ALBERT EGONU

Cross-Site Scripting (XSS) is one of the most common and dangerous web application vulnerabilities, allowing attackers to inject malicious scripts (code) into trusted websites. These scripts can steal sensitive data, hijack sessions, or manipulate site content.

There is a simple relationship among these parameters: Threat = The potential attacker or danger. Vulnerability = The weakness. Exploit = The means used to attack the weakness. Risk = The potential damage resulting from the attack.

. Undertake a thorough root cause analysis after every incident and implement corrective actions. . Vishing swept an entire company off its feet, and data was breached,therefore, the provision of regular cybersecurity awareness

It obviously points to weaknesses in employee awareness, vulnerability management, and other technical lapses. To improve, ADT should: l Build security-first culture;prioritizing security culture

It showed that security is not given the utmost priority that it deserves. That means post-incident activities from previous incidents were not fully analyzed or used to strengthen defenses.

Strong encryption of data etc 4.ADT Inc , experienced three breaches within 12 months. These repeated occurrences speak volumes. It strongly implied that ADT Inc’s internal security culture is not sufficiently effective.

Use of strong passwords and Multi-factor authentication(MFA). .The provision of regular cybersecurity employees’ training. . Bringing in regularly the Red Team(offensive security team) to perform regular vulnerability assessment by legally hacking the system.

they should go back to their drawing board, aimed at fortifying and protecting their back end by: .Finding out the root cause and addressing the underlying vulnerabilities(weaknesses). .Frequent patching of the software to check for any vulnerabilities that could be exploited.

Do I think that the measures used by ADT to respond to the incident were enough? No. To reduce the repeated security breaches, ADT should implement Defense-in-depth(a multiple-layered security measure), rather than relying on a single known control measure. In achieving this

. The company's response protocols were activated immediately, thereby terminating the intrusion, launching a forensic investigation with leading third-party cybersecurity experts, and notifying law enforcement.

3. ADT Inc put several measures in place after the breach was discovered, these include: .The reporting of breaches. .ADT Inc directly notified all impacted individuals and offered identity protection services.

2. The data breach caused the theft of customers' data such as: .Names. .Phone numbers. .Addresses. .Date of birth (in some cases). .Last four digits of social security numbers or tax IDs( for a small percentage of affected customers).

It involved live telephone calls targeting an organization's IT help desk, including hacks of major corporations. The threat actors regularly rely on phishing-as-a-service toolkits in the initial stage of their attack.

*Threat: Potential danger that could exploit a vulnerability. *Vulnerability: Weakness or gap that can be exploited. *Risk: The possibility of loss or damage when a threat exploits a vulnerability.