A potential occurrence that can result in an undesirable outcome.
A person or thing likely to cause damage or danger.
A threat actor is a person or entity that is responsible for an event or incident that impacts, or has the potential to impact, the safety or security of another entity.
Types of Threat Actors
Script Kiddies - A derogatory term for people who use hacking techniques but have limited skills. Often such attackers may rely almost entirely on automated tools they download from the Internet.
Hacktivist - A person who uses hacking techniques to accomplish some activist or political goal. Usually seeking to deface websites.
Insiders - Internal employees seeking to cause damage to their organization.
Organized Crime - Organized groups seeking to steal money, identities, or corporate secrets.
Competitors - Outside organizations seeking to commit corporate espionage for financial or market gain.
Nation States - Countries sponsoring illegal or fraudulent actions.
APT - Advanced Persistent Threat - An attack in which unauthorized persons gain access to a network using advanced exploitation techniques and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization.
Deep Web / Dark Web
Deep Web - Anything on the internet that a search engine can't find.
Dark Web - A part of the deep web internet that is only accessible by means of special software (TOR), allowing users and website operators to remain anonymous or untraceable.
Dark Web Market - A part of the Dark Web often illegally selling goods, merchandise, data/information, or services.
Open-Source Intelligence (OSINT)
Open Source - Any info that is readily available to anyone, such as newspapers or news sites.
Intelligence - The collection of information of military, political, organizational, or financial value.
Websites and tools that allow you to gather information on current threats or specific security issues: