---
title: "02-concepts-and-roles"
aliases: 
tags: 
- comp210
---

# News
- [more personal email scams](https://theconversation.com/email-scams-are-getting-more-personal-they-even-fool-cybersecurity-experts-186009)
	- They have more knowledge about your personal information
- [deakin university attack](https://australiancybersecuritymagazine.com.au/up-to-10000-students-targeted-in-deakin-university-cyberattack/)
	- staff credentials were leaked and acces to students information was gathered
- [rusian hackers attack lithuania](https://www.reuters.com/world/europe/russian-hacker-group-says-cyber-attacks-continue-lithuania-2022-06-28/)
- [attacks against india](https://www.indiatoday.in/india/story/prophet-row-international-hackers-cyber-attacks-india-nupur-sharma-remark-1961941-2022-06-13)
- [retbleed attack affects AMD and Intel CPUs (spectre-based speculative-execution attacks)](https://thehackernews.com/2022/07/new-retbleed-speculative-execution.html)

# Vulnerabilities
- a potential weakness in an asset
	- or in its defense security control
- e.g., flaws in software packages or an unprotected system port

exploit is the technique used to attack

- [RAND report r-609-1 (1979)](https://i.imgur.com/GEVLIq1.png)
- need to be aware of vulnerabilities

e.g.,
- websites can steal browser data via extension APIs

# Security services and control
- services
	- the intended security goal or property (C.I.C provides the three main security services)
- controls
	- the mechanisms employed to implement the services

# CIA

# Privacy and Actions

# Shared responsibility

# Balance