Search Results

Hi, I'm Niru, and I lead the red team at Google. The red team at Google simulates attackers that are trying to hack into Google. They function as a sparring partner for the blue team, that is, the teams that build security controls, detection pipelines, or...

To defend against attacks, organizations need to have more than just the understanding of the growing digital landscape around them. Positioning themselves ahead of a cyber threat also takes understanding the type of attacks that can be used against th...

Usernames and passwords are one of the most common and important security controls in use today. They’re like the door lock that organizations use to restrict access to their networks, services, and data. But a major issue with relying on login credentials as ...

imagine you are and adventurere in a bar drinking a glass of cyder, you are new to this town and are just passing through. and you have weeks to kill before you have to go anywhere. while thinking about nothing basically temporarly ascending to another pla...

Character Name: Nnzakeh Race: (Kurozma Dragon) Age: (23?) Very young for Kurozma dragons. Class: Wild Magic Sorcerer, Way of the Astral Self, Pact with an Unknown God Practices chaotic magic, guided by a pact with an enigmatic deity. Possesses mystical ...

Here we are at the end of this section! Can you believe it? I had so much fun exploring the world of vulnerabilities. I hope you felt the same. More importantly, I hope you got a better sense of how complex a landscape the digital world is. This ...

Here we are! The final section of the course. What are amazing job you've done so far! Putting in the time, dedication, and hard work to get to this point is definitely something to celebrate. But we're not through yet. As we near the end of this c...

When you hear the word "cybercriminal", what comes to mind? You may imagine a hacker hunched over a computer in a dark room. If this is what came to mind, you're not alone. In fact, this is what most people outside of security think of. But onlin...

Social engineering attacks are a popular choice among threat actors. That’s because it’s often easier to trick people into providing them with access, information, or money than it is to exploit a software or network vulnerability. As you might recall, social...

Cybercriminals prefer attacks that do the most amount of damage with the least amount of effort. One of the most popular forms of social engineering that meets this description is phishing.  Phishing is the use of digital communications to...

Phishing is one of the most common types of social engineering, which are manipulation techniques that exploit human error to gain private information, access, or valuables. Previously, you learned how phishing is the use of digital communications to trick peo...

People and computers are very different from one another. There's one way that we're alike. You know how? We're both vulnerable to getting an infection. While humans can be infected by a virus that causes a cold or flu, computers can be infected ...

Previously, you learned that malware is software designed to harm devices or networks. Since its first appearance on personal computers decades ago, malware has developed into a variety of strains. Being able to identify different types of malware and understa...

Malware has been around nearly as long as computers. In its earliest forms, it was used by troublemakers as a form of digital vandalism. In today's digital world, alware has become a profitable crime that attackers use for their own financial gai...

Previously, we explored a few types of malware. Whether it's installed on an individual computer or a network server, all malicious software needs to be delivered to the target before it can work. Phishing and other social engineering techniques are ...

Let's keep exploring injection and attacks by investigating another common type of web based exploit. The next one we're going to discuss exploits the way websites access information from databases. Early in the program, you may have learned abou...

Previously, you learned that Structured Query Language (SQL) is a programming language used to create, interact with, and request information from a database. SQL is one of the most common programming languages used to interact with databases because it is wid...

Preparing for attacks is an important job that the entire security team is responsible for. Threat actors have many tools they can use depending on their target. For example, attacking a small business can be different from attacking a public utility...

My name is Chantelle. I'm a Security Engineer here at Google, and I am part of the security and implement, and scaling team. We secure and monitor systems that contain sensitive information. My background, initially I was going to be a heart surgeon ...

Let's finish exploring threat modelling by taking a look at real-world scenarios. This time, we'll use a standard threat modelling process called PASTA.  Imagine that a fitness company is getting ready to launch their first mobile app. B...