Z is for …

Zero Day The time taken between a vulnerability existing and a patch being released to fix it can be several weeks, months or even years. An exploit written to take advantage of this gap is known as a Zero Day. The bad guys are particularly interested in carrying out attacks against systems with vulnerabilities but no patches, … Continue reading Z is for …

Y is for …

Yottabyte You may not be too familiar with this term, but you will be within the next year or so I think. Disk space is measured in bytes, and each term used is a multiple of 1000 of the previous one. So we have: Bytes Kilobytes (1000 bytes) Megabytes (1000 kB) Gigabytes (1000 Mb) Terabytes … Continue reading Y is for …

X is for …

X-rated It’s well known that the internet hosts a wide variety of pornography sites, from the legal on the surface web to the illegal on the dark web. But what of other adult only material, which is also x-rated and may be illegal. Sites showing gore, mutilation, torture and worse? Again, they’re split between the … Continue reading X is for …

W is for …

Whaling When people launching spear phishing attacks against senior members of staff, this is known as whaling (because they’re after the big fish). That’s the only real difference in the terms, though the types of attack may differ slightly. Whales are more likely to be the target for mandate fraud, where an email purporting to … Continue reading W is for …

V is for …

VPN A virtual private network (VPN) is a form of network connection between two points which is encrypted. This helps protect the network traffic from being intercepted by others, and helps to keep the message secure. It’s a really good idea to use a VPN if you’re away from home eg in cafes or using … Continue reading V is for …

T is for …

Tailgating Tailgating is very easy to spot. It’s when you follow someone through a barrier without swiping your entry card, adding your pin number etc. You might have seen someone do this in a car park or elsewhere, following another vehicle in without paying: it’s the same principle. Trojan Taking its name from the Trojan … Continue reading T is for …

S is for …

Smishing This is very similar in concept to phishing, but instead of email being used to deliver malicious code or links to malicious website, SMS text messages are used. The messages often look as though they’ve come from someone you know and / or trust, but they have typically been spoofed to make you think they … Continue reading S is for …

R is for …

Red Team Just as penetration testers try to get access to an organisation electronically, red teams try to get physical access to the organisation. They use a combination of Open Source Intelligence gathering and social engineering to get access. These teams are typically engaged by senior management to test processes such as visitor registration, tailgating, signing in, … Continue reading R is for …

Q is for …

Quantum computing You probably know by now that typical computers function by using 1s and 0s, using binary maths. The transistors in them are either off (0) or on (1), with data being held as binary digits (bits). In quantum computing, quantum mechanics form the basis of the machine. Rather than bits and bytes, quantum … Continue reading Q is for …