The 5 Factors of Authentication

Many people confuse authentication with authorization. They both start with "auth," so I can see how these terms might be mistakenly used interchangeably. The reality is authentication comes before authorization. Authentication is simply proving you are who you say are. For example, you provide your identity, such as a username or E-mail, and then you ...

Understanding the CIA Triad

No, I'm not referring to the Central Intelligence Agency, I'm referring to the three security principles: Confidentiality, Integrity, and Availability. In the cybersecurity world, these 3 principles are our core security goals. Confidentiality We keep sensitive and personal information "confidential," that is, the confidentiality principle enshrouds itself in preventing the unauthorized disclosure of data. We ...

The Approaching Arrival of Cyberterrorism

Introduction The biggest vulnerability confronting cybersecurity professionals today is one we aren't even fully prepared to handle. This vulnerability requires cybersecurity specialists to be armed with the latest technology in network and information security in order to safeguard US critical assets. The FBI and CIA acknowledge its existence and its significant risk to critical and ...

PenTest Edition: Creating A Man-in-the-Middle Attack using Cain & Abel [Tutorial]

A man-in-the-middle attack occurs when an attacker sits in the middle of the communication between two victim devices, secretly relaying information back-and-forth on their behalf. It can be thought of as active eavesdropping. The attacker cannot only see the communication traveling to-and-from the victim devices, but can also inject his own malicious traffic. With this ...