Low attack complexity means that an attacker can exploit the vulnerability at any time and at all times. High attack complexity means that a successful attack depends on conditions outside of …

- Use Case: An attacker uses a known vulnerability to spawn a privileged process from a user-level application. The endpoint tool detects the abnormal parent-child process relationship and …

An attacker could potentially use this capability to install malicious code that appears to be a device driver. This user right is required for users to add local printers or printer drivers in …

System account types include individual, shared, group, system, anonymous, guest, emergency, developer, manufacturer, vendor, and temporary. Other attributes required for authorizing …

Grant program managers and award recipients can use templates below to create their own Project Cyber Risk Assessment and Project Cybersecurity Plan. This tool allows for risk …

A compromise of the service engine will give an attacker access to the data of all customers, resulting in a potential complete loss of data or denial of service.

FCPS considers any incident where an attacker gains an active foothold on your network as a ‘major incident’, including but not limited to a data breach or ransomware.

Measures for monitoring sensitive data or files have been implemented to prevent losses. A process is in place to discover infiltration, before an attacker can traverse across systems, …

Modification of critical system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is constrained.

The attacker must attempt to change to another user account with normal or elevated privileges in order to proceed. Auditing both successful and unsuccessful attempts to switch to another …