The following ten threats are summarized from Discovering Cyber Security presentation.
1. Phishing
Spoof-ed emails or replicas of existing web pages attempting to harvest (a.k.a. steal) YOUR personal, financial, or password data. You receive an email from a legit looking source, an urgent notice to go online and access your account, and your details are snatched faster than you can realize “Hey, that’s not exactly so-and-so’s logo…uh oh!!!”
2. Poisoned Websites
Toxic content (spyware, adware, and malware) disguised as advertisements, links, images, or video on web pages. You visit a sketchy website, click a sham link, and before you know it, you’re passing it on, infecting your unexpecting friends!
3. Social Media
Fake offers, “likejacking,” fake browser extensions and apps being leveraged in social media campaigns to share Trojans, worms and Malware. You click an amazing offer on a social network, share your credentials only to find out it was fake and now your network has been compromised.
4. DDOS Attacks (Distributed Denial of Service)
Flood of fake traffic overwhelming target website or network’s capacity to handle internet traffic, rendering it inaccessible and unavailable to intended/real users. You could experience longer page loading times, failed transactions or services that are completely unavailable.
5. Dated Browsers, Applications
Outdated software equals vulnerable software. You neglect or forget to download updates for your browsers and add-ons, and as a result, you are more susceptible and vulnerable to attacks.
6. Website File Permissions
Lax or improper permissions (or security measures and configuration) may contribute to compromised websites and data leakage because of hackers gaining access to restricted files and directories. You may notice your web browser or application acting in undesirable ways.
7. Outdated Hardware
Outdated hardware equals vulnerable hardware. Eventually, security patches and updates are no longer released for certain editions of hardware. At this point, you must update your hardware to the best of your ability or risk running an insecure system.
8. Mobile Browsers/Apps
Public WIFI is overflowing with vulnerabilities. You may download applications contaminated with malware. Operating systems become out-of-date. You use the same phone for work and “play,” possibly contaminating your work network with toxicities picked up during play.
9. Error Handling
Poorly handled errors may reveal server information, file names, server types, and other sensitive information. Your poorly handled error is an invitation for hackers to collect information about your server, and to further meddle in your website.
10. Private Website Files Leakage
Web sites or applications that leak user/subscriber information to others either due to inadvertently broadcasting private data to anyone who knows where to look, or because of hackers breaching the code and making sensitive information public. You ever heard of the Ashley Madison hack?
Leave us a comment below and let us know what cyber security threats frighten you the most!