An abandoned session occurs when a user does not log out of an online service properly, leaving it open. This poses a security risk because others can access the user's data. To reduce this risk, users should always log out, especially after using public devices. Many services automatically log users out when they are inactive.
Glossary
Application access rights control the permissions that determine which resources and data an application can access on a user's device. These privileges can include access to the camera, microphone, contacts or location data.
If an application requests unnecessary or excessive privileges, it may increase the risk of personal data leakage or malicious use. It is advisable to regularly check and update the permissions requested by applications and only grant those permissions that are really necessary for the application to work.
This software displays intrusive advertisements on the user's computer that can interfere with the browsing experience and also pose a security risk. It is usually bundled with free applications or installed as part of software downloaded from suspicious sources, often without the user's awareness. Some adware may behave aggressively, for example, redirecting the browser to suspicious sites or changing browser settings.
A program that prevents other malicious programs from entering a computer or a network for the purpose of unauthorized data collection or other malicious purposes.
An APT (Advanced Persistent Threat) is a long-term and targeted cyber threat where attackers continuously try to access and collect data (such as political or military information) from a specific target's system. APT attacks are usually well-planned, covert and consist of several phases, starting with system intrusion and ending with long-term exploitation of the data.
The process of verifying that an entity (e.g. a user) is who they say they are. Authentication allows systems to be kept secure by ensuring that only authenticated users or processes can access them. There are several authentication methods. For general users, one of the most common is a username-password combination called single-factor authentication, but nowadays more and more services use two-factor authentication, which requires additional information (e.g. code sent via SMS) for authentication. Authentication precedes authorisation.
The process of assigning process or access rights to an identified user or device. During authorisation, the appropriate permissions are continuously checked. For computer systems, administrators can specify in detail what a particular user can access and at what level, and also what actions they can perform. Logically, authorization comes after authentication.