Discover
Word Notes

40 Episodes
Reverse
From the intrusion kill chain model, a technique where the hacker compromises sites commonly visited by members of a targeted community in order to deliver a malicious payload to the intended victim.
Network observation systems designed to monitor globally unreachable but unused Internet address space or the Deep Web in order to study a wide range of interesting Internet phenomena.
A best practice for framing cyber intelligence critical information requirements that recommends collecting and consolidating data from three specific sources: endpoint, network and log.
Also known as a third-party attack or a value-chain attack, advisory groups gain access to a targeted victims network by first infiltrating a business partner's network that has access to the victim's systems or data.
The process of software engineers checking the flow of user input in application code to determine if unanticipated input can affect program execution in malicious ways.
The process of stealing ATM customer credentials by means of physically and covertly installing one or more devices onto a public ATM machine.
A nation-state hacking group’s practice of funding its town activities through cybercrime or cyber mercenary work.
A device connected to a network that accepts communications from other endpoints like laptops, mobile devices, IoT equipment, routers, switches, and any tool on the security stack.
An extension of the traditional Basic Input/Output System or BIOS that, during the boot process, facilitates the communication between the computer’s firmware and the computer’s operating system.
An operating system program running in the background designed to perform a specific task when certain conditions or events occur.
Also known as spyware and adware, it is a software category where developers design the application neither to cause explicit harm nor to accomplish some conventional legitimate purpose, but when run, usually annoys the user and often performs actions that the developer did not disclose, and that the user regards as undesirable.
An automatic software bug and vulnerability discovery technique that inputs invalid, unexpected and/or random data or fuzz into a program and then monitors the program's reaction to it.
A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.
A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.
A clandestine set of applications designed to give hackers access and control over a target device.
A set of behaviors that precisely describes a cyber adversary attack campaign.
Information used by leadership to make decisions regarding the cybersecurity posture of their organization.
In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.
A probability simulation technique used to understand the impact of risk and uncertainty in complex problems.