What are Phantom Hacker Scams? The FBI has alerted the public to a recent nationwide increase in Phantom Hacker scams, which primarily impact senior citizens.1 Phantom Hacker scams have evolved from more general tech support scams. They operate by layering imposter tech support, government, and financial institution personas in a complex ruse to build trust […]
Category: Application Security
What are Web Application Access Control Threats? The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) have released a Cybersecurity Advisory to warn vendors, designers, and developers of web applications, and organizations using web applications, about insecure direct object reference (IDOR) vulnerabilities.1 […]
What is Object Linking and Embedding Malware? Object Linking and Embedding (OLE) allows users to create and edit documents that contain objects created by different applications. OLE technology gives users the ability to create compound documents that support a host of software applications, such as Microsoft Windows applications, Corel WordPerfect, Adobe Acrobat, AutoCAD, and multimedia […]
What are Email Protocols? An email protocol is a group of rules and regulations that ensure that email messages are properly created, transmitted, and received between different servers, machines, and email clients. Email protocols create standards that messages should follow to reach the recipients in their original state. The following are the three standard email […]
What is a Stack Smashing Attack? Stack smashing is a form of vulnerability where the stack of a computer application or OS is forced to overflow. This may lead to subverting the program/system and crashing it. A stack, a first-in last-out (FILO) circuit, is a form of buffer holding intermediate results of operations within it. […]
Categories
Whitelisting
What is Whitelisting? Whitelisting is a cybersecurity strategy that approves lists of email addresses, IP addresses, applications, and/or domain names, while denying all others, by default. With whitelisting, a user can only take actions on their computer that an administrator has explicitly allowed in advance, because they have deemed those actions to be safe and […]
What are File-Sharing Best Practices? File sharing is a common, yet dangerous, daily business activity. Take time to evaluate your file sharing methods to ensure that you are choosing the most secure procedures. Consider the following best practices as you decide how you will send and receive files securely: Multi-factor authentication. Use multi-factor authentication (MFA) […]
What are Android Trojans? Android trojans are malware applications that can perform a variety of malicious activities through your Android device. Two recent large-scale Android trojan attacks include: Nexus Android Trojan. The authors of the Nexus Android Trojan have made the malware available to other threat actors via a malware-as-a-service (MaaS) program, where individuals and […]
What is Antivirus Protection? Antivirus software protects devices against viruses and malware through a combination of prevention, detection, and removal. Antivirus software can be installed on computers and other devices, such as smartphones and tablets. The two major types of antivirus protection are1: Traditional antivirus protection. Traditional antivirus software relies heavily upon the signature, or […]
What is Application Lifecycle Management? Application lifecycle management (ALM) refers to the creation and maintenance of a software application, encompassing the people, tools, and processes that manage the life cycle of an application from its conception to the end of its life. ALM is also known as integrated application lifecycle management, as it involves an […]