mirror of
https://github.com/jackyzha0/quartz.git
synced 2025-12-26 22:34:06 -06:00
45 lines
1.6 KiB
Markdown
45 lines
1.6 KiB
Markdown
---
|
|
title: "02-concepts-and-roles"
|
|
aliases:
|
|
tags:
|
|
- comp210
|
|
---
|
|
|
|
# News
|
|
- [more personal email scams](https://theconversation.com/email-scams-are-getting-more-personal-they-even-fool-cybersecurity-experts-186009)
|
|
- They have more knowledge about your personal information
|
|
- [deakin university attack](https://australiancybersecuritymagazine.com.au/up-to-10000-students-targeted-in-deakin-university-cyberattack/)
|
|
- staff credentials were leaked and acces to students information was gathered
|
|
- [rusian hackers attack lithuania](https://www.reuters.com/world/europe/russian-hacker-group-says-cyber-attacks-continue-lithuania-2022-06-28/)
|
|
- [attacks against india](https://www.indiatoday.in/india/story/prophet-row-international-hackers-cyber-attacks-india-nupur-sharma-remark-1961941-2022-06-13)
|
|
- [retbleed attack affects AMD and Intel CPUs (spectre-based speculative-execution attacks)](https://thehackernews.com/2022/07/new-retbleed-speculative-execution.html)
|
|
|
|
# Vulnerabilities
|
|
- a potential weakness in an asset
|
|
- or in its defense security control
|
|
- e.g., flaws in software packages or an unprotected system port
|
|
|
|
exploit is the technique used to attack
|
|
|
|
- [RAND report r-609-1 (1979)](https://i.imgur.com/GEVLIq1.png)
|
|
- need to be aware of vulnerabilities
|
|
|
|
e.g.,
|
|
- websites can steal browser data via extension APIs
|
|
|
|
# Security services and control
|
|
- services
|
|
- the intended security goal or property (C.I.C provides the three main security services)
|
|
- controls
|
|
- the mechanisms employed to implement the services
|
|
|
|
# CIA
|
|
|
|
# Privacy and Actions
|
|
|
|
# Shared responsibility
|
|
|
|
# Balance
|
|
|
|
|