LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Security threats - Microsoft Security Copilot Tutorial

From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Security threats

“

- [Instructor] You probably hear the term security threats very often, but what does it really mean? Simply put, threats in cybersecurity are potential dangers that can compromise your assets. The typical assets in an organization include devices, for example, laptops, workstations, servers, virtual machines, and the mobile phones. Networks for connecting internal and external resources, such as internet, wifi, local networks and cloud networks. Applications, for example, operating systems like Windows, Linux, Mac OS, iOS, and Android, or business applications like Microsoft 365, corporate websites and customer relationship management, CRM software. Data, for example, database records, source code, files, pictures, and videos. All these assets have their vulnerabilities. Vulnerability is an important concept in security. It refers to the weaknesses that exist in your assets. For example, a device like a laptop might not be protected by the latest antivirus software. A wifi network might still use an outdated standard. A web application might contain insecure code, and a database might lack proper access control. So what happens if these vulnerabilities are exposed? Security threats can exploit these vulnerabilities to compromise your systems, steal data or take down services. There are many types of security threats. Some common ones include malware, malicious software such as computer viruses, worms, Trojans, spyware, and botnets. Ransomware is a special type of malware. Hackers can use it to encrypt data and lock systems that demand victims pay money or ransom to restore their data and services. Phishing, hackers send crafted emails to trick people into clicking links or opening attachments. Phishing is a popular method for stealing confidential information. Social engineering, hackers exploit human traits like trust, fear, and curiosity to manipulate people into disclosing confidential information or performing harmful actions. Identity theft, hackers use compromised identities and account information to steal money or breach system and data. Deny of service. Attackers try to bring down networks and applications preventing companies from running operations and serving customers. SQL Injection, hackers inject harmful SQL commands into web application inputs to control database operations. Insider threat, it refers to compromises caused by internal people such as employees, contractors, or suppliers.

Contents