Highest Voted 'threats' Questions - IT Security Stack Exchange

172

votes

9 answers

Is Adblock (Plus) a security risk?

My email-provider's website (http://www.gmx.de) recently started linking to the (German) site http://www.browsersicherheit.info/ which basically claims that due to its capabilities to modify a site's appearance, Adblock Plus (and others) might…

asked Feb 27 '14 at 07:25

Tobias Kienzler

7,578
10
43
66

51

votes

4 answers

Detecting skimmers and other ATM traps

This question has been bothering me ever since I first heard of ATM skimmers: Instances of skimming have been reported where the perpetrator has put a device over the card slot* of an ATM (automated teller machine), which reads the magnetic…

credit-card smartcard fraud threats atm

asked May 18 '13 at 01:00

TildalWave

10,801
11
45
84

33

votes

7 answers

Is having Steam installed a security risk?

Speaking to one of our security administrators at work, he insists that Steam is a well understood security risk and it shouldn't be installed on work machines. Saying it's not work related I understand, but is there a genuine security threat from…

network threats software

asked Jul 26 '12 at 13:17

Jon Hopkins

812
1
8
7

19

votes

2 answers

Encryption and the "security time decay" of prior encrypted data

This question is on the assumption that any data once encrypted, may (eventually) be decrypted through Brute force (compute power/time) Exploits in the cryptography used Theft of private keys Most threat models, procedures, and business…

cryptography encryption certificates public-key-infrastructure threats

asked Mar 22 '11 at 15:32

makerofthings7

50,090
54
250
536

18

votes

6 answers

What is the distinguishing point between a script kiddie and a hacker?

When I think of a script kiddie I think of someone who might barely research a tool then point it at a website - things like the recent question about LOIC come to mind when I think of that. A hacker (either black/white/grey), I imagine, is much…

terminology threats

asked Apr 15 '13 at 22:48

cutrightjm

1,714
4
18
31

18

votes

3 answers

What is the difference between "Incident", "Attack" and "event"?

In the Computer and network security incident taxonomy what are the differences between "Incident", "Attack" and "event"? Where does "threat" fit with them?

attacks terminology threats incident-analysis

asked Apr 22 '18 at 19:46

Mohammad

517
6
17

16

votes

6 answers

What are a few good lists of threats to use to kick-off conversations with others about what worries them?

To effectively communicate with business owners or executives on security, specifically with how people may harm their business, it often helps to discuss what types of people worry them. What are few good lists to kick-off such conversations?

business-risk user-education threats

asked Nov 12 '10 at 06:33

Tate Hansen

13,714
3
40
83

12

votes

5 answers

What are the likely threats to a public-facing DB instance?

Quick intro: Small company, VERY limited resources. I pretty much do everything including take out the trash. We've been running an instance of MySQL internally for years and it's worked OK, but I think this is largely just good luck. We have…

firewalls databases hardening mysql threats

asked Sep 09 '11 at 00:04

Steve K

221
2
5

12

votes

4 answers

Resources for data on security incidents

What resources exist to research data on actual security incidents? I would prefer an online resource but offline resources are acceptable. The cost of access should be less than $100 (US) for access to a statistically significant number of…

attacks research threats

asked Jul 15 '11 at 18:49

this.josh

8,843
2
29
51

11

votes

3 answers

Does broken site functionality pose any security threat?

If you are assessing an application as a part of pentesting exercise, how do you deal with broken site functionality? Should the issues be ignored? Is keeping functional bugs in a system safe?

web-application penetration-test threats

asked Sep 05 '16 at 08:41

one

1,781
3
18
45

10

votes

2 answers

Is SS7 a threat any more?

I'm reading about an SS7 issue: SS7 flaw allows hackers to spy on every conversation. It seems to me that any phone on the world can be intercepted so the hacker can listen to your phone call or read your text message. As far as I know, google,…

threats ss7

asked Jun 17 '16 at 04:07

Phương Nguyễn

211
1
5

9

votes

2 answers

How easy is it, really, to be hacked as an average user?

tl;dr at the bottom I have been searching around and I haven't been able to find a definitive answer to the question(s). I mainly work with OS X so that will be the base for my questions. How easy is it to be hacked if you're behind a standard…

threats vulnerability

asked Jun 18 '14 at 08:20

ElRojito

193
4

8

votes

6 answers

Security testing plan template or example

What does a security testing plan look like? Can anyone point out a template for such a document or an example?

automated-testing threats

asked Jul 12 '12 at 11:34

smiley

1,214
2
13
21

5

votes

1 answer

Drawbacks of ML in cyber security?

I did some research on the topic (as I'm new to it) and it frankly seems too good to be true. A company called Darktrace for instance, makes use of AI algorithms and ML to autonomously detect threats within the environment. Say I have an infected…

detection algorithm threats

asked Oct 09 '17 at 06:12

Marco Neves

53
4

5

votes

1 answer

What is OSINT (open source intelligence)?

I know about threat intelligence services. I've also read definitions of OSINT but I can't get a tangible feeling of what it actually is. What are some examples of OSINT services (apart from blacklisted IPs and malware C2s)? How is OSINT different…

threats

asked Mar 25 '16 at 05:43

Silverfox

3,369
2
19
39

Questions tagged [threats]