Advanced Persistent Threat (APT)
A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time to steal data rather than to cause damage to the network or organization.
Advanced Volatile Threat (AVT)
An advanced kind of memory-resident, RAM-based attack where the malicious code does not need to reach its victim's hard drive in order to deliver its payload.
Adware
Any software or application that displays advertisements, usually through pop-up or pop-under windows which may cause networks and devices to slow down as other programs are allowed to run in the background.
Backdoor
A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves, as part of an exploit.
Bitcoin
A type of digital currency in which encryption techniques are used to regulate the generation of units of currency. It is not backed by any country's central bank or government, and it verifies the transfer of funds.
Boot Record Infector
Viruses which infect executable code found in certain system areas on a disk. They attach to the DOS boot sector on diskettes and USB drives or the Master Boot Record on hard disks.
Botnets
A network of private computers infected with malicious software and controlled as a group without the owners' knowledge for malicious activity.
Brute Force Cracking
A trial-and-error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard keys through exhaustive effort rather than employing intellectual strategies.
Bug
An error or defect in software or hardware that causes a program to malfunction. Often a bug is caused by conflicts in software when applications try to run in tandem.
Computer Worms
A self-replicating computer program that uses a network to send copies of itself to other systems, often without any user intervention.
Cross-site Scripting (XSS) Vulnerability
A way of bypassing the Same Origin Policy (SOP), which forbids websites from retrieving content from pages with another origin.
Cryptocurrency
A digital currency designed to work as a medium of exchange using cryptography to secure transactions and to control the creation of additional units of the currency.
Cryptography
The process of protecting information by encrypting it into an unreadable format, called cipher text.
Darknet
An overlay network that can be accessed only with specific software, configurations, or authorization, often using non-standard communications protocols and ports.
Dark Web
A collection of thousands of websites that use anonymity tools like Tor or I2P to hide their IP addresses, allowing users and website operators to remain untraceable.
Data Exfiltration
A form of a security breach (also called data theft) that occurs when an individual’s or company’s data is copied, transferred, or retrieved from a computer or server without authorization.
Data Warehousing
The electronic storage of a large amount of information by a business. Warehoused data must be stored securely, reliably, and in a manner that is easy to retrieve and manage.
Deep Web
The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines. The content is hidden behind HTML forms.
Defense in Depth
The concept of protecting a computer network with a series of defensive mechanisms such that if one mechanism fails, another is already in place to thwart an attack.
Denial of Service (DoS) Attacks
A type of attack where attackers attempt to prevent legitimate users from accessing a service. Systems, servers, or networks are flooded with traffic to overwhelm resources and block access.
Dictionary Attack
An attempt to gain illicit access to a computer system by using a very large set of words to generate potential passwords.
Digital Forensics
The application of investigation and analysis techniques to gather and preserve evidence from a particular digital device.
Distributed Denial of Service (DDoS) Attack
A type of DoS attack where multiple compromised systems (often infected with malware) target a single system, causing a Denial of Service.
Domain Hijacking
A form of theft where the attacker takes control of a domain name without the consent of the original registrant.
Doxnet
A fictional virus modeled after the Stuxnet virus. Like Stuxnet, Doxnet is able to damage physical infrastructure.
Eavesdropping
An unauthorized real-time interception of private communication, such as a phone call, instant message, video conference, or fax transmission.
Ethereum
An open-source, public blockchain-based distributed computing platform featuring smart contract functionality. Applications run exactly as programmed without downtime, censorship, fraud, or third-party interference.
Fileless Malware
A type of Advanced Volatile Threat (AVT). This malware operates without placing a malicious executable on the file system.
Hacktivist
A person who gains unauthorized access to computer files or networks for a politically or socially motivated purpose.
Honey Monkey (Honey Client)
An active client honeypot that behaves like an extremely unwary human Internet user. It visits suspect websites to detect harmful coding that could threaten real users.
Honeypot
A computer system set up to act as a trap to detect attempts at unauthorized access and study cyber attackers.
Hybrid Attack
A mixture of both dictionary and brute-force attacks. A wordlist of possible passwords is used, with brute force applied to each one.
Information Spillage
Instances where sensitive information is inadvertently placed on systems not authorized to process such information.
Internet of Things (IoT)
A system of interrelated devices and objects with unique identifiers (UIDs) that transfer data over a network without requiring human interaction.
Keylogger
A type of surveillance software (keystroke logger) that records every keystroke to a log file, usually encrypted.
Macro Virus
A computer virus that spreads through software programs like Microsoft Word or Excel that use macro languages.
Malicious Code
Program code intended to perform an unauthorized function or process that negatively impacts confidentiality, integrity, or availability.
Malvertising
Malicious advertising where hidden code within an online ad infects a computer with malware.
Malware
Malicious software (viruses, worms, ransomware, trojans, spyware) that compromises a system’s operation by performing unauthorized functions.
Man-in-the-Middle (MITM) Attack
An attack where a user intercepts communication between two parties to steal or manipulate data.
Masquerade Attack
An attack that uses a fake identity to gain unauthorized access to computer information.
Password Cracking
The process of recovering passwords from stored or transmitted data.
Password Sniffing
A technique for harvesting passwords by monitoring network traffic.
Patching
The process of fixing security vulnerabilities and bugs, usually through bug fixes or updates.
Penetration Testing
A method of testing and improving security measures by simulating attacks. Also known as pen-testing.
Pharming
Fraudulent practice of redirecting users to fake websites to steal sensitive information.
Phishing
A digital form of social engineering using fake emails or websites to trick users into giving up personal data.
Ping of Death
An attack that sends a malformed or malicious ping to crash or disrupt a system.
QAZ Trojan
A network worm with backdoor capabilities that spreads on Win32 systems.
Ransomware
Malware that locks or encrypts a victim’s files, demanding ransom for access.
Rogue Software
Fraudulent software (scareware/smitfraud) that tricks users into paying for fake malware removal tools.
Rootkit
Software tools that enable unauthorized users to gain control of a system without detection.
Scareware
Malicious programs designed to trick users into downloading unnecessary and harmful software.
Scavenging
A hacking technique where attackers look for residual data or dangling connections.
Session Hijacking
A method of taking over a web user session by stealing a session ID.
Smitfraud
Malicious spyware often bundled with fake codecs or adware.
Smurf Attack
A denial-of-service attack where spoofed ping messages flood a victim’s network.
Social Engineering
Manipulating people into giving up confidential information such as passwords or bank details.
Spam
Unsolicited messages sent in bulk, often for advertising, phishing, or malware spreading.
Spear Phishing
Targeted phishing attacks directed at a specific person or organization.
Spoofing
A technique where attackers disguise communication to appear as though it comes from a trusted source.
Spyware
Malware installed without user knowledge to collect private information.
SQL Injection Attack
An attack where malicious SQL statements are used to control a database server.
Stealth Virus
A hidden virus that avoids detection by antivirus software.
Stuxnet
A worm that targets industrial control systems (ICS) in infrastructure like power plants.
Threat Actor
An entity responsible for incidents that affect an organization’s security.
Trojan Horse
Malware disguised as legitimate software to gain unauthorized access.
Vulnerability
A weakness that makes a system open to exploitation.
Whaling Attack
A phishing scam targeting high-profile individuals such as executives or celebrities.
Wiretapping
The monitoring of phone or Internet conversations by a third party, often secretly.
Zero-day Vulnerability
A flaw exploited by attackers on the same day it is discovered.
Zombie
A computer infected and controlled remotely to perform malicious tasks without the owner’s knowledge.