Adware: legitimate software designed to display advertisements, which is often based on monitoring browsing habits. Most adware is harmless; however, it does gather information about you with or without your knowledge.
Antivirus: software responsible for protecting your computer from malware.
Attack vector: the approach used to attack a computer system or network.
B
Backdoor: a piece of malware designed to bypass login procedures or open a “backdoor” onto a computer, thus, giving hackers full access to your system. Usually, backdoors install themselves, as part of an exploit or trojan.
Behavior blocker: software that monitors your computer’s behavior to detect and block any malicious activity. The main advantage of behavior blockers is that they protect you against new threats in advance, without the need for traditional antivirus updates.
Black hat: used to describe a hacker who breaks into a computer system or network with malicious intent.
Botnet: a group of computers that are infected by malicious programs called bots (or “Zombies”). Bots allow cybercriminals to take control of a compromised machine and use its resources for their own goals – distributing spam, launching DDoS attacks, scams etc. Since the beginning of botnets, the number of cybercrimes has increased enormously.
Brute-force attack: process in which an attacker uses a program to guess your password. This attack involves running through all possible combinations until the correct combination is found. The longer the password, the more guesses and time are needed for the brute force attack to be successful.
C
Cybercrime: any criminal activity which uses network access to commit a criminal act.
D
Defense in depth: the approach of using multiple layers of security to guard against failure of a single security component.
Denial of service (DoS) attack: an attack that attempts to slow or stop the normal functioning of a web site, server or other network resource. DoS attacks are much easier to accomplish than remotely gaining administrative access to a target system. Because of this, denial of service attacks have become very common on the Internet.
DNS cache poisoning: altering or “poisoning” the DNS cache of a computer. The attacker can ensure that data intended to be sent from one computer to another will actually be sent to a different computer instead, thereby exposing the authenticity, privacy and integrity of that data. DNS cache poisoning is often used to direct a web browser to a fake website rather than the legitimate one.
Drive-by download: when your computer becomes infected when you simply visit a website that contains malicious code. Drive-by downloads are typically performed by exploiting security holes or lowered security settings on a user’s computer.
E
Email spoofing: when an email message appears to have originated from one source when it actually was sent from another source. It is commonly used for spam e-mail and phishing to hide the origin of an e-mail message.
Encryption: a change made to data, code, or a file such that it can no longer be read or accessed by anyone except by someone who knows how to decrypt it.
Exploit: created by hackers who attack specific security vulnerabilities or security holes. When an exploit is found, a “fix” or a patch is usually released.
F
False positive: when antivirus software claims that a given file is infected by a virus when in reality the file is clean.
Firewall: software used to control traffic between your computer and the internet. They help block out hackers, viruses, and worms that try to reach your computer. The firewall is your first line of defense in protecting your computer and the data stored on it.
G
Greyware: software that has a suspicious or potentially unwanted aspect to it. This includes spyware, adware, dialers, joke programs, and any other unwanted programs.
H
Heuristic: a detection/scanning method, which looks for common malware patterns or activities to identify a potential virus. The drawback of heuristic detection is that it often produces false alarms when a clean program behaves as a virus might.
Host Intrusion Prevention System (HIPS): software designed to prevent changes made to your PC by unauthorized sources. It alerts the user by generating a security popup alert to malware that may be trying to run on the computer. Unlike an antivirus, a HIPS does not need continuous updates to stay ahead of new malware, thus, it protects you against known and unknown malicious attacks.
Hoax: a fake alert sent by email usually warning about a fake virus or some other bogus threat for the purposes of generating a panic.
K
Keylogging: the action of tracking (or logging) the keys struck on a keyboard. It is often used maliciously by attackers to track behavior to perform unwanted or unauthorized actions included but not limited to identity theft.
L
Layered security: using more than one type of defense.
Logic Bomb: when a trojan horse is left to stay dormant, only to attack when the conditions are just right.
M
Malware: a general term for any malicious software, including viruses, worms, trojans, rootkits, spyware, and adware.
O
On-access scanner: a real time malware scanner that is active in the background and scans all files, programs, memory, and possibly web traffic.
On-demand scanner: a scanner that starts up manually. It detects and removes malware, but does not include real time scanning.
P
Phishing: a form of Internet fraud. The fraud often involves fake email messages or web pages that mimic well-known, trusted websites. The aim of the fraud is to steal personal information such as credit card and social security numbers, user IDs and passwords.
R
Ransomware: a form of malware that holds your PC hostage until you pay the ransom (also known as scareware).
Redirect: when malware redirects or points you to a different location. This location is often a fake website designed to look like the original.
Rogue security software: a form of malware that deceives or misleads users into paying for the fake or simulated removal of malware (also known as rogueware, fake security software or scareware).
Rootkit: malware designed to hide itself from Windows and antivirus software. Rootkits can be used to monitor traffic and keystrokes, create a backdoor into the system, alter log files, attack other machines on the network, or alter existing system tools to avoid detection.
S
Sandbox: a tightly controlled environment in which things can be tested or examined. In malware analysis, sandboxing malware involves allowing it to execute on a computer system under very restrictive conditions to prevent it from doing any damage. Under these conditions, we can learn what the malware does and gain insight as to how it could be behaving in the wild.
Script kiddie: a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites. These are the outcasts of the hacker community.
Spam: junk email.
Spyware: software installed without your knowledge or consent that tracks you while you use the computer and the Internet.
Social engineering: a method used to trick people into doing things they would not do if they knew your real identity and intentions. Social engineering can come in many forms, such as phishing attacks and email hoaxes, as well as many of offline activities.
Stealth bomb: piece of malicious code that is disguised as something else. It may be received as a normal e-mail, or perhaps as an screen saver.
T
Time bomb: as the name suggests, a piece of hidden malicious code designed to run at some time in the future.
Trojan: program designed to avoid the security protection within a computer system and perform illicit operations or to do malicious damage. A trojan is usually a computer program that appears harmless but actually contains something harmful. This false appearance encourages people to run them. Trojan horses are not technically viruses, since they do not replicate or spread.
V
Virus: a program designed to make additional copies of itself and spread from location to location (typically without user knowledge or permission). Viruses typically infect other files. Viruses can damage data, cause computer lock, display messages, or remain dormant.
Vulnerability: a design flaw, bug, or programming error in a piece of software which may be exploitable by an attacker to carry out some malicious act. Most types of malware use vulnerabilities to gain access to computer systems without the user’s knowledge.
W
Worm: a program that replicates itself over a computer system or network and usually performs malicious actions, such as using up the computer’s resources and possibly shutting the system down. Unlike viruses, worms do not infect other files and programs in order to replicate. Worms usually spread via email and instant messaging.
Z
Zero-day: a computer threat or attack that tries to exploit vulnerabilities that are unknown to others or undisclosed to the antivirus companies. These attacks are used to cause damage even before they are identified.
Zombie: a computer which has been taken over by an intruder and which can be used to attack other computers or websites (all without the knowledge or consent of the owner)
Filed under: Uncategorized | Leave a Comment »
