” in the …

December 26th, 2019

CyberHoot: WiFi Insecurities and How to Reduce WiFi Risks

Exposure

Exposure is the condition of being unprotected, thereby allowing access to information or access to capabilities that an attacker can use to enter a system or network. For example, an …

December 26th, 2019

Firewall

A firewall is a capability to limit network traffic between networks and/or information systems. This is a hardware/software device or a software program that limits network traffic according to a …

December 26th, 2019

Failure

A failure is the inability of a system or component to perform its required functions within specified performance requirements. For example, a computer shutting down unexpectedly would be considered a …

December 26th, 2019

Hacker

A hacker is an unauthorized user who attempts to or gains access to an information system. This is someone who uses various methods to breach defenses and exploit weaknesses in …

December 26th, 2019

Hash Value

A Hash Value is a numeric value resulting from applying a mathematical algorithm against a set of data such as a file. One common hash value is called the MD5 …

December 26th, 2019

Hazard

A hazard is a natural or man-made source or cause of harm or difficulty. A hazard can be a threat to your business if realized such as water damage, a …

December 26th, 2019

Hashing Passwords Securely

Hashing

Hashing is a process of applying a mathematical algorithm against a set of data to produce a numeric value (a ‘hash value’) that represents the data. This process is similar …

December 26th, 2019

Supply Chain Threats

Supply Chain Threat

An Supply Chain Threat is a man-made threat achieved through exploitation of the information and communications technology (ICT) system’s supply chain, including acquisition processes. Related Terms: Supply Chain, Threat Source: …

December 26th, 2019

What is Business Email Compromise?

Identity and Access Management

Identity and Access Management (IAM) are the methods and processes used to manage subjects and their authentication and authorizations to access specific objects. Related Terms: Authentication, Compromised Credentials, Password, Two-factor …

December 26th, 2019

Incident

An incident is an occurrence that actually or potentially results in adverse consequences to (adverse effects on) (poses a threat to) an information system or the information that the system …

December 26th, 2019

Event

An event in cybersecurity is an observable occurrence in an information system or network. This sometimes provides an indication that an incident is occurring or at least raise the suspicion …

December 26th, 2019

Incident Management

Incident Management

Incident Management is the management and coordination of activities associated with an actual or potential occurrence of an event that may result in adverse consequences to information or information systems. …

December 26th, 2019

Incident Response Plan

An Incident Response Plan is a set of predetermined and documented procedures to detect and respond to a cyber incident. This is the actual procedure carried out if there is …

December 26th, 2019

Information Assurance

Information Assurance are the measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality. Related Terms: Information Security Policy Source: CNSSI 4009

December 26th, 2019

Information Assurance Compliance

Information Assurance Compliance in cybersecurity work is where a person: Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new IT systems meet the organization’s …

December 26th, 2019

Information Sharing

Information Sharing is an exchange of data, information, and/or knowledge to manage risks or respond to incidents. This is commonly done when there has been a breach in technology that …

December 26th, 2019

Information Security Policy

An Information Security Policy is an aggregate of directives, regulations, rules, and practices that prescribe how an organization manages, protects, and distributes information. It is important that any business has …

December 26th, 2019

Information System Resilience

Information System Resilience is the ability of an information system to: (1) continue to operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining …

December 26th, 2019

Security Automation and Operations

Information Systems Security Operations

Information Systems Security Operations in cybersecurity work is where a person: Oversees the information assurance program of an information system in or outside the network environment; may include procurement duties (e.g., …

December 26th, 2019

What is Interoperability

Interoperability

Interoperability is the ability of two or more systems or components to exchange information and to use the information that has been exchanged. Source: IEEE Standard Computer Dictionary, DHS personnel …

December 26th, 2019