vault backup: 2022-07-24 13:08:15

content/notes/03-threats-social-engineering-and-failures.md

@@ -9,4 +9,33 @@ tags:
 - kiwis urged to get new passwords by government cybersecurity agency (big password energy)
 - ukraine cyber agency reports cyber attack surge
 - plymouth households hit by clarion housing cyber attack
-- facebook "unintentionally uploaded" 1.5 million peoles email contacts without their consent
+- facebook "unintentionally uploaded" 1.5 million peoles email contacts without their consent
+- threat maps: https://threatmap.checkpoint.com/ThreatPortal/livemap.html
+
+# Threats
+events are circumstances that has the potential (risk) to adversely affect assets (reducing their value)
+- e.g., possibility of text messages stop working -> phone loses value
+
+# Attack
+intentional or unintentional (e.g., lightning) acts that can damage or compromise assets.
+- the actual act of attacking
+- can be passive attack: e.g., stumble accross information accidentaly
+
+# Exploits
+- the techniques used
+
+# Vulnerabilities
+- the potential weaknesses in assets or in their defensive control systems
+- e.g., try to find weakpoints in a castle
+
+# Arms race
+security is a never ending arms race. Security is improving but so are the number of potential exploits
+
+# 12 groups of threats
+![](https://i.imgur.com/d5i1wpA.png)
+
+## Intellectual property
+- creation ownership and control of original ideas
+- common breaches
+	- software priracy
+	-