What is XML Digital Signature? Digital signatures are like electronic “fingerprints” that securely associate a signer with a document in a recorded transaction, which takes the form of a coded message. Digital signatures use Public Key Infrastructure (PKI), to provide the highest levels of security and universal acceptance. PKI involves using a digital certificate for […]
Author: Nikki Pham
Internal Trusted Storage
What is Internal Trusted Storage? Secure storage is often a memory location within a system used to protect access to sensitive data such as encryption keys, user and service credentials, and other system data. Secure storage can be on the chip, such as within a flash memory bank or RAM location, or an external flash […]
What is a Stack Smashing Attack? Stack smashing is a form of vulnerability where the stack of a computer application or OS is forced to overflow. This may lead to subverting the program/system and crashing it. A stack, a first-in last-out (FILO) circuit, is a form of buffer holding intermediate results of operations within it. […]
What are Logging and Monitoring Best Practices? Logging refers to the practice of logging errors and changes or to the application logs that are collected. The purpose of logging is to create an ongoing record of application events. Log files can be used to review any event within a system, including failures and state transformations. […]
Packet Sniffing
What is Packet Sniffing? When data has to be transmitted over the computer network, it is broken down into smaller units at the called data packets and reassembled on the receiver’s end in its original format. This data packet (aka- block, segment, datagram, cell) is the smallest unit of communication over a computer network. The […]
Root of Trust
What is the Root of Trust? PSA Certified explains the Root of Trust (RoT) as, “…the foundational security component of a connected device. While precise definitions can vary considerably, a RoT can be described as a set of implicitly trusted functions that the rest of the system or device can use to ensure security; it […]
What is Fiber-Optic Internet Security? Fiber internet is internet access that is delivered over fiber-optic connections, as opposed to the copper wire that broadband connections use, or the wireless signals used by satellite connections. Fiber Internet lines are comprised of hundreds or thousands of glass or plastic cables that are roughly 1/10 the size of […]
Access Point Name
What is Access Point Name? Access Point Name (APN) refers to the gateway and point of entry onto the internet (IP network) from a mobile network. APN is used by mobile service providers to combine many SIM cards into a single limited network. Only SIM cards that are preprogrammed to work on a specific APN […]
Fileless Malware Attacks
What are Fileless Malware Attacks? Fileless malware is a type of malicious activity that uses native, legitimate tools built into a system to execute a cyberattack. Unlike traditional malware, fileless malware does not require an attacker to install any code on a target’s system, which makes it difficult to detect. This fileless technique of using […]
Account Takeovers
What is an Account Takeover? An Account Takeover (ATO) is a type of cyberattack where threat actors take ownership of online accounts using stolen credentials, such as passwords and usernames. Cyberattackers often purchase lists of credentials via the dark web. Credentials found on these lists were often obtained through social engineering tactics, data breaches, and […]