attackable surface
0001-01-01
Attack surface is the set of all entry points that an attacker may use to gain access to a system or network.
Read More
attackers gaining shells
0001-01-01
A common objective of an adversary is to achieve remote code execution on their target hosts. This can be done in a number of ways; by finding a ...
Read More
attribution
0001-01-01
In an Information Security setting, attribution seeks to determine the identity of perpetrators of cyber operations or events.
Read More
attribution by algoritm usage
0001-01-01
The usage of or specific paramenters used in conjunction with certain algorithms contained within a malware sample may be used as a form of ...
Read More
attribution by domain reuse
0001-01-01
Researchers are often able to ifer relationships between different strains or families of malware due to them using similar or identical domain names. ...
Read More
attribution by language usage
0001-01-01
Loose attribution can be placed on malware or threat actor activity due to the language contained within their commands, passwords, scripts, malware ...
Read More
attribution by password reuse
0001-01-01
Often, threat actors will reuse distinct passwords in separate incidents. This allows analysts to provide loose attribution to separate incidents ...
Read More
attribution by tool use
0001-01-01
Attribution may be determined by the usage of specific tools across multiple intrusions or events.
Read More
auditctl
0001-01-01
The auditctl command is a tool used to configure the Linux Audit System at runtime. It allows administrators to add, delete, and list audit rules. ...
Read More
auditd
0001-01-01
auditd is the auditing daemon for Linux and a component of the Linux Audit Framework. It provides enhanded audit logs that may be useful in a security ...
Read More