What is…an exploit?

shutterstock_189045062Most cyberattacks involve criminals exploiting some sort of security weakness.

That weakness could be down to a poorly chosen password, a user who falls for a fake login link, or an attachment that someone opened without thinking.

However, in the field of computer security, the word exploit has a specific meaning: an exploit is a way of abusing a software bug to bypass one or more security protections that are in place.

Software bugs that can be exploited in this way are known as vulnerabilities, for obvious reasons, and can take many forms.

Continue reading

What is… social engineering?

Welcome to our What is… series,
where we turn technical jargon into plain English.

It’s a key part of criminal activities, often an important step in phishing campaigns. But what is social engineering, exactly?

Social engineering is the act of manipulating people into taking a specific action for an attacker’s benefit. You might think it sounds like the work of a con artist – and you’d be right.

Since social engineering preys on the weaknesses inherent in all of us, it can be quite effective. And without proper training it’s tricky to prevent.

If you’ve ever received a phishy email, you’ve seen social engineering at work. The social engineering aspect of a phishing attack is the crucial first step – getting the victim to open a dodgy attachment or visit a malicious website. Continue reading

What is… the Internet of Things?

The phrase Internet of Things, or IoT for short, turns up all over the place these days.

But what is the thing of which the IoT is made?

Is it a specific sort of technology, like a low-powered computer chipset? A special sort of computer, such as one without a screen and keyboard? Is is an online trend, like Snapchat?

The answer, for better or for worse, is all of these, and a lot more besides.

Loosely speaking, the IoT refers to a whole class of day-to-day objects – things, if you like – that are now being offered with built-in network connectivity.

Continue reading