Some of the world’s most popular apps are likely being co-opted by rogue members of the advertising industry to harvest sensitive location data on a massive scale, with that data ending up with a location data company whose subsidiary has… Read More "Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location"
This week started off with a bang and just kept going. In the wee hours of Saturday night, TikTok cut off access to users in the United States ahead of Sunday’s deadline that forced Apple and Google to remove the… Read More "US Privacy Snags a Win as Judge Limits Warrantless FBI Searches"
Curry and Shah reported their findings to Subaru in late November, and Subaru quickly patched its Starlink security flaws. But the researchers warn that the Subaru web vulnerabilities are just the latest in a long series of similar web-based flaws… Read More "Subaru Security Flaws Exposed Its System for Tracking Millions of Cars"
It may be a new year, but the hacks, scams, and dangerous people lurking online haven’t gone anywhere. Just a day before the ball dropped, the United States Treasury Department said it had been hacked. Officials believe the attackers are… Read More "Apple May Owe You $20 in a Siri Privacy Lawsuit Settlement"
Security+ Domain 5 – Security Program Management and Oversight (20% weightage) Key terms and definitions from this objective are given below: 5.1 Summarize elements of effective security governance. Policies: Standards: Procedures: External Considerations: Monitoring and Revision: Ongoing processes of reviewing,… Read More "Security+ Domain 5 – Security Program Management and Oversight"
Security+ Domain 4 – Security Operations (28% weightage) Key terms and definitions from this objective are given below: 4.1 Given a scenario, apply common security techniques to computing resources. Secure Baselines: Hardening Targets: Wireless Devices: Installation Considerations: Mobile Solutions: Mobile… Read More "Security+ Domain 4 – Security Operations"
Security+ Domain 3 – Security Architecture (18% weightage) Key terms and definitions from this objective are given below: 3.1 Compare and contrast security implications of different architecture models. Architecture and Infrastructure Concepts: Cloud: Infrastructure as Code (IaC): IaC is a practice… Read More "Security+ Domain 3 – Security Architecture"
Security+ Domain 2 – Threats, Vulnerabilities, and Mitigations (22% weightage) Key terms and definitions from this objective are given below: 2.1 Compare and contrast common threat actors and motivations. Threat Actors: Attributes of Actors: Motivations: 2.2 Explain common threat vectors… Read More "Security+ Domain 2 – Threats, Vulnerabilities, and Mitigations"
Security+ Domain 1 – General Security Concepts (12% weightage) Key terms and definitions from this objective are given below: 1.1 Compare and contrast various types of security controls. Categories: Control Types: 1.2 Summarize fundamental security concepts. Confidentiality, Integrity, and Availability… Read More "Security+ Domain 1 – General Security Concepts"
Introduction The new CompTIA Security+ SY0-701 is hot off the press and represents the latest and greatest on offering cybersecurity skills in the form of current threats, automation, zero trust, IOT, risk-and much more. Once certified, you will understand the… Read More "CompTIA Security+ (SY0-701) Exam and Certification"
