* Zero-day
This expression means it is security vulnerability found recently from software but not modified yet by software manufacturer.
- Fortunately, there is almost none to use zero-day vulnerability among main security threat following the report by Microsoft but always important to keep up to date.
* Remote code execution
It means cyber criminals connect users computer remotely by using weakness and execute malicious software. Generally, it is utilized with bug from web browser, image view application, video, music player, and pdf viewer.
- So, it is important to be careful before opening the attached files from anonymous email. (when it is image or pdf file, need to be more careful)
* Sandboxing
This is one of way to protect from remote code execution. This technology makes app and other software process isolate even if some software found security vulnerability.
- There is Adobe Reader X using sandboxing technology so the security of reader improved.
* SSL (Security Socket Layer)
You can find "https" on the address bar of your browser usually from bank or shopping site with padlock sign, which means SSL is operating. It is used for having protection in exchanging information between visitors and site. It makes moving data with encryption.
* Certificates
SSL is enable to use at any web site including malicious one so it can not say the website with SSL is always secure. So, we need certificate that show identity of the website whether it is reliable or not. Generally, Certificate Authority issue the signature so that the website is identifiable by signature. If there is no signature, it would pop up with warning from browser.
No comments:
Post a Comment