IT Security
Who
Authentication proves who you are.What
Authorization defines what you can do.When
Auditing records when you did something.
Database
Cloud
Middleware
Coding
Applications
Infrastructure
Encryption
Security Standards
Spoofing
Tampering
Repudiation
Information disclosure
Denial of service
Elevation of privilege
Damage
how bad would an attack be?Reproducibility
how easy is it to reproduce the attack?Exploitability
how much work is it to launch the attack?Affected users
how many people will be impacted?Discoverability
how easy is it to discover the threat?Confidentiality
Integrity
Availability
Auditing
Social Engineering
Manipulating, influencing, or deceiving you into taking some action that isn’t in your own best interest or the best interest of your organization.
"more than 80% of cyberattacks are targeted at humans"
KnowBe4Phishing
Using emails disguised to look like they are coming from a trusted source.
Spoofing
Making the email addresses that an email is sent from look like it comes from a trusted source.
Spear Fishing
A targeted attack. i.e. the emails are tailored to be more specific to you than other, more opportunistic phishing attacks.
Vishing
Voice Phishing. Gaining information via a phone call.
Smishing
Short Message Service (SMS) phishing.
Pretexting
Using information gathered from social media to create a credible story to build a flase sense of trust.
Quid Pro Quo
Getting something in exchange for something. e.g. a voucher in exchange for clicking on a link.
Tailgating
Gaining access to a secure location by following an authorised person through a secure entry. e.g. someone gaining entry to a room which needs keycard access without having a keycard themselves, by using a door opened by someone who does have a keycard. Often accompanied by social engineering. e.g. by joining in a conversation with the person about to be tailgated.
Insider Threat
An attack originating inside your organisation. The Verizon 2021 Data Breach Investigations Report suggests this accounts for approx 22% of security incidents.
Threat Landscape
Malware
Malicious Software
Ransomware
Malware that encrypts data on your hard drive and demands a ransom in exchange for decrypting the data.
Ransomware variants on Linux...
RedAlert
Royal
Clop
IceFire
DoppelPaymer
Lockbit
C3RB3R
Steps to mitigate Ransomware attack...
The NIST 3-2-1-1 Rule
3 copies of data
2 different storage media
1 stored off-site
1 stored offline
Spyware
Malware that allows data harvesting and/or surveillance.
USB Drives
USB drives containing malware. This takes advantage of a person's natural curioisity to find out what's on the drive to install malware onto an otherwise secure computer.
Bad Actor
Data Breach
Data Harvesting
Public WiFi
Never use public WiFi without using a VPN.
Links
Bibliography
https://www.cisecurity.org/insights/blog/why-are-authentication-and-authorization-so-difficult
CVSShttps://www.first.org/cvss/specification-document
CVE Detailshttps://www.cvedetails.com/https://www.opencve.io/https://docs.opencve.io/
Phishinghttps://www.makeuseof.com/tag/anatomy-scam-windows-tech-support-con-examined/https://www.makeuseof.com/tag/spotters-guide-fake-virus-malware-warnings/https://www.makeuseof.com/tag/spot-phishing-email/
Insider Threatshttps://financesonline.com/insider-threat-statistics
CipherTrust Data Security Platformhttps://cpl.thalesgroup.com/resources/encryption/ciphertrust-data-security-platform-data-sheethttps://cpl.thalesgroup.com/sites/default/files/content/data_sheets/field_document/2023-03/cdsp-data-security-platform-ds.pdf
Ransomwarehttps://socradar.io/redalert-ransomware-targets-windows-and-linux-mware-esxi-servers/ (RedAlert)https://www.mimecast.com/content/ransomware-backup/https://www.pcrisk.com/removal-guides/28248-c3rb3r-ransomware (C3RB3R)
OSINThttps://osintframework.com/
