SECCO

SEcurity Content COmmunity (SECCO), a place to share and comment on: IT security – related topics.

SECCO is the interactive section of the CIA³ site (pronounced: CIA cubed). CIA³ is a more modern version of the more classical security concepts known as the CIA triad. CIA³ does however cover: Confidentiality, Integrity, Availability, Accountability, and Assurance.

Blog

Threat summary

Simple chart with classification of different InfoSec threats. Misdirection: Spoofing, Pharming, XSS, poisoning (arp,dns) Social trust: Phishing, Social engineering, Social network attacks, Vulnerability: SQl inject, code injection, path traversal, buffer overflow, Snooping: Replay attacks, Sniffing, Keylogging, Session Hijacking, TEMPEST Password attacks: Dictionary, Brute force, Rainbow(hash) tables, Shoulder surfing Escalation: Authentication Bypass, Pivoting, Heuristic commits Malware: …

What control activities to verify?

During the validation of control activities you should attempt to make security easier on users and more difficult for attackers.  Activities to verify may include (not limited to): Prevention (2FA, least privilege, reduce deniability, …) Delay (strong encryption, layering, …) Detect (monitor, detect change, audit, automate, …) Compliance (implementation of corporate policy and standards, including configuration …