A romance scam is a type of online fraud whereby a person pretends to be interested in a romantic relationship with another person in order to obtain financial gain. The scammer typically uses false identities and fake photos in order to create an attractive online persona, and will often spend weeks or months building up … Read more
Have I Been Pwned (HIBP) is a website that allows Internet users to check whether their personal data has been compromised by data breaches. The website was created in 2013 by Australian security researcher Troy Hunt. HIBP maintains a database of known data breaches, which is sourced from public data breach notifications, as well as … Read more
COMINT is short for Communications Intelligence. This type of intelligence deals with the interception and analysis of communications in order to glean information about an adversary. COMINT can be used to track the movements of an adversary, to understand their intentions and capabilities, and to monitor their communications in order to disrupt their plans. What … Read more
The POODLE attack is a type of security exploit that takes advantage of the way some SSL/TLS implementations handle padding. By manipulating the padding, an attacker can decrypt data that would otherwise be encrypted. The POODLE attack was first described by a team of security researchers in 2014. The name “POODLE” is an acronym for … Read more
A double blind test is a test in which neither the subjects nor the researchers know which subjects are receiving the experimental treatment and which are receiving the control treatment. This is done to prevent any bias on the part of either the subjects or the researchers that could influence the results of the test. … Read more
Counterintelligence is the process of identifying, assessing, and taking action to counter intelligence threats. It includes activities like identifying and countering espionage, sabotage, and subversion. What is the meaning of counter intelligence? The definition of counterintelligence is “information gathered and activities conducted to protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or … Read more
ELINT is short for electronic intelligence. It refers to intelligence gathering by interception of electromagnetic radiation (such as radar signals) emitted by electronic devices. ELINT can be used to gather information about the capabilities and intentions of an adversary. ELINT gathering can be performed passively, by simply intercepting and analyzing emissions from adversary electronic devices, … Read more
Active defense is a proactive approach to security that involves detecting, investigating, and responding to threats before they can do damage. It is a contrast to passive defense, which focuses on protecting assets and minimizing damage after an attack has occurred. Active defense measures can include everything from security awareness training for employees to setting … Read more
The National Vulnerability Database (NVD) is a U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklists, security-related software flaws, misconfigurations, product names, and impact metrics. The National Vulnerability Database (NVD) … Read more
Roots of Trust (RoT) are digital signatures that are used to verify the authenticity of software or hardware. They are typically used in cryptographic systems to ensure that the system can be trusted. In order to be trusted, a root of trust must be verified by a trusted third party. A root of trust can … Read more
