The API vulnerabilities nobody talks about: excessive data exposure
TLDR: Excessive Data Exposure (leaking internal data via API responses) is the silent, pervasive threat that is more dangerous than single dramatic flaws like SQL …
IT Security FAQ 10: What is malware, phishing, spyware, data mining and DDoS?
Detectify
Malware is an umbrella term for viruses, trojans, spyware, adware etc. It is an abbreviation of “malicious software”.
Spyware, as the name implies, is software that spies on people. It can be anything from cookies to trojans.
Data mining is basically the analysis of data. For example, analyzing user behavior. If you have a lot of data you don’t want to go through it manually, so you automate the process by ”mining” the data instead. This can be used as an invasion of privacy by different services.
Adware is software that finances itself through ads, but this term is term often used to talk about a type of malware. In this case, adware is a service that displays ads without the user’s approval.
DDoS is an abbreviation of Distributed Denial of Service, and means that several sources are contributing to lowering the availability of a service. The most common type of DDoS is when several IP addresses try and access a service simultaneously, crowding the ”entry door” to a site so that other users can’t access it. It’s like a hundred people asking the same questions at the same time – the server can’t handle the traffic which leads to the page becoming inaccessible.
Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!
Check out more content
Migrating Critical Messaging from Self-Hosted RabbitMQ to Amazon MQ
TLDR: We successfully migrated our core RabbitMQ messaging infrastructure from a self-hosted cluster on EKS to managed Amazon MQ to eliminate the significant operational burden …
