Vexing Vulnerabilities
A software flaw that could be exploited to breach security.
What is Vulnerable software?
A malicious actor with harmful intentions.
What is Intentional?
An attack that affects the availability of services.
What is Service disruption?
Pretending to be someone else to deceive.
What is Impersonation?
A hacker with malicious intent.
What is Unauthorized?
A threat from someone with system privileges.
What is an Internal threat?
A general term for a security weakness.
What is a Vulnerability?
The possibility of exploiting a security weakness.
What is a Threat?
Moving data from a private network to an external one.
What is Data exfiltration?
Using tricks to get people to reveal sensitive information.
What is Social engineering?
An expert in computer security systems.
What is a Hacker?
An insider causing security issues unintentionally.
What is an Unintentional or inadvertent insider threat?
When a product no longer receives official support.
What are Unsupported systems?
An actor causing security issues without meaning to.
What is Unintentional?
Spreading false information to deceive others.
What is Disinformation?
Telling lies to make someone believe a falsehood.
What is Pretexting?
A hacker performing authorized security tests.
What is Authorized?
The entire process of delivering goods and services.
What is a Supply chain?
A network setup that leaves many points open to attack.
What is an Unsecure network?
The chance and impact of a security breach.
What is Risk?
Demanding money to keep information secret.
What is Blackmail?
Sending fake emails to steal personal information.
What is Phishing?
Registering a misspelled domain to deceive users.
What is Typosquatting?
Unauthorized IT resources used within a network.
What is Shadow IT?
An individual responsible for a security incident.
What is a Threat actor?
Demanding payment to prevent or halt an attack.
What is Extortion?
A phone-based attack to extract information.
What is Vishing?
An inexperienced hacker using others’ tools.
What is an Unskilled attacker?
Gaining control of an employee’s email for fraud.
What is Business email compromise?
The method used by a threat actor to carry out an attack.
What is a Threat vector?
The level of access a threat actor has before an attack.
What is Internal/external?
Falsifying records for personal gain.
What is Fraud?
A phishing attack using SMS messages.
What is SMiShing?
A hacker motivated by social or political causes.
What are Hacktivists?
Injecting malicious code into frequented websites.
What is a Watering hole attack?
An attack that tricks victims into using malicious items.
What is a Lure?
Redirecting a website request to a fake site.
What is Pharming?
A threat actor supported by a country’s resources.
What are Nation-state actors?