Lists (3)
Stars
An adversary may utilize a sim swapping attack for defeating 2fa authentication
qeeqbox.github.io/network-security-for-qeeqs
A threat actor may cause a vulnerable target to include/retrieve local file
A threat actor may cause a vulnerable target to include/retrieve remote file
A threat actor may tamper with a stream that gets deserialized on the target, causing the target to access data or perform non-intended actions
A threat actor may send a malicious redirect request for a vulnerable target to a victim; the victim gets redirected to a malicious website that threat actor controls
A threat actor may inject arbitrary operating system (OS) commands on target
A threat actor is any person, group, or entity that could harm to the cyber realm
The practice of ensuring that people or objects have the right level of access to assets
Countermeasures or safeguards for detecting, preventing, and mitigating cyber threats and attacks (Protect assets)
Safeguarding your personal information (How your info is protected)
Data compliance is the process of following various regulations and standards to ensure that sensitive digital assets (data) are guarded against loss, theft, and misuse
Data classification defines and categorizes data according to its type, sensitivity, and value
A threat actor may trick a victim into executing native template syntax on a vulnerable target
A threat actor may alter the template syntax on the vulnerable target to execute commands
A threat actor may alter structured query language (SQL) query to read, modify and write to the database or execute administrative commands for further chained attacks
A threat actor may alter the XML path language (XPath) query to read data on the target
A threat actor may interfere with an application's processing of extensible stylesheet language transformations (XSLT) for extensible markup language (XML) to read or modify data on the target
A threat actor may interfere with an application's processing of extensible markup language (XML) data to view the content of a target's files
Access Control is using security techniques to protect a system against unauthorized access
Data states refer to structured and unstructured data divided into three categories (At Rest, In Use, and In Transit)