The National Institute of Standards and Technology (NIST) 800 Series is a set of publications that provides guidance on topics related to information security. The series includes guidance on risk management, security controls, incident response, and more. What is NIST 800 compliance? NIST 800 compliance is a set of standards and guidelines for managing information … Read more
Medical identity theft occurs when someone uses another person’s personal information, such as their name, date of birth, Social Security number, or health insurance information, to obtain medical care, prescription drugs, or health insurance. The thief may use this information to receive medical care or submit false claims to health insurance providers, which can result … Read more
When you “wipe” a device, you are essentially factory resetting it. This means that all of the data on the device will be erased, including any malware that may be present. This is usually done as a last resort when all other attempts to clean the device have failed. Is wipe an English word? Yes, … Read more
Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. The word steganography comes from the Greek words steganos (στεγανός), meaning “covered, concealed, or protected”, and graphein (γράφειν) meaning “writing”. Steganography is often used to protect sensitive data or communication from eavesdroppers. For example, a sender … Read more
An executable file is a type of computer file that runs a program when it is opened. This means that the file can be used to launch a program on your computer. Executable files are sometimes also called “binaries” because they are made up of a series of ones and zeros that tell the computer … Read more
The Cyber Intelligence Sharing and Protection Act of 2011 (CISPA) was a proposed law in the United States that would have allowed for the sharing of Internet traffic information between the U.S. government and certain technology and manufacturing companies. The stated goal of the legislation was to help the government and private sector share information … Read more
Port knocking is a security technique used to protect servers from unauthorized access. It works by requiring the client to send a specific sequence of network traffic to a closed port on the server before the server will open the port and allow the client to connect. This sequence is typically something that would not … Read more
A hardware vulnerability is a flaw in a hardware device that can be exploited by attackers to gain access to sensitive data or systems. Hardware vulnerabilities are often caused by design or manufacturing defects, and can be difficult to detect and fix. Attackers can exploit hardware vulnerabilities to gain access to sensitive data, control systems, … Read more
The “software attack surface” refers to the amount of code exposed to potential attackers in a software system. The larger the attack surface, the greater the risk of vulnerabilities being exploited. To reduce the attack surface, organizations can adopt a number of security best practices, such as minimizing code complexity, reducing the number of exposed … Read more
A forensic watermark is a digital watermark that is embedded into a digital file to identify the source of the file. Forensic watermarks are used to track down the source of illegally copied files, such as pirated movies or music. Forensic watermarks are also used to track down the source of leaked confidential documents, such … Read more
