Knowledge

Vulnerability (computer security)

Source đź“ť

1053: 2665: 1103:(CVSS). CVSS evaluates the possibility to exploit the vulnerability and compromise data confidentiality, availability, and integrity. It also considers how the vulnerability could be used and how complex an exploit would need to be. The amount of access needed for exploitation and whether it could take place without user interaction are also factored in to the overall score. 969:
an identified vulnerability and whether it is cost effective to do so. Although attention to security can reduce the risk of attack, achieving perfect security for a complex system is impossible, and many security measures have unacceptable cost or usability downsides. For example, reducing the complexity and functionality of the system is effective at reducing the
2527: 684:, a development workflow that emphasizes automated testing and deployment to speed up the deployment of new features, often requires that many developers be granted access to change configurations, which can lead to deliberate or inadvertent inclusion of vulnerabilities. Compartmentalizing dependencies, which is often part of DevOps workflows, can reduce the 670:. This can lead to unintended vulnerabilities. The more complex the system is, the easier it is for vulnerabilities to go undetected. Some vulnerabilities are deliberately planted, which could be for any reason from a disgruntled employee selling access to hackers, to sophisticated state-sponsored schemes to introduce vulnerabilities to software. Inadequate 548:
vulnerabilities, and taking action to secure the system. Vulnerability management typically is a combination of remediation (fixing the vulnerability), mitigation (increasing the difficulty or reducing the danger of exploits), and accepting risks that are not economical or practical to eliminate. Vulnerabilities can be scored for risk according to the
560:
patch ================or otherwise) is associated with an increased risk of compromise because attackers often move faster than patches are rolled out. Regardless of whether a patch is ever released to remediate the vulnerability, its lifecycle will eventually end when the system, or older versions of it, fall out of use.
1077:
the patch to confirm functionality and compatibility. Larger organizations may fail to identify and patch all dependencies, while smaller enterprises and personal users may not install patches. Research suggests that risk of cyberattack increases if the vulnerability is made publicly known or a patch
968:
There is little evidence about the effectiveness and cost-effectiveness of different cyberattack prevention measures. Although estimating the risk of an attack is not straightforward, the mean time to breach and expected cost can be considered to determine the priority for remediating or mitigating
1065:(United States, United Kingdom, Canada, Australia, and New Zealand) captured the plurality of the market and other significant purchasers included Russia, India, Brazil, Malaysia, Singapore, North Korea, and Iran. Organized criminal groups also buy vulnerabilities, although they typically prefer 1060:
The vulnerability lifecycle begins when vulnerabilities are introduced into hardware or software. Detection of vulnerabilities can be by the software vendor, or by a third party. In the latter case, it is considered most ethical to immediately disclose the vulnerability to the vendor so it can be
1043:
attempts to enter the system via an exploit to see if the system is insecure. If a penetration test fails, it does not necessarily mean that the system is secure. Some penetration tests can be conducted with automated software that tests against existing exploits for known vulnerabilities. Other
1010:
Vulnerabilities can only be exploited when they are active-the software in which they are embedded is actively running on the system. Before the code containing the vulnerability is configured to run on the system, it is considered a carrier. Dormant vulnerabilities can run, but are not currently
665:
practices can affect the risk of vulnerabilities being introduced to a code base. Lack of knowledge about secure software development or excessive pressure to deliver features quickly can lead to avoidable vulnerabilities to enter production code, especially if security is not prioritized by the
559:
A vulnerability is initiated when it is introduced into hardware or software. It becomes active and exploitable when the software or hardware containing the vulnerability is running. The vulnerability may be discovered by the vendor or a third party. Disclosing the vulnerability (as a [[software
542:
Despite intentions to achieve complete correctness, virtually all hardware and software contains bugs where the system does not behave as expected. If the bug could enable an attacker to compromise the confidentiality, integrity, or availability of system resources, it is called a vulnerability.
1123:
to those who report vulnerabilities to them. Not all companies respond positively to disclosures, as they can cause legal liability and operational overhead. There is no law requiring disclosure of vulnerabilities. If a vulnerability is discovered by a third party that does not disclose to the
774:
not to behave as expected under certain specific circumstances. Testing for security bugs in hardware is quite difficult due to limited time and the complexity of twenty-first century chips, while the globalization of design and manufacturing has increased the opportunity for these bugs to be
547:
practices as well as design factors such as complexity can increase the burden of vulnerabilities. There are different types most common in different components such as hardware, operating is a process that includes identifying systems and prioritizing which are most important, scanning for
1072:
Even vulnerabilities that are publicly known or patched are often exploitable for an extended period. Security patches can take months to develop, or may never be developed. A patch can have negative effects on the functionality of software and users may need to
1002:
are typically unable to detect zero-day vulnerabilities, but are more effective at finding known vulnerabilities based on a database. These systems can find some known vulnerabilities and advise fixes, such as a patch. However, they have limitations including
981:
strategy is used for multiple barriers to attack. Some organizations scan for only the highest-risk vulnerabilities as this enables prioritization in the context of lacking the resources to fix every vulnerability. Increasing expenses is likely to have
1085:
Vulnerabilities become deprecated when the software or vulnerable versions fall out of use. This can take an extended period of time; in particular, industrial software may not be feasible to replace even if the manufacturer stops supporting it.
976:
Successful vulnerability management usually involves a combination of remediation (closing a vulnerability), mitigation (increasing the difficulty, and reducing the consequences, of exploits), and accepting some residual risk. Often a
1011:
running. Software containing dormant and carrier vulnerabilities can sometimes be uninstalled or disabled, removing the risk. Active vulnerabilities, if distinguished from the other types, can be prioritized for patching.
1172:
The software vendor is usually not legally liable for the cost if a vulnerability is used in an attack, which creates an incentive to make cheaper but less secure software. Some companies are covered by laws, such as
1119:, or coordinated disclosure). The former approach is praised for its transparency, but the drawback is that the risk of attack is likely to be increased after disclosure with no patch available. Some vendors pay 2196:
Agrafiotis, Ioannis; Nurse, Jason R C; Goldsmith, Michael; Creese, Sadie; Upton, David (2018). "A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate".
743:
comes into existence when configuration settings cause risks to the system security, leading to such faults as unpatched software or file system permissions that do not sufficiently restrict access.
903:
is insufficient to reject the injected code. XSS can be persistent, when attackers save the malware in a data field and run it when the data is loaded; it can also be loaded using a malicious
588:
by malicious actors, and the actual risk is dependent on the nature of the vulnerability as well as the value of the surrounding system. Although some vulnerabilities can only be used for
631:
Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker has or can find the knowledge and tools to exploit the flaw.
1061:
fixed. Government or intelligence agencies buy vulnerabilities that have not been publicly disclosed and may use them in an attack, stockpile them, or notify the vendor. As of 2013, the
1031:
is a common strategy for reducing the harm that a cyberattack can cause. If a patch for third-party software is unavailable, it may be possible to temporarily disable the software.
817:
and allow anyone to contribute, which could enable the introduction of vulnerabilities. However, the same vulnerabilities also occur in proprietary operating systems such as
836:
are downloaded onto the end user's computers and are typically updated less frequently than web applications. Unlike web applications, they interact directly with a user's
1174: 1019:
Vulnerability mitigation is measures that do not close the vulnerability, but make it more difficult to exploit or reduce the consequences of an attack. Reducing the
2559: 692:
is used, rather than the organization's own hardware and software, the organization is dependent on the cloud services provider to prevent vulnerabilities.
523: 3103: 3080: 2508: 2489: 2470: 2451: 2432: 2413: 2394: 2375: 2356: 2337: 2318: 2299: 2275: 2256: 2237: 2186: 1323: 353: 3142: 1137: 1116: 736:
When the system fails to handle and exceptional or unanticipated condition correctly, an attacker can exploit the situation to gain access.
553: 3111: 2042: 1149: 1112: 1100: 1044:
penetration tests are conducted by trained hackers. Many companies prefer to contract out this work as it simulates an outsider attack.
675: 549: 2531: 2552: 750:—when timing or other external factors change the outcome and lead to inconsistent or unpredictable results—can cause a vulnerability. 47: 2037: 552:
or other systems, and added to vulnerability databases. As of 2023, there are more than 20 million vulnerabilities catalogued in the
3043: 2839: 2482:
The Vulnerability Researcher's Handbook: A comprehensive guide to discovering, reporting, and publishing security vulnerabilities
3093: 1145: 822: 701: 604:, which is necessary for more severe attacks. Without a vulnerability, the exploit cannot gain access. It is also possible for 243: 64: 1144:. As of 2023, it has over 20 million entries. This information is shared into other databases, including the United States' 584:) as well as those that have not been patched are still liable for exploitation. Vulnerabilities vary in their ability to be 516: 2286: 2173: 943:
is similar to CSRF, but the request is forged from the server side and often exploits the enhanced privilege of the server.
2906: 2545: 609: 456: 253: 136: 126: 3147: 163: 151: 3098: 3019: 2819: 1157: 1153: 940: 790: 585: 238: 999: 866:
run on many websites. Because they are inherently less secure than other applications, they are a leading source of
3075: 3033: 2689: 934: 810: 475: 213: 946: 3152: 2936: 2654: 740: 708: 509: 258: 1082:
the patch to find the underlying vulnerability and develop exploits, often faster than users install the patch.
937:(CSRF) is creating client requests that do malicious actions, such as an attacker changing a user's credentials. 2921: 2799: 2694: 963: 844:
Unencrypted data that is in permanent storage or sent over a network is relatively easy for attackers to steal.
434: 393: 363: 313: 833: 729:
vulnerabilities enable an attacker to access a system that is supposed to be restricted to them, or engage in
2368:
This Is How They Tell Me the World Ends: Winner of the FT & McKinsey Business Book of the Year Award 2021
2309:
Linkov, Igor; Kott, Alexander (2019). "Fundamental Concepts of Cyber Resilience: Introduction and Overview".
3009: 2961: 2624: 1028: 625: 173: 3137: 1344: 1125: 428: 3050: 2784: 1161: 765: 689: 847: 3070: 2982: 2931: 2876: 2744: 2717: 2699: 2664: 2597: 2568: 2268:
Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations
1099:
A commonly used scale for assessing the severity of vulnerabilities is the open-source specification
884: 798: 730: 662: 635: 601: 581: 544: 446: 388: 308: 2854: 2629: 2587: 1349: 983: 908: 870:
and other security incidents. Common types of vulnerabilities found in these applications include:
423: 248: 158: 3038: 2966: 2871: 2175:
Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
771: 716: 568:
Despite developers' goal of delivering a product that works entirely as intended, virtually all
17: 3086: 2844: 2779: 2729: 2676: 2634: 2582: 2504: 2485: 2466: 2447: 2428: 2409: 2390: 2371: 2352: 2333: 2314: 2295: 2271: 2252: 2233: 2213: 2182: 1319: 1141: 924: 818: 589: 418: 381: 348: 3055: 2995: 2759: 2749: 2644: 2205: 1079: 1074: 1040: 978: 918: 863: 851: 837: 794: 784: 398: 99: 2946: 2926: 2649: 2639: 712: 667: 645: 641: 178: 69: 38: 3116: 3014: 2864: 2814: 2789: 2754: 2734: 2614: 2602: 1182: 1164:
products. Submitting a CVE is voluntary for companies that discovered a vulnerability.
1052: 1020: 1004: 995: 970: 950: 900: 888: 874: 770:
Deliberate security bugs can be introduced during or after manufacturing and cause the
747: 726: 720: 685: 593: 577: 487: 318: 271: 201: 82: 59: 704:
classifies vulnerabilities into eight root causes that may be overlapping, including:
3131: 3026: 2987: 2956: 2951: 2804: 2794: 2764: 914: 878: 580:
are often released to fix identified vulnerabilities, but those that remain unknown (
569: 323: 218: 115: 927:
is a form of code injection where the attacker places the malware in data fields or
881:
failures enable attackers to access data that should be restricted to trusted users.
634:
Connectivity: any system connected to the internet can be accessed and compromised.
624:
Complexity: Large, complex systems increase the probability of flaws and unintended
620:
Fundamental design factors that can increase the burden of vulnerabilities include:
600:), without the user being aware of it. Only a minority of vulnerabilities allow for 3060: 2916: 2619: 2387:
Trusted Digital Circuits: Hardware Trojan Vulnerabilities, Prevention and Detection
2225: 678:
tools that can be used as part of code reviews and may find some vulnerabilities.
573: 411: 278: 231: 86: 3000: 2834: 2809: 2774: 2609: 1066: 1027:(administrator) access, and closing off opportunities for exploits to engage in 867: 814: 802: 671: 612:
or implants the malware in legitimate software that is downloaded deliberately.
576:
contains bugs. If a bug creates a security risk, it is called a vulnerability.
539:
are flaws in a computer system that weaken the overall security of the system.
481: 368: 105: 2330:
Practical Vulnerability Management: A Strategic Approach to Managing Cyber Risk
801:
bugs that enable the attacker to gain more access than they should be allowed.
3065: 2881: 2829: 2712: 2592: 2444:
Why Don't We Defend Better?: Data Breaches, Risk Management, and Public Policy
1120: 892: 648:
is at increased risk, but upgrading often is prohibitive in terms of cost and
338: 333: 110: 2217: 2941: 2896: 2891: 2739: 2707: 2209: 1062: 1024: 358: 208: 188: 93: 54: 2463:
Targeted Cyber Attacks: Multi-staged Attacks Driven by Exploits and Malware
1343:. The COAST Laboratory Department of Computer Sciences, Purdue University. 2526: 1128:, often considered the most dangerous type because fewer defenses exist. 638:
is one truly effective measure against attacks, but it is rarely feasible.
2901: 2859: 2722: 649: 452: 183: 131: 907:
link (reflected XSS). Attackers can also insert malicious code into the
825:. All reputable vendors of operating systems provide patches regularly. 723:
is not sufficient to prevent the attacker from injecting malicious code.
2911: 2886: 2849: 2537: 928: 896: 605: 597: 440: 328: 303: 296: 168: 2824: 2769: 2684: 681: 494: 343: 283: 121: 1972: 1970: 1160:. CVE and other databases typically do not track vulnerabilities in 949:
occurs when programmers do not consider unexpected cases arising in
1111:
Someone who discovers a vulnerability may disclose it immediately (
608:
to be installed directly, without an exploit, if the attacker uses
1178: 1051: 806: 2249:
Mobile OS Vulnerabilities: Quantitative and Qualitative Analysis
1635: 1633: 994:
Remediation fixes vulnerabilities, for example by downloading a
2541: 2288:
The Defender’s Dilemma: Charting a Course Toward Cybersecurity
2100: 2098: 904: 1827: 1825: 1752: 1750: 1708: 1706: 1704: 1185:, that place legal requirements on vulnerability management. 2663: 2425:
Introduction to Cybersecurity: A Multidisciplinary Challenge
1475: 1473: 1471: 1458: 1456: 931:. The attacker might be able to take over the entire server. 1933: 1931: 1929: 1927: 1318:. Morgan Kaufmann Publications. Elsevier Inc. p. 393. 1213: 1211: 1209: 688:
by paring down dependencies to only what is necessary. If
840:. Common vulnerabilities in these applications include: 1866: 1864: 1592: 1590: 1588: 1586: 1584: 1559: 1557: 1555: 1553: 1540: 1538: 1536: 1314:
Kakareka, Almantas (2009). "23". In Vacca, John (ed.).
1148:, where each vulnerability is given a risk score using 2285:
Libicki, Martin C.; Ablon, Lillian; Webb, Tim (2015).
2127: 2125: 1725: 1723: 1721: 2499:
Tjoa, Simon; Gafić, Melisa; Kieseberg, Peter (2024).
2313:. Springer International Publishing. pp. 1–25. 2975: 2675: 2575: 2406:
PCI DSS: An Integrated Data Security Standard Guide
592:attacks, more dangerous ones allow the attacker to 1620: 2230:Big Breaches: Cybersecurity Lessons for Everyone 2077: 1976: 1961: 1906: 1882: 1136:The most commonly used vulnerability dataset is 1253: 1229: 850:occurs when an attacker takes over an existing 696:National Vulnerability Database classification 2553: 517: 8: 2155: 2104: 2065: 2024: 1843: 1831: 1816: 1780: 1768: 1756: 1741: 1712: 1695: 1639: 1575: 1435: 1423: 1411: 1399: 1375: 1301: 1289: 1277: 1265: 1115:) or wait until a patch has been developed ( 1023:, particularly for parts of the system with 674:can lead to missed bugs, but there are also 2143: 2038:"Ask an Ethicist: Vulnerability Disclosure" 1918: 1667: 1651: 1515: 1479: 1462: 1447: 1217: 1200: 2560: 2546: 2538: 2442:Sloan, Robert H.; Warner, Richard (2019). 1937: 1363: 1316:Computer and Information Security Handbook 524: 510: 29: 3104:Security information and event management 1804: 1792: 1683: 1348: 27:Exploitable weakness in a computer system 2311:Cyber Resilience of Systems and Networks 1894: 2266:Haber, Morey J.; Hibbert, Brad (2018). 1503: 1491: 1193: 636:Disconnecting systems from the internet 37: 2461:Sood, Aditya; Enbody, Richard (2014). 2131: 2116: 2089: 2012: 2000: 1988: 1949: 1870: 1855: 1729: 1608: 1596: 1563: 1544: 1387: 1241: 3081:Host-based intrusion detection system 2247:Garg, Shivi; Baliyan, Niyati (2023). 2172:Ablon, Lillian; Bogart, Andy (2017). 1527: 1124:vendor or the public, it is called a 1090:Assessment, disclosure, and inventory 7: 1138:Common Vulnerabilities and Exposures 921:to gain unauthorized access to data. 554:Common Vulnerabilities and Exposures 3112:Runtime application self-protection 2045:'s Committee on Professional Ethics 2043:Association for Computing Machinery 1150:Common Vulnerability Scoring System 1101:Common Vulnerability Scoring System 550:Common Vulnerability Scoring System 244:forensics-focused operating systems 2349:Zero Day: The Threat In Cyberspace 25: 3044:Security-focused operating system 2840:Insecure direct object reference 2525: 1078:is released. Cybercriminals can 791:operating system vulnerabilities 785:Operating system § Security 775:introduced by malicious actors. 18:Vulnerability (computer science) 3094:Information security management 1146:National Vulnerability Database 1000:Software vulnerability scanners 917:and similar attacks manipulate 702:National Vulnerability Database 596:and run their own code (called 65:Hacking of consumer electronics 2078:Libicki, Ablon & Webb 2015 1977:Libicki, Ablon & Webb 2015 1962:Libicki, Ablon & Webb 2015 1907:Libicki, Ablon & Webb 2015 1883:Libicki, Ablon & Webb 2015 1341:Technical Report CSD-TR-97-026 1339:Krsul, Ivan (April 15, 1997). 1: 2501:Cyber Resilience Fundamentals 719:) vulnerabilities occur when 947:Business logic vulnerability 797:in use, a common problem is 755:Vulnerabilities by component 741:configuration vulnerability 164:Chaos Communication Congress 3143:Hacking (computer security) 3099:Information risk management 3020:Multi-factor authentication 2576:Related security categories 1254:Daswani & Elbayadi 2021 1230:Daswani & Elbayadi 2021 1158:Common Weakness Enumeration 1154:Common Platform Enumeration 941:Server-side request forgery 887:(XSS) enables attackers to 3169: 3076:Intrusion detection system 3034:Computer security software 2690:Advanced persistent threat 2328:Magnusson, Andrew (2020). 2228:; Elbayadi, Moudy (2021). 961: 935:Cross-site request forgery 834:Client–server applications 829:Client–server applications 805:operating systems such as 782: 763: 476:2600: The Hacker Quarterly 214:List of computer criminals 2661: 2655:Digital rights management 2532:Vulnerability (computing) 2480:Strout, Benjamin (2023). 2370:. Bloomsbury Publishing. 2366:Perlroth, Nicole (2021). 2347:O'Harrow, Robert (2013). 813:have a freely accessible 2800:Denial-of-service attack 2695:Arbitrary code execution 2385:Salmani, Hassan (2018). 2198:Journal of Cybersecurity 2156:Haber & Hibbert 2018 2105:Haber & Hibbert 2018 2025:Haber & Hibbert 2018 1844:Haber & Hibbert 2018 1832:Haber & Hibbert 2018 1817:Haber & Hibbert 2018 1781:Haber & Hibbert 2018 1769:Haber & Hibbert 2018 1757:Haber & Hibbert 2018 1742:Haber & Hibbert 2018 1713:Haber & Hibbert 2018 1696:Haber & Hibbert 2018 1640:Haber & Hibbert 2018 1576:Haber & Hibbert 2018 1436:Haber & Hibbert 2018 1424:Haber & Hibbert 2018 1412:Haber & Hibbert 2018 1400:Haber & Hibbert 2018 1376:Haber & Hibbert 2018 1302:Haber & Hibbert 2018 1290:Haber & Hibbert 2018 1278:Haber & Hibbert 2018 1266:Haber & Hibbert 2018 964:Vulnerability management 394:Cloud computing security 3010:Computer access control 2962:Rogue security software 2625:Electromagnetic warfare 2144:Sloan & Warner 2019 1919:Ablon & Bogart 2017 1516:Garg & Baliyan 2023 1480:Garg & Baliyan 2023 1463:Garg & Baliyan 2023 1448:Garg & Baliyan 2023 1218:Ablon & Bogart 2017 1201:Ablon & Bogart 2017 1132:Vulnerability inventory 1048:Vulnerability lifecycle 823:Apple operating systems 174:Hackers on Planet Earth 3056:Obfuscation (software) 2785:Browser Helper Objects 2669: 1938:Sood & Enbody 2014 1364:Linkov & Kott 2019 1126:zero-day vulnerability 1117:responsible disclosure 1057: 1056:Vulnerability timeline 1029:privilege exploitation 793:vary depending on the 429:Homebrew Computer Club 3051:Data-centric security 2932:Remote access trojans 2667: 2423:Sharp, Robin (2024). 2210:10.1093/cybsec/tyy006 1162:software as a service 1140:(CVE), maintained by 1055: 766:Hardware security bug 690:software as a service 2983:Application security 2877:Privilege escalation 2745:Cross-site scripting 2598:Cybersex trafficking 2569:Information security 2534:at Wikimedia Commons 2484:. Packt Publishing. 2404:Seaman, Jim (2020). 2294:. Rand Corporation. 2181:. Rand Corporation. 885:Cross-site scripting 799:privilege escalation 731:privilege escalation 676:static code analysis 663:software development 602:privilege escalation 545:software development 447:Masters of Deception 389:Application security 3148:Security compliance 2630:Information warfare 2588:Automotive security 2503:. Springer Nature. 2427:. Springer Nature. 2351:. Diversion Books. 2332:. No Starch Press. 2146:, pp. 104–105. 1698:, pp. 166–167. 1438:, pp. 135–137. 984:diminishing returns 909:domain object model 657:Development factors 424:Chaos Computer Club 159:Black Hat Briefings 33:Part of a series on 3039:Antivirus software 2907:Social engineering 2872:Polymorphic engine 2825:Fraudulent dialers 2730:Hardware backdoors 2670: 1909:, pp. 44, 46. 1674:, pp. 68, 70. 1156:(CPE) scheme, and 1058: 772:integrated circuit 717:boundary condition 610:social engineering 254:Social engineering 3125: 3124: 3087:Anomaly detection 2992:Secure by default 2845:Keystroke loggers 2780:Drive-by download 2668:vectorial version 2635:Internet security 2583:Computer security 2530:Media related to 2510:978-3-031-52064-8 2491:978-1-80324-356-6 2472:978-0-12-800619-1 2453:978-1-351-12729-5 2434:978-3-031-41463-3 2415:978-1-4842-5808-8 2396:978-3-319-79081-7 2377:978-1-5266-2983-8 2358:978-1-938120-76-3 2339:978-1-59327-989-9 2320:978-3-319-77492-3 2301:978-0-8330-8911-3 2277:978-1-4842-3627-7 2258:978-1-000-92451-0 2239:978-1-4842-6654-0 2188:978-0-8330-9761-3 2027:, pp. 73–74. 1979:, pp. 49–50. 1783:, pp. 84–85. 1744:, pp. 12–13. 1642:, pp. 97–98. 1611:, pp. 14–15. 1518:, pp. 20–25. 1450:, pp. 17–18. 1325:978-0-12-374354-1 1304:, pp. 13–14. 1256:, pp. 26–27. 1244:, pp. 47–48. 1142:Mitre Corporation 925:Command injection 848:Process hijacking 819:Microsoft Windows 590:denial of service 534: 533: 382:Computer security 349:Keystroke logging 16:(Redirected from 3160: 3153:Software testing 2996:Secure by design 2927:Hardware Trojans 2760:History sniffing 2750:Cross-site leaks 2645:Network security 2562: 2555: 2548: 2539: 2529: 2514: 2495: 2476: 2457: 2438: 2419: 2400: 2381: 2362: 2343: 2324: 2305: 2293: 2281: 2262: 2243: 2221: 2192: 2180: 2159: 2153: 2147: 2141: 2135: 2129: 2120: 2114: 2108: 2102: 2093: 2087: 2081: 2075: 2069: 2063: 2057: 2056: 2054: 2052: 2034: 2028: 2022: 2016: 2010: 2004: 1998: 1992: 1986: 1980: 1974: 1965: 1959: 1953: 1947: 1941: 1935: 1922: 1916: 1910: 1904: 1898: 1892: 1886: 1880: 1874: 1868: 1859: 1853: 1847: 1841: 1835: 1829: 1820: 1814: 1808: 1802: 1796: 1790: 1784: 1778: 1772: 1766: 1760: 1754: 1745: 1739: 1733: 1727: 1716: 1710: 1699: 1693: 1687: 1681: 1675: 1665: 1659: 1649: 1643: 1637: 1628: 1618: 1612: 1606: 1600: 1594: 1579: 1573: 1567: 1561: 1548: 1542: 1531: 1525: 1519: 1513: 1507: 1501: 1495: 1489: 1483: 1477: 1466: 1460: 1451: 1445: 1439: 1433: 1427: 1421: 1415: 1409: 1403: 1397: 1391: 1385: 1379: 1373: 1367: 1361: 1355: 1354: 1352: 1336: 1330: 1329: 1311: 1305: 1299: 1293: 1287: 1281: 1275: 1269: 1263: 1257: 1251: 1245: 1239: 1233: 1227: 1221: 1215: 1204: 1198: 1080:reverse engineer 1041:penetration test 979:defense in depth 919:database queries 864:Web applications 859:Web applications 852:computer process 838:operating system 795:operating system 779:Operating system 709:Input validation 578:Software patches 556:(CVE) database. 526: 519: 512: 399:Network security 100:Hacker Manifesto 39:Computer hacking 30: 21: 3168: 3167: 3163: 3162: 3161: 3159: 3158: 3157: 3128: 3127: 3126: 3121: 2971: 2671: 2659: 2650:Copy protection 2640:Mobile security 2571: 2566: 2522: 2517: 2511: 2498: 2492: 2479: 2473: 2460: 2454: 2441: 2435: 2422: 2416: 2403: 2397: 2384: 2378: 2365: 2359: 2346: 2340: 2327: 2321: 2308: 2302: 2291: 2284: 2278: 2265: 2259: 2246: 2240: 2224: 2195: 2189: 2178: 2171: 2167: 2162: 2154: 2150: 2142: 2138: 2130: 2123: 2115: 2111: 2103: 2096: 2088: 2084: 2076: 2072: 2064: 2060: 2050: 2048: 2036: 2035: 2031: 2023: 2019: 2015:, pp. 5–6. 2011: 2007: 1999: 1995: 1987: 1983: 1975: 1968: 1960: 1956: 1948: 1944: 1936: 1925: 1917: 1913: 1905: 1901: 1893: 1889: 1881: 1877: 1869: 1862: 1854: 1850: 1842: 1838: 1830: 1823: 1815: 1811: 1803: 1799: 1791: 1787: 1779: 1775: 1767: 1763: 1755: 1748: 1740: 1736: 1728: 1719: 1711: 1702: 1694: 1690: 1682: 1678: 1666: 1662: 1650: 1646: 1638: 1631: 1619: 1615: 1607: 1603: 1595: 1582: 1574: 1570: 1562: 1551: 1543: 1534: 1526: 1522: 1514: 1510: 1502: 1498: 1490: 1486: 1478: 1469: 1461: 1454: 1446: 1442: 1434: 1430: 1422: 1418: 1410: 1406: 1398: 1394: 1386: 1382: 1374: 1370: 1362: 1358: 1338: 1337: 1333: 1326: 1313: 1312: 1308: 1300: 1296: 1288: 1284: 1276: 1272: 1268:, pp. 5–6. 1264: 1260: 1252: 1248: 1240: 1236: 1228: 1224: 1216: 1207: 1199: 1195: 1191: 1170: 1134: 1113:full disclosure 1109: 1097: 1092: 1050: 1037: 1017: 1005:false positives 992: 966: 960: 861: 831: 787: 781: 768: 762: 757: 713:buffer overflow 698: 668:company culture 659: 642:Legacy software 618: 566: 537:Vulnerabilities 530: 501: 500: 470: 462: 461: 414: 404: 403: 384: 374: 373: 299: 289: 288: 274: 264: 263: 234: 224: 223: 204: 194: 193: 179:Security BSides 154: 144: 143: 89: 75: 74: 70:List of hackers 50: 28: 23: 22: 15: 12: 11: 5: 3166: 3164: 3156: 3155: 3150: 3145: 3140: 3130: 3129: 3123: 3122: 3120: 3119: 3117:Site isolation 3114: 3109: 3108: 3107: 3101: 3091: 3090: 3089: 3084: 3073: 3068: 3063: 3058: 3053: 3048: 3047: 3046: 3041: 3031: 3030: 3029: 3024: 3023: 3022: 3015:Authentication 3007: 3006: 3005: 3004: 3003: 2993: 2990: 2979: 2977: 2973: 2972: 2970: 2969: 2964: 2959: 2954: 2949: 2944: 2939: 2934: 2929: 2924: 2919: 2914: 2909: 2904: 2899: 2894: 2889: 2884: 2879: 2874: 2869: 2868: 2867: 2857: 2852: 2847: 2842: 2837: 2832: 2827: 2822: 2817: 2815:Email spoofing 2812: 2807: 2802: 2797: 2792: 2787: 2782: 2777: 2772: 2767: 2762: 2757: 2755:DOM clobbering 2752: 2747: 2742: 2737: 2735:Code injection 2732: 2727: 2726: 2725: 2720: 2715: 2710: 2702: 2697: 2692: 2687: 2681: 2679: 2673: 2672: 2662: 2660: 2658: 2657: 2652: 2647: 2642: 2637: 2632: 2627: 2622: 2617: 2615:Cyberterrorism 2612: 2607: 2606: 2605: 2603:Computer fraud 2600: 2590: 2585: 2579: 2577: 2573: 2572: 2567: 2565: 2564: 2557: 2550: 2542: 2536: 2535: 2521: 2520:External links 2518: 2516: 2515: 2509: 2496: 2490: 2477: 2471: 2458: 2452: 2439: 2433: 2420: 2414: 2401: 2395: 2382: 2376: 2363: 2357: 2344: 2338: 2325: 2319: 2306: 2300: 2282: 2276: 2263: 2257: 2244: 2238: 2222: 2193: 2187: 2168: 2166: 2163: 2161: 2160: 2158:, p. 111. 2148: 2136: 2121: 2109: 2107:, p. 110. 2094: 2082: 2070: 2058: 2047:. 17 July 2018 2029: 2017: 2005: 1993: 1981: 1966: 1954: 1942: 1923: 1911: 1899: 1897:, p. 145. 1887: 1875: 1860: 1848: 1836: 1821: 1809: 1805:Magnusson 2020 1797: 1793:Magnusson 2020 1785: 1773: 1761: 1746: 1734: 1717: 1700: 1688: 1684:Magnusson 2020 1676: 1660: 1644: 1629: 1613: 1601: 1580: 1578:, p. 129. 1568: 1549: 1532: 1530:, p. 271. 1520: 1508: 1496: 1484: 1467: 1452: 1440: 1428: 1426:, p. 142. 1416: 1414:, p. 141. 1404: 1402:, p. 143. 1392: 1380: 1378:, p. 155. 1368: 1356: 1350:10.1.1.26.5435 1331: 1324: 1306: 1294: 1282: 1270: 1258: 1246: 1234: 1222: 1205: 1192: 1190: 1187: 1183:Sarbanes-Oxley 1169: 1166: 1133: 1130: 1108: 1105: 1096: 1093: 1091: 1088: 1049: 1046: 1036: 1033: 1021:attack surface 1016: 1013: 996:software patch 991: 988: 971:attack surface 962:Main article: 959: 956: 955: 954: 951:business logic 944: 938: 932: 922: 912: 901:input checking 882: 875:Authentication 860: 857: 856: 855: 845: 830: 827: 780: 777: 764:Main article: 761: 758: 756: 753: 752: 751: 748:race condition 744: 737: 734: 727:Access control 724: 721:input checking 697: 694: 686:attack surface 658: 655: 654: 653: 639: 632: 629: 617: 616:Design factors 614: 565: 562: 532: 531: 529: 528: 521: 514: 506: 503: 502: 499: 498: 491: 488:Nuts and Volts 484: 479: 471: 468: 467: 464: 463: 460: 459: 450: 444: 438: 435:Legion of Doom 432: 426: 421: 415: 410: 409: 406: 405: 402: 401: 396: 391: 385: 380: 379: 376: 375: 372: 371: 366: 361: 356: 351: 346: 341: 336: 331: 326: 321: 316: 311: 306: 300: 295: 294: 291: 290: 287: 286: 281: 275: 272:Practice sites 270: 269: 266: 265: 262: 261: 256: 251: 246: 241: 235: 230: 229: 226: 225: 222: 221: 216: 211: 205: 202:Computer crime 200: 199: 196: 195: 192: 191: 186: 181: 176: 171: 166: 161: 155: 150: 149: 146: 145: 142: 141: 140: 139: 134: 129: 118: 113: 108: 103: 96: 90: 83:Hacker culture 81: 80: 77: 76: 73: 72: 67: 62: 60:Cryptovirology 57: 51: 46: 45: 42: 41: 35: 34: 26: 24: 14: 13: 10: 9: 6: 4: 3: 2: 3165: 3154: 3151: 3149: 3146: 3144: 3141: 3139: 3138:Vulnerability 3136: 3135: 3133: 3118: 3115: 3113: 3110: 3105: 3102: 3100: 3097: 3096: 3095: 3092: 3088: 3085: 3082: 3079: 3078: 3077: 3074: 3072: 3069: 3067: 3064: 3062: 3059: 3057: 3054: 3052: 3049: 3045: 3042: 3040: 3037: 3036: 3035: 3032: 3028: 3027:Authorization 3025: 3021: 3018: 3017: 3016: 3013: 3012: 3011: 3008: 3002: 2999: 2998: 2997: 2994: 2991: 2989: 2988:Secure coding 2986: 2985: 2984: 2981: 2980: 2978: 2974: 2968: 2965: 2963: 2960: 2958: 2957:SQL injection 2955: 2953: 2950: 2948: 2945: 2943: 2940: 2938: 2937:Vulnerability 2935: 2933: 2930: 2928: 2925: 2923: 2922:Trojan horses 2920: 2918: 2917:Software bugs 2915: 2913: 2910: 2908: 2905: 2903: 2900: 2898: 2895: 2893: 2890: 2888: 2885: 2883: 2880: 2878: 2875: 2873: 2870: 2866: 2863: 2862: 2861: 2858: 2856: 2853: 2851: 2848: 2846: 2843: 2841: 2838: 2836: 2833: 2831: 2828: 2826: 2823: 2821: 2818: 2816: 2813: 2811: 2808: 2806: 2805:Eavesdropping 2803: 2801: 2798: 2796: 2795:Data scraping 2793: 2791: 2788: 2786: 2783: 2781: 2778: 2776: 2773: 2771: 2768: 2766: 2765:Cryptojacking 2763: 2761: 2758: 2756: 2753: 2751: 2748: 2746: 2743: 2741: 2738: 2736: 2733: 2731: 2728: 2724: 2721: 2719: 2716: 2714: 2711: 2709: 2706: 2705: 2703: 2701: 2698: 2696: 2693: 2691: 2688: 2686: 2683: 2682: 2680: 2678: 2674: 2666: 2656: 2653: 2651: 2648: 2646: 2643: 2641: 2638: 2636: 2633: 2631: 2628: 2626: 2623: 2621: 2618: 2616: 2613: 2611: 2608: 2604: 2601: 2599: 2596: 2595: 2594: 2591: 2589: 2586: 2584: 2581: 2580: 2578: 2574: 2570: 2563: 2558: 2556: 2551: 2549: 2544: 2543: 2540: 2533: 2528: 2524: 2523: 2519: 2512: 2506: 2502: 2497: 2493: 2487: 2483: 2478: 2474: 2468: 2464: 2459: 2455: 2449: 2446:. CRC Press. 2445: 2440: 2436: 2430: 2426: 2421: 2417: 2411: 2407: 2402: 2398: 2392: 2388: 2383: 2379: 2373: 2369: 2364: 2360: 2354: 2350: 2345: 2341: 2335: 2331: 2326: 2322: 2316: 2312: 2307: 2303: 2297: 2290: 2289: 2283: 2279: 2273: 2269: 2264: 2260: 2254: 2251:. CRC Press. 2250: 2245: 2241: 2235: 2231: 2227: 2226:Daswani, Neil 2223: 2219: 2215: 2211: 2207: 2203: 2199: 2194: 2190: 2184: 2177: 2176: 2170: 2169: 2164: 2157: 2152: 2149: 2145: 2140: 2137: 2133: 2128: 2126: 2122: 2119:, p. 22. 2118: 2113: 2110: 2106: 2101: 2099: 2095: 2092:, p. 36. 2091: 2086: 2083: 2080:, p. 45. 2079: 2074: 2071: 2068:, p. 18. 2067: 2066:O'Harrow 2013 2062: 2059: 2046: 2044: 2039: 2033: 2030: 2026: 2021: 2018: 2014: 2009: 2006: 2003:, p. 19. 2002: 1997: 1994: 1991:, p. 28. 1990: 1985: 1982: 1978: 1973: 1971: 1967: 1964:, p. 50. 1963: 1958: 1955: 1952:, p. 26. 1951: 1946: 1943: 1940:, p. 42. 1939: 1934: 1932: 1930: 1928: 1924: 1920: 1915: 1912: 1908: 1903: 1900: 1896: 1895:Perlroth 2021 1891: 1888: 1885:, p. 44. 1884: 1879: 1876: 1873:, p. 18. 1872: 1867: 1865: 1861: 1858:, p. 16. 1857: 1852: 1849: 1846:, p. 94. 1845: 1840: 1837: 1834:, p. 96. 1833: 1828: 1826: 1822: 1819:, p. 93. 1818: 1813: 1810: 1807:, p. 33. 1806: 1801: 1798: 1795:, p. 32. 1794: 1789: 1786: 1782: 1777: 1774: 1771:, p. 85. 1770: 1765: 1762: 1759:, p. 84. 1758: 1753: 1751: 1747: 1743: 1738: 1735: 1731: 1726: 1724: 1722: 1718: 1715:, p. 11. 1714: 1709: 1707: 1705: 1701: 1697: 1692: 1689: 1686:, p. 34. 1685: 1680: 1677: 1673: 1671: 1664: 1661: 1658:, p. 63. 1657: 1655: 1648: 1645: 1641: 1636: 1634: 1630: 1626: 1624: 1617: 1614: 1610: 1605: 1602: 1599:, p. 14. 1598: 1593: 1591: 1589: 1587: 1585: 1581: 1577: 1572: 1569: 1566:, p. 13. 1565: 1560: 1558: 1556: 1554: 1550: 1547:, p. 15. 1546: 1541: 1539: 1537: 1533: 1529: 1524: 1521: 1517: 1512: 1509: 1506:, p. 11. 1505: 1500: 1497: 1493: 1488: 1485: 1482:, p. 18. 1481: 1476: 1474: 1472: 1468: 1465:, p. 17. 1464: 1459: 1457: 1453: 1449: 1444: 1441: 1437: 1432: 1429: 1425: 1420: 1417: 1413: 1408: 1405: 1401: 1396: 1393: 1390:, p. 17. 1389: 1384: 1381: 1377: 1372: 1369: 1365: 1360: 1357: 1351: 1346: 1342: 1335: 1332: 1327: 1321: 1317: 1310: 1307: 1303: 1298: 1295: 1292:, p. 10. 1291: 1286: 1283: 1279: 1274: 1271: 1267: 1262: 1259: 1255: 1250: 1247: 1243: 1238: 1235: 1232:, p. 25. 1231: 1226: 1223: 1219: 1214: 1212: 1210: 1206: 1202: 1197: 1194: 1188: 1186: 1184: 1180: 1176: 1167: 1165: 1163: 1159: 1155: 1151: 1147: 1143: 1139: 1131: 1129: 1127: 1122: 1118: 1114: 1106: 1104: 1102: 1094: 1089: 1087: 1083: 1081: 1076: 1070: 1068: 1064: 1054: 1047: 1045: 1042: 1034: 1032: 1030: 1026: 1022: 1014: 1012: 1008: 1006: 1001: 997: 989: 987: 985: 980: 974: 972: 965: 957: 952: 948: 945: 942: 939: 936: 933: 930: 926: 923: 920: 916: 915:SQL injection 913: 910: 906: 902: 898: 894: 890: 886: 883: 880: 879:authorization 876: 873: 872: 871: 869: 868:data breaches 865: 858: 853: 849: 846: 843: 842: 841: 839: 835: 828: 826: 824: 820: 816: 812: 808: 804: 800: 796: 792: 786: 778: 776: 773: 767: 759: 754: 749: 745: 742: 738: 735: 732: 728: 725: 722: 718: 714: 710: 707: 706: 705: 703: 695: 693: 691: 687: 683: 679: 677: 673: 669: 664: 656: 651: 647: 643: 640: 637: 633: 630: 627: 626:access points 623: 622: 621: 615: 613: 611: 607: 603: 599: 595: 591: 587: 583: 579: 575: 571: 563: 561: 557: 555: 551: 546: 540: 538: 527: 522: 520: 515: 513: 508: 507: 505: 504: 497: 496: 492: 490: 489: 485: 483: 480: 478: 477: 473: 472: 466: 465: 458: 454: 451: 448: 445: 442: 439: 436: 433: 430: 427: 425: 422: 420: 417: 416: 413: 408: 407: 400: 397: 395: 392: 390: 387: 386: 383: 378: 377: 370: 367: 365: 362: 360: 357: 355: 352: 350: 347: 345: 342: 340: 337: 335: 332: 330: 327: 325: 322: 320: 317: 315: 312: 310: 307: 305: 302: 301: 298: 293: 292: 285: 282: 280: 277: 276: 273: 268: 267: 260: 259:Vulnerability 257: 255: 252: 250: 247: 245: 242: 240: 237: 236: 233: 232:Hacking tools 228: 227: 220: 219:Script kiddie 217: 215: 212: 210: 207: 206: 203: 198: 197: 190: 187: 185: 182: 180: 177: 175: 172: 170: 167: 165: 162: 160: 157: 156: 153: 148: 147: 138: 135: 133: 130: 128: 125: 124: 123: 119: 117: 116:Maker culture 114: 112: 109: 107: 104: 102: 101: 97: 95: 92: 91: 88: 84: 79: 78: 71: 68: 66: 63: 61: 58: 56: 53: 52: 49: 44: 43: 40: 36: 32: 31: 19: 3061:Data masking 2620:Cyberwarfare 2500: 2481: 2465:. Syngress. 2462: 2443: 2424: 2405: 2389:. Springer. 2386: 2367: 2348: 2329: 2310: 2287: 2267: 2248: 2229: 2201: 2197: 2174: 2151: 2139: 2134:, p. 6. 2112: 2085: 2073: 2061: 2049:. Retrieved 2041: 2032: 2020: 2008: 1996: 1984: 1957: 1945: 1921:, p. 8. 1914: 1902: 1890: 1878: 1851: 1839: 1812: 1800: 1788: 1776: 1764: 1737: 1732:, p. 8. 1691: 1679: 1669: 1663: 1653: 1647: 1627:, p. 2. 1622: 1616: 1604: 1571: 1523: 1511: 1504:Salmani 2018 1499: 1494:, p. 1. 1492:Salmani 2018 1487: 1443: 1431: 1419: 1407: 1395: 1383: 1371: 1366:, p. 2. 1359: 1340: 1334: 1315: 1309: 1297: 1285: 1280:, p. 6. 1273: 1261: 1249: 1237: 1225: 1220:, p. 2. 1203:, p. 1. 1196: 1171: 1135: 1121:bug bounties 1110: 1098: 1084: 1071: 1067:exploit kits 1059: 1038: 1018: 1009: 993: 975: 967: 862: 832: 788: 769: 699: 680: 672:code reviews 660: 619: 567: 558: 541: 536: 535: 493: 486: 474: 469:Publications 314:Trojan horse 279:HackThisSite 98: 3001:Misuse case 2835:Infostealer 2810:Email fraud 2775:Data breach 2610:Cybergeddon 2132:Strout 2023 2117:Strout 2023 2090:Strout 2023 2013:Strout 2023 2001:Strout 2023 1989:Strout 2023 1950:Strout 2023 1871:Strout 2023 1856:Strout 2023 1730:Strout 2023 1621:Agrafiotis 1609:Strout 2023 1597:Strout 2023 1564:Strout 2023 1545:Strout 2023 1388:Strout 2023 1242:Seaman 2020 990:Remediation 815:source code 803:Open-source 711:(including 482:Hacker News 369:Infostealer 152:Conferences 106:Hackerspace 3132:Categories 3066:Encryption 2942:Web shells 2882:Ransomware 2830:Hacktivism 2593:Cybercrime 2408:. Apress. 2270:. Apress. 2232:. Apress. 1528:Sharp 2024 1189:References 1107:Disclosure 1095:Assessment 1015:Mitigation 958:Management 893:JavaScript 783:See also: 339:Logic bomb 334:Ransomware 111:Hacktivism 2897:Shellcode 2892:Scareware 2740:Crimeware 2700:Backdoors 2218:2057-2085 1345:CiteSeerX 1168:Liability 1063:Five Eyes 929:processes 789:Although 586:exploited 582:zero days 543:Insecure 457:Blue team 449:(defunct) 443:(defunct) 437:(defunct) 431:(defunct) 419:Anonymous 359:Web shell 209:Crimeware 189:Summercon 137:White hat 127:Black hat 120:Types of 94:Hackathon 55:Phreaking 3071:Firewall 2976:Defenses 2902:Spamming 2887:Rootkits 2860:Phishing 2820:Exploits 1152:(CVSS), 891:and run 760:Hardware 650:downtime 646:hardware 574:hardware 570:software 453:Red team 309:Backdoor 184:ShmooCon 132:Grey hat 2912:Spyware 2855:Payload 2850:Malware 2790:Viruses 2770:Botnets 2677:Threats 2165:Sources 1035:Testing 897:malware 895:-based 811:Android 606:malware 598:malware 441:LulzSec 329:Spyware 304:Rootkit 297:Malware 249:Payload 239:Exploit 169:DEF CON 122:hackers 48:History 3106:(SIEM) 3083:(HIDS) 2967:Zombie 2704:Bombs 2685:Adware 2507:  2488:  2469:  2450:  2431:  2412:  2393:  2374:  2355:  2336:  2317:  2298:  2274:  2255:  2236:  2216:  2185:  1670:et al. 1654:et al. 1623:et al. 1347:  1322:  1181:, and 889:inject 682:DevOps 594:inject 564:Causes 495:Phrack 412:Groups 344:Botnet 284:Zone-H 2952:Worms 2947:Wiper 2865:Voice 2713:Logic 2292:(PDF) 2204:(1). 2179:(PDF) 2051:3 May 1668:Tjoa 1652:Tjoa 1179:HIPAA 899:when 807:Linux 661:Some 319:Virus 87:ethic 2718:Time 2708:Fork 2505:ISBN 2486:ISBN 2467:ISBN 2448:ISBN 2429:ISBN 2410:ISBN 2391:ISBN 2372:ISBN 2353:ISBN 2334:ISBN 2315:ISBN 2296:ISBN 2272:ISBN 2253:ISBN 2234:ISBN 2214:ISSN 2183:ISBN 2053:2024 1672:2024 1656:2024 1625:2018 1320:ISBN 1075:test 1025:root 877:and 821:and 809:and 715:and 700:The 644:and 572:and 354:HIDS 324:Worm 85:and 2723:Zip 2206:doi 1175:PCI 1069:. 986:. 973:. 905:URL 364:RCE 3134:: 2212:. 2200:. 2124:^ 2097:^ 2040:. 1969:^ 1926:^ 1863:^ 1824:^ 1749:^ 1720:^ 1703:^ 1632:^ 1583:^ 1552:^ 1535:^ 1470:^ 1455:^ 1208:^ 1177:, 1039:A 1007:. 998:. 746:A 739:A 455:/ 2561:e 2554:t 2547:v 2513:. 2494:. 2475:. 2456:. 2437:. 2418:. 2399:. 2380:. 2361:. 2342:. 2323:. 2304:. 2280:. 2261:. 2242:. 2220:. 2208:: 2202:4 2191:. 2055:. 1353:. 1328:. 953:. 911:. 854:. 733:. 652:. 628:. 525:e 518:t 511:v 20:)

Index

Vulnerability (computer science)
Computer hacking
History
Phreaking
Cryptovirology
Hacking of consumer electronics
List of hackers
Hacker culture
ethic
Hackathon
Hacker Manifesto
Hackerspace
Hacktivism
Maker culture
hackers
Black hat
Grey hat
White hat
Conferences
Black Hat Briefings
Chaos Communication Congress
DEF CON
Hackers on Planet Earth
Security BSides
ShmooCon
Summercon
Computer crime
Crimeware
List of computer criminals
Script kiddie

Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.

↑