Why US makes wars

Freedom, a need of humans, all. Darwin, predicted this in his theory. -an AXIOM in Survival of the Fittest- US, in fighting terrorist dreams comfused with reality, are surviving to their destruction to America and multi religious nations... "Their garments of pitch, and fire shall enwrap their faces-" "This is a message for mankind that they may thereby be warned" from the Koran, Verse 14 no. 50... Iran behold on this, and their 72 virgens... they dear for the Atomic Bomb!

Wednesday, June 30, 2021

Donald Rumsfeld 88, died.

...a man ...a father ...a patriot. Died at the age of 88. https://www.defense.gov/Explore/News/Article/Article/2678350/rumsfeld-was-nations-youngest-oldest-defense-secretary/

"I was saddened to hear today of the passing of former Secretary of Defense Donald H. Rumsfeld," Secretary of Defense Lloyd J. Austin III said in a written statement. "Mr. Rumsfeld had the singular distinction of holding that post for two nonconsecutive tenures, serving as both the 13th secretary of defense and the 21st. He also served in the U.S. Navy in 1954-57 as a pilot and a flight instructor, and he continued his service as a reservist until 1975, when he became secretary of defense for the first time. "Over the decades of his remarkable career, from Congress to the White House to the Pentagon, Secretary Rumsfeld was propelled by his boundless energy, probing intellect, and abiding commitment to serve his country. On behalf of the Department of Defense, I extend my deep condolences to his family and loved ones." 9/11 Rumsfeld was in the Pentagon on Sept. 11, 2001, when American Airlines Flight 77 crashed into the building. The secretary ran to the scene and helped evacuate those injured in the attacks. Rumsfeld remained at his post in the National Military Command Center even as the other side of the building burned and smoke threatened to drive workers out of the offices. He coordinated with military commanders around the world for America's response to the terrorist attacks. That night, he held a news conference in the still-smoldering building. In the days and weeks after the attack, Rumsfeld worked with foreign leaders as the United States crafted the campaign against al-Qaida — the terror group behind the attacks. American forces commenced operations against the group in October 2001 with military attacks in Afghanistan. https://www.defense.gov/

…Putin does not regard Ukraine as a country unfriendly towards Russia ...and Ukraine think of Putin that way?

Someone asks President Putin about the Russians and the Ukrainians; he answers that they are the same people. ...now, ask the Ukrainians. Russians and the rest of Germany are one people ...now ask the Germans. Russians and the rest of Europeans are one people ...now ask the rest of Europe. Not cuz you, Putin, tells so, you and others are one people. The answer depends on the angle it is made. If it is made as based on languages, wrong. If is made based on historical roots, it could be right or wrong. Depends on the purpose of the answer. Humans and man are one people ...yes, they are but Russians and Ukrainians are one people? ...wrong, wrong, and wrong as many times as possible said. Russians and Ukrainians are two different people possible with the same roots. Russians and Ukrainians are two different countries with the same roots. Two different nations, with the same roots ...not the same people. In the past, it could be said so, but now, in the present, nooo! If so, as you said, then Ukrainians could govern Russia! ...and the militaries in Russia could be controlled by a native Ukrainian General and Russia's center of command could be directed by the capital of Ukraine, no? or Yes? Life is not, then, one way street as you, distinguished Russian's President put it. Long, long, long ago, Europe were one people. Now it is composed by multiple people enacting each its own laws but still changing, now they adhere to a common basic law... the European Union law. Yet so, they still emit most of their local laws by each and every one of them. Hope this subject is clear for you, him, and her. All …you do not regard Ukraine as a country unfriendly towards Russia? Of course, they are not unfriendly! But you, Putin, are unfriendly toward Ukraine. You took, by force, part of Ukraine territories based that they, that part of Ukraine, speaks Russian! Wow! Mr. dear Vladimir Putin: that thinking of yours is the problem. Brazil in Latin America, and Portugal, speaks the same language. So does the same in the UK and USA as well as Latin America and Spain. Based on the way you put things, it means, one could take the other territories. Yes? No? blob:https://www.youtube.com/ff98e7a0-73b0-442d-9b7f-ad84f7e8410b

Monday, June 28, 2021

Lies are easier believed than truth.

...this is this: Pay Close attention people: When an institution offers a "thing" for free, it cost them money and of course, due to the extreme greed of all most humans, they seek from your metadata: birth date, location, salary you make, social group and ethnicity, marital status, sex choice, sex taste, and level of education and type of job, anything on you users to offer to any institution wishing to pay for that. Going to mention a fictitious search engine: "FaceLook", in my fictitious search engines, they collect, for instance, people skin colours, high, type of hair, and things like social level. They, "FaceLook", gets your name, phone number, school education, type of job you have, how much money you spend in a day, a week, a month, and a year and so on and on and on (endless info of you, the user). ...assume I am a company that sells cosmetics, I would pay to "FaceLook", for example, one million dollars if it gives me locations where there are people that could like my products. FaceLook, then, makes a small program, rent that program to my company and I, via my company find out where are the most aggregated type of a given skin colour people where I could use tv's space advertisements to convince you, any user, that my creams would make your skin much more radiant, glossy, wet and things like that. Possible all I sell is a paste that is only some extract of a non-greasy substance, non-sticky with some pleasant smell, that contains extracts of Cocoa, fragrance, and fish liver oil, protein with vitamin E, and make its colour looks similar to the skin colour of your type of people, with some cream variants such as black, light rose white colour, the same with a light rose black colour and other skin colours. I pack that thing in a well attractive small container, made of expensive material, porcelain? Why not. Price, after advertising: $100 for one ounce, $175 for two ounces. With the software made for my company, we advertise that in sectors of people making a lot of money per hour and or paid per fixed salaries on the thousands per months or week. My company has psychologist specialized in human behaviour: human self-esteem. Whoever uses my product, through time, learn to detect anybody else using it too. So, in a reunion, they use it, and others notice they are using expensive cosmetic. I might spend about $10 each, making that product cuz I make it by the hundreds of thousands per week, distribute that in the entire nation and other countries. 10x 500,000 = you make the math/per month. Other company wants to know what skin colour people lives in what or which geographical section of a nation. On the reason it is a politician, he, or his party counselor, pays one million dollars for the same program, and goes to the public announcing, as a prophet, he is that or that group of people salvation based on human discrimination, abuse and work inequality between this and that ethnic group. He pays 5 million dollars for the same thing, which just was sold for one million to me. Then came the gov, wants to know, based on racism, which of what colour of people live in which and what geographical sector. Just to direct its help program or remove any program that had been implemented in that sector. Then comes the FBI, the CIA, the SNA, China, Russia and all those grasses and US get all the metadata by free from FaceLook; in the government, a crazy Senator asks the OWNER OF FaceLook, if he is taking and giving that metadata to anybody that pays for it or is giving that by free to them. FaceLook, with a smile from molar to molar says: "NO" Senator! FaceLook feels protected by those security entities he is giving from private citizens, including names, addresses and the likes on metadata. China, Russia and other grasses, have no need to send scientists spy to our land, just to collect, make, an American DNA sample of US all to be used, possible, as a weapon to create death to our population as for future, "new Coronavirus-X to eradicate, eliminate, human population in our military entities ...and destroy US, Europe and any allies. FaceLook is giving all whatsoever metadata is needed to do that. That is why once upon a time, not long ago, the European Union gave to FaceLook a "summons" of $5,000,000,000 (read, 5 billion dollars). I think, in my fictitious tale, that any internet social media should tell, clearly and simple: you could, if wanted, check which data wish to share with us, for us to use in advertisement and how you want that data to be used. We, use metadata sharing with business partners who "sic-sac" or 'bebShat" type of apps. By default, we share nothing of you, users. Hallelujah!

Sunday, June 27, 2021

...if you are a citizen of North America, just put your name and you are in...

Oath of Office 2015 DIRNSA (administering the oath): I, (state your name…) do solemnly swear… that I will support and defend… the Constitution of the United States… against all enemies foreign and domestic… and that I will bear… true faith and allegiance… to the same, that I take this obligation freely… without any mental reservation… or purpose of evasion… and that I will well and faithfully… discharge the duties… of the office… upon which I am about to enter. So, help me God. We do this for a reason. We do this to remind ourselves about what our mission in defending this nation is all about. It's about a legal framework codified in a document, the Constitution of the United States, that has framed this nation for its almost 240 years of existence. That's what we are about. We defend the citizens of this nation, and those of our friends and allies around the world, always mindful of the law and the broader nation that we're a part of. And the oath also reminds us about the idea of obligation. That in assuming these responsibilities the nation is counting on us and that we realized that in executing these duties we have an obligation over and above that of many other citizens. UNCLASSIFIED’ Whether it's the nature of the information that we're granted access to, whether it's the nature of the task that we are given. I thank each and every one of you that is both here today as well as those of you more broadly across the enterprise. Our nation is served, in no small part, by the men and women of NSA, and more broadly, those who serve in a myriad of capacities literally around the world. So I thank you all very much on behalf of the citizens of this nation for your dedication https://youtu.be/tRQ0d3dd4A8

Tuesday, June 01, 2021

Security slangs and terminologies, from Malwarebytes

1. A 2. Abandonware Abandonware is software that is shelved by its developer. As such, it is no longer updated nor supported so it may be rife with vulnerabilities. 3. Account harvesting 4. Account harvesting is the process of gathering user accounts from a system, service, or database using a variety of methods, such as malware or phishing. 5. Account hijacking 6. Account hijacking is the process of taking over user online accounts, such as email and social media accounts. 7. Ad blocker 8. An ad blocker is software that blocks advertisements, including pop-ups, when a user visits websites. 9. Ad fraud 10. Ad fraud happens when advertisers pay for ads with false impressions. For more information, see this blog post on the difference between adware and ad fraud. 11. Synonym: Invalid traffic 12. Ad rotator 13. An ad rotator allows two or more ads to alternately show in the same place on a website. The rotator triggers whenever a user refreshes or revisits a site. 14. Add-in 15. An add-in is software that gives additional functionality to a device or another software. 16. Address bar 17. An address bar is the text box in your web browser that displays the web page URL or IP address. At times, it functions as a search bar if the user entered text that is an invalid URL. 18. Address bar spoofing 19. Address bar spoofing is a technique where the legitimate URL on a browser address bar is replaced with a rogue one. This then leads to potential data or financial theft. 20. Address Resolution Protocol (ARP) 21. An address resolution protocol (ARP) is the system or process of mapping or finding a physical address belonging to an IP address in the local network. 22. Advanced Encryption Standard (AES) 23. Developed by the National Institute of Standards and Technology (NIST), Advanced Encryption Standard (AES) is a block cipher that provides fast, strong, and secure encryption of classified data. AES was created as an alternative to the Data Encryption Standard (DES), because it became vulnerable to brute-force attacks. 24. Synonym(s): Rijndael Block Cipher 25. Advanced persistent threat (APT) 26. An advanced persistent threat (APT) is a prolonged, targeted attack on a specific entity or entities with the intention of compromising their systems and gaining information from or about them. For more information, see this blog post on an in-depth look at APT and why cybersecurity professionals often groan at claims of APT attacks. 27. Advanced Research Projects Agency Network (ARPANET) 28. The Advanced Research Projects Agency Network (ARPANET) was an experimental computer network, which later on became the basis for the Internet. 29. Adware 30. Adware, or advertising-supported software, is software that displays unwanted advertising on your computer device. For more information, see this blog post on adware delivery methods. 31. For an in-depth look at adware, see this page. 32. Air gap 33. Air gap refers to computers that are incapable of physically connecting to a network or another computer that is connected to the internet. Air-gapped systems were believed to be more secure until Stuxnet disproved this. 34. Other forms: Air gapping 35. Always-On 36. An always-on device, software, or network denotes that it is constantly accessible. 37. American Standard Code for Information Interchange (ASCII) 38. The American Standard Code for Information Interchange (ASCII) is an encoding standard for electronic communication. Codes in the ASCII table represent text in computing devices. 39. Analog 40. In computing, analog is a term used to describe old-fashion and slow computers and other devices. 41. If used in the context of signals, an analog references to a mechanism or device where information is presented by variable physical quantities. 42. Android 43. Android is Google’s flagship operating system for smartphones and tablets. Manufacturers have adapted Android in televisions, smart-watches, cars, and many other electronic devices. 44. For an in-depth look at Android antivirus, see this page. 45. Android app 46. An Android app is a program designed for the Android OS. 47. Annoybot 48. Annoybot is software that repeats an annoying task. IRC bots, for example, are annoybots that send out unsolicited messages to participants in a channel. 49. Annoyware 50. Annoyware is software that continuously shows reminders or pop-up windows to remind users to perform a particular action, such as registering or buying software. 51. Synonyms: Nagware, Begware 52. Anomaly detection 53. Anomaly detection is identifying irregularities or deviations in patterns, data points, events, or observations that do not conform to the norm or the expectations of businesses or groups. Not all detected anomalies are malicious. 54. Synonym: Outlier detection 55. Anonymization 56. Anonymization is the action or an attempt to disable the ability to track back information or actions to a specific user. 57. Other forms: Anonymize 58. Anonymizer 59. An anonymizer is a tool that minimizes the amount of tracking done during surfing in an attempt to hide the true identity of the user. 60. Synonyms: Anonymous proxy 61. Anonymous 62. Anonymous, in computing, is to keep one’s true name and identity concealed online with the use of various applications. 63. Other forms: Anonymity 64. Anti-ransomware 65. Anti-ransomware is software specifically designed to combat ransomware. Such software could make use of specific techniques that general security tools don’t deploy. 66. Anti-virus (AV) killer 67. An AV killer is malicious code that disables the user’s anti-virus software to avoid detection. Sometimes, this term is used for malware that disables firewalls. 68. Synonym: Retrovirus 69. Antivirus 70. Antivirus is an antiquated term used to describe security software that detects, protects against, and removes malware. 71. For an in-depth look at antivirus, see this page. 72. Synonyms: anti-malware 73. Applet 74. An applet is a piece of software that usually performs one specific task. Applets are often part of a more complex program. 75. Application programming interface (API) 76. An application programming interface (API), in simple terms, is a means for different software to talk to one another. It is the code that governs its server’s access points. APIs have many uses and take many forms. 77. Application security 78. Application security is the practice of applying security measures to the software application. This has to be done to defend against threats and attacks from the outside that attempt to exploit the app. 79. Artificial intelligence (AI) 80. AI is a system’s or an application’s ability to correctly interpret and learn from data to achieve specific goals and tasks. For more information, see this blog post on how AI and machine learning can impact cybersecurity. 81. Synonym: Machine intelligence 82. Astroturfing 83. Astroturfing is the masking of initiatives by corporations, governments, or political parties to make a campaign appear spontaneous or initiated by civilian groups. Sometimes, masking the origin makes a campaign more effective or less controversial. 84. Asymmetric cryptography 85. Asymmetric cryptography is a system of secure communication that uses a pair of keys: a public key and a private key. A public key can be shared with anyone and publicly known, but only a private key must be kept secret and known only by the owner. 86. Synonym: Public-key cryptography 87. Attack vector 88. An attack vector feres to the technique used to obtain unauthorized access to a system or network. It is an integral part of vulnerability research to know which attack vector is or might be used. 89. Attribution 90. Attribution is the practice of taking forensic artifacts of a cyberattack and matching them to known threats against targets with a profile matching a particular organization. For an in-depth look, see our two-part blog series on when you should care about attribution and why one shouldn’t overthink it. 91. Augmented reality (AR) 92. AR is a cross between the physical world and virtual reality. It adds images, sounds, motion, and even smell to the physical reality. 93. Authentication 94. In computing, authentication is the process of verifying the identity of a user or process. For more information, see this blog post on the basics of two-factor authentication (2FA). 95. Other forms: Auth 96. Autonomous system 97. An autonomous system is a group of networks managed by one large entity to ensure there’s a reliable routing policy to the internet. 99. B 100. Backdoor 101. A backdoor is a type of Trojan that allows a threat actor access to a system by bypassing its security. This term can also refer to the method of gaining access to user systems undetected. 102. For an in-depth look at backdoors, see this page. 103. Other forms: backdooring 104. Bad sector 105. A bad sector is a sector on a computer’s disk or flash drive that is already unusable. This is usually caused by physical damage. 106. Bait advertising 107. Bait advertising is an unethical advertising practice wherein customers are promised a sale or inexpensive item. However, once customers are interested, the advertiser makes the product unavailable then redirects them to a similar product that is more expensive. 108. Synonym: Bait and switch advertising 109. Banking Trojan 110. A banking Trojan is a type of Trojan specifically created to harvest credentials and other sensitive financial and personal information stored and processed through online banking systems. 111. Behavior 112. In the context of computer malware, behavior refers to the actions malware performs on an affected system once executed. 113. Behavioral biometrics 114. Behavioral biometrics is a biometric modality that dynamically analyzes and quantifies unique identifiers and measurable human patterns. For more information, see this post on the use of behavioral biometrics in the financial sector. 115. Big data 116. Big data pertains to huge datasets that can be analyzed computationally to reveal trends, patterns, and associations. Companies use big data to improve their operations and make more intelligent decisions. 117. Binary 118. A binary is a numerical system with only two different values: 0 and 1, or True and False. Binary is popular in both electronics and in computing. 119. Biohacking 120. In computing, biohacking is a form of hacking that refers to the application of IT concepts to biological systems, usually the human body. 121. Biohacking can include the modification of the human body, such as introducing implants and other wearable computing tech. 122. Biometrics 123. Biometrics is the measurement and statistical analysis of people’s physical and behavioral characteristics. In biometrics authentication, personally identifiable and unique features are stored in order to give the holder access to certain resources. 124. BIOS 125. BIOS stands for “basic input/output system”. It is firmware used by the computer’s microprocessor to initialise the computer when the user physically turns it on. 126. Bitcoin 127. Bitcoin is a type of digital currency, or cryptocurrency, which is a payment medium that is not tied to a central bank or regulated by a governing body. Instead, it relies on secure storage of transactions on a technological platform known as blockchain. 128. Bitcoin is a popular payment method among Internet criminals, as it uses a fast, reliable, and verifiable system. 129. Black Friday 130. Black Friday is regarded as the unofficial start of the Christmas shopping season. Starting from midnight on the Friday after US Thanksgiving, retailers open their doors and offer numerous specials and deep discounts. Because of this, consumers often go online or to brick-and-mortar retail shops en masse. 131. Blacklist 132. In computing, a blacklist usually refers to a list of domains and/or IP addresses that are known or suspected malicious servers and/or domains. These lists are used to protect users from receiving mail from the blacklisted servers or from browsing to dangerous sites hosted on these domains/IP addresses. 133. Blended threat 134. A blended threat is an attack that makes use of multiple vectors to gain leverage on a target. This could include malware, phishing, social engineering and more. 135. Blue Screen of Death (BSoD) 136. A Blue Screen of Death (BSoD) occurs on Windows systems when a full blue screen appears to the user after encountering a fatal error. 137. Bluejacking 138. Bluejacking is the act of sending messages between mobile devices via Bluetooth wireless connection. 139. Bluesnarfing 140. Bluesnarfing refers to the unauthorized access and theft of information through a Bluetooth connection. Mobile devices, such as smartphones, laptops, and tablets that are Bluetooth-enabled can be affected by this. 141. Bluetooth 142. Bluetooth is a wireless technology mainly used for short distance connections between devices due to its low power signal. Communication is done at a bandwidth around 2.45 GHz. It doesn’t need a line of sight to establish a connection. 143. Boot 144. In computing, to boot a system is to turn the device or machine on and load the OS into RAM. The boot-up process is made up of different stages, depending on the setup of the system and the OS that has to be loaded. 145. Boot sector 146. A boot sector is part of a physical information carrier (usually a hard drive) that contains the code that has to be loaded into a system’s RAM to start the actual boot process and load the OS. The boot sector is created when a volume is formatted. 147. Boot sector virus 148. A boot sector virus is malware that infects the boot sector of a drive or other storage device. During a boot, this sector is automatically located and loaded into memory, making them harder to remove, as they will load before normal removal software. 149. Bootkit 150. A bootkit is a type of rootkit that alters or replaces the bootloader of the affected system in order to take control. To remove a bootkit, you need a bootable medium, which has the necessary tools to undo the changes made by the bootkit. 151. Bot 152. The word “bot” is a derivative of “robot.” It usually pertains to (1) one or more compromised machines controlled by a botmaster or herder to spam or launch DDoS attacks, or (2) an automated program coded with particular instructions to follow, which includes interacting with websites and humans via web interfaces (e.g., IMs). 153. A collective of bots is called a botnet. 154. Synonym: zombie machine 155. Bot herder 156. A bot herder is the threat actor who controls and maintains a bot or botnet. 157. Synonym: botnet herder 158. Botnet 159. A botnet is a collection of bots. The term also refers to the malware run on a connected device to turn it into a bot. 160. Synonym: zombie network 161. Breadcrumbs 162. In computing, breadcrumbs are navigation aids that tell users exactly where they are while surfing on a site or in a set of folders. Breadcrumbs show the hierarchy of links on a site or the steps in the folder structure. 163. Consider, for example, the address bar in a Windows explorer window, which contains breadcrumbs from a file to the folders in which it is contained. 164. Bricking 165. Bricking refers to the practice or act of rendering an electronic computing device—often a smartphone—useless or inoperable. Bricking usually happens by accident, such as when a firmware update gets interrupted. 166. Bring your own device (BYOD) 167. Bring your own device, abbreviated as BYOD, is a trend wherein employees bring their personal computing devices, usually a smartphone or laptop, to be used in the workplace. These devices are then connected to the company’s internal network, which may introduce additional risks to the company. 168. Synonym: bring your own technology (BYOT) 169. Browlock 170. Browlock is a portmanteau of “browser” and “lock”. This term is used either (1) to describe the state of an internet browser when the user is unable to perform certain actions or (2) to pertain to a malware’s malicious control over browser windows. A browlock can close the open tab or window, block access to the desktop of the system, and stop you from navigating to another site. For more information, see this blog post on browser lockers. 171. Browser helper object (BHO) 172. A browser helper object (BHO) is a DLL component of Internet Explorer (IE) that provides added functionality to the browser. 173. Brute force attack 174. A brute force attack is a method wherein an application attempts to decode encrypted data, such as a password, by trial and error. A dictionary attack, for example, is a type that falls under this attack. 175. See also password cracking application 176. Buffer 177. In computing, a buffer refers to the amount of data stored and shared between applications to compensate for the difference in speed with which these can handle the data. Consider, for example, your browser buffering (part of) a movie while downloading it and, at the same time, while your movie player plays it. 178. Buffer overflow 179. A buffer overflow is a computer anomaly wherein a program writes to a block of memory (or buffer) more than what it is allocated to hold. 180. Synonym: Buffer overrun 181. Bug bounty 182. A bug bounty is a rewards program through which individuals can receive monetary compensation and/or recognition for finding flaws or vulnerabilities in a company’s software or system. 183. Bundler 184. A bundler is an assemblage of two or more software offered in one combined package. It usually contains (1) the main program a user is after and (2) bundleware. Many bundlers are found in freeware download sites. In some cases, these “free” software are actually trial versions of programs one commonly pays for. 185. Bundleware 186. Bundleware is a term used to collectively describe one or more software that comes in bundles as extra. This isn’t necessarily malicious. 187. Bundleware that are dodgy at best have a few types: 188. Programs that are considered adware and PUPs. These may or may not offer users the option to opt out of the extra programs. 189. Programs that are useful but nobody wants to pay for their functionality, so the developer enters some monetization program that incorporates adware into his/her program. 190. PUPs that offer to install other PUPs from the same manufacturer during the installation. 191. Programs that also install software packages they need to run on the affected system. 192. Malwarebytes detects these types. 193. Burn 194. In computing, to burn is to write data to a drive with a recordable disc (i.e. burn a CD or DVD). The data is written onto the disc using a laser and, until the invention of rewritable discs (RW), this was considered a one-time-only process. 195. Business continuity management (BCM) 196. Business continuity management is a term used to describe the holistic process of identifying an organization’s risk of exposure to potential threats found internally and/or externally and the impacts these may cause. Its goal is to prepare the organization to effectively respond to threats, protect the business’s interests, and ensure the continuity of the company in the event of such threats. 197. Business email compromise (BEC) 198. A business email compromise (BEC) is an attack wherein an employee, who is usually the CFO or someone from the Finance department, is socially engineered into wiring a large sum of money to a third-party account. 199. Business process compromise (BPC) 200. A business process compromise (BPC) is an attack wherein the threat actor targets weaknesses in an organization’s processes, systems, and loopholes in its operations to manipulate or alter them to their advantage. Unlike in business email compromise (BEC), BPC doesn’t rely on social engineering tactics. 202. C 203. Cache 204. In computing, a cache is a temporary storage that is used to speed up future requests. For example, a browser cache stores contents of websites so they can be displayed faster the next time the user visits them. For information about DNS cache poisoning, have a look at the blog post, DNS hijacks: what to look for. 205. Children’s Online Privacy Protection Act (COPPA) 206. The Children’s Online Privacy Protection Act, or COPPA, is a privacy law that protects children under the age of 13. It was first passed in 1998. The Federal Trace Commission (FTC) manages COPPA. To read more, go here. 207. Click fraud 208. Click fraud is the practice of artificially inflating statistics of online advertisements by using automated clicking programs or hitbots. 209. Synonym: Pay-per-click fraud 210. See also ad fraud 211. Clickbait 212. Clickbait is content (especially a headline) that uses exaggeration and sensationalism to entice you into clicking on a link to a particular web page. Clickbait often leads to content of questionable value. 213. Clickjacking 214. Clickjacking is a type of attack that tricks a user into clicking a website element that is either invisible or disguised as another element. This hijacks a user’s click meant for one thing but leads to another. For example: instead of clicking a button to reply, a clickjacking attack on a Twitter user can make them re-tweet a malicious domain to followers instead. 215. This is typically seen as browser security issue. However, such an attack can also take place in mobile applications. 216. Clickjacking has different types, such as likejacking. 217. Synonyms: User interface (UI) redress attack, UI redressing 218. Cloud computing 219. Cloud computing refers to the delivery of services that are hosted over the internet to computers and other computing devices. For more information, see this blog post on the cloud. 220. See also Anything-as-a-Service (XaaS) 221. Cloud phishing 222. Cloud phishing refers to a phishing trend that uses the guise of cloud computing services to get users to click malicious links. Campaigns of this kind usually start off in emails and social media posts. 223. Cold boot 224. In computing, a cold boot happens when a system is powered up from its off state. Cold booting is sometimes used to remedy certain system hiccups. 225. Other forms: Cold booting 226. Command & control (C&C) 227. Command & control, also called C&C or C2, is a centralized server or computer that online criminals use to issue commands to control malware and bots as well as to receive reports from them. 228. Companion virus 229. A companion virus is an old type of virus that poses as a legitimate file by copying its file name but uses a different extension. It doesn’t modify files. 230. Compromised 231. Compromised sites (or servers) are otherwise legitimate sites that are being used by hackers without the owner’s knowledge. Compromised sites are often used to house and spread malware. 232. Computer ethics 233. Computer ethics is a philosophy concerned with how professionals in the field of computing should make decisions. Examples would be rules for disclosing of compromised information and vulnerabilities, copying of electronic content, and the impact of computers—AI, for example—on human lives. 234. Computer science (CS) 235. Computer science, abbreviated as CS, is a multi-disciplinary collection of studies in the fields that are related to digital information. Computer systems, the internet, programming, and data storage are some of the best-known fields. 236. Computer-Aided Design (CAD) 237. Computer-Aided Design, or CAD, is the use of computer technology to help with the design of two- or three-dimensional objects. This specialized type of software helps to design, modify, analyze, optimize, and even create objects in many fields, including architecture, mechanics, engineering, and art. 238. Consumer fraud protection 239. Consumer fraud protection is a law designed to shield consumers against goods and services that didn’t perform as advertised. Consumers are also protected against unfair trade (overcharging) and fraudulent credit practices. 240. Cookie 241. In the context of computing, a cookie is a text file that a website puts into a visitor’s computer to recognize them and keep track of their preference. A cookie can be stored temporarily (session cookie) or permanently on the hard disk (persistent cookie). For more information, see this blog post on whether we should worry about cookies or not. 242. Crack 243. A crack is either used as a: 244. noun: A piece of software used to figure out passwords using a dictionary attack. It can also be a piece of software or tool used to illegally bypass certain software security features, such as copy protection. 245. verb: The act of breaking into a secured computer system. The person doing the crack is called a cracker. Some argue that there are distinctions between a cracker and a hacker. 246. Credential stuffing 247. Credential stuffing is a popular tactic of attempting to access online accounts using username-password combinations acquired from breached data. This is usually done using an automated tool. 248. Crimeware 249. Crimeware is sophisticated software designed specifically for certain criminal acts, such as data theft, ransom, network poisoning, and communications monitoring. 250. Cross-site scripting (XSS) 251. Cross-site scripting is a type of injection attack wherein a vulnerability in web applications is exploited that allows a threat actor to inject malicious script into the site’s content. Affected trusted sites are made to deliver the malicious script to visitors. 252. Crypter 253. In malware research, this refers to a program that makes malware hard to read by researchers. The crudest technique for crypters is usually called obfuscation. A more elaborate blog post on that is Obfuscation: Malware’s best friend. 254. Obfuscation is also used often in scripts, like JavaScript and VBScript. But most of the time, these are not difficult to bypass or de-obfuscate. More complex methods use actual encryption. More information about this and related subjects can be found in our blog post, Explained: Packer, Crypter, and Protector 255. Cryptocurrency 256. Cryptocurrency is a decentralized digital currency. It is the preferred payment method of ransomware authors, and it can be generated by mining scripts embedded on websites. 257. Cryptocurrency mining 258. Cryptocurrency mining, popularly known as cryptomining, is the process of adding new transactions to a public ledger of previous transactions (called the blockchain) and introducing new cryptocurrencies into the system. For more information, see this blog post on the dangers of drive-by mining and online ads. 259. Cryptography 260. Cryptography is the knowledge of sending and storing encrypted data. For more information, see this blog post on how to encrypt files and folder. 261. Cryptojacking 262. Cryptojacking is the surreptitious use of computing devices to mine cryptocurrency. 263. Customer Relationship Management (CRM) 264. A CRM is software that companies use to manage their relationships or interaction with current and potential customers. 265. CVE identifier 266. A Common Vulnerabilities and Exposure (CVE) identifier is a unique number assigned to publicly known software vulnerabilities. It follows the format: 267. CVE + year + at least 4 sequence number digits 268. Vendors and researchers alike consider CVE identifiers as standard for identifying vulnerabilities. For example, CVE-2014-0160 is the CVE ID for the vulnerability commonly known as Heartbleed. 269. Synonyms: CVE names, CVE IDs, CVE numbers, CVEs, vulnerability identifier 270. Cyber Monday 271. Cyber Monday is the marketing term given to the Monday after the Thanksgiving holidays in the United States. For more information, see this blog post on safe online shopping on Cyber Monday. 272. Cyberbullying 273. Cyberbullying is the act of threatening and intimidating others via electronic and digital means. 274. Cybercrime 275. Cybercrime is the term referring to crimes that are related to computers and networks, including traditional crimes like fraud, blackmail, and identity theft that are done over the Internet or by using computing devices. 277. D 278. Data breach 279. A data breach happens when data deemed sensitive, protected, or confidential were illegally accessed or disclosed. Individuals may have viewed, copied, transmitted, stolen, or used such data accidentally or deliberately. For an in-depth look at data breaches, see this page. 280. Data exfiltration 281. Data exfiltration is an act of retrieving, copying, and transferring data, such as user credentials, about individuals or organizations without authorization. 282. Synonym: Siphoning 283. Data mining 284. Data mining is the process of sifting through large data sets to identify patterns or generate new information. 285. Data Privacy Day 286. Data Privacy Day, which many shorten to DPD, is an annual event that occurs on the 28th of January and is recogized worldwide. Its purpose is to promote the importance of privacy coupled with sharing practical steps on how internet users can protect their personal data. 287. Decryptor 288. A decryptor is a tool used to transform unreadable data back to its original, unencrypted form. This is typically used by those affected by ransomware to restore their files. 289. Definition 290. In computer security, a definition is code written into a database that enables cybersecurity software programs to identify and detect specific, known families of malware. Definitions are used in signature-based detection methodology and therefore cannot be used to detect new or unknown forms of malware. 291. Defragmentation 292. Defragmentation is the process of reorganizing a file system so that files that were split up when saved and changed are put back together again. This removes pointers to and from the fragments and optimizes the speed with which these files can be used. 293. Other forms: Defrag, defragment 294. Destruction of service (DeOS) 295. Destruction of service is an attack using IoT botnets that aim to destroy an organization’s backups and safety nets, which are used to recover critical systems and data after a cyber attack. 296. Dialer 297. A dialer can mean (1) a program or app that initiates the best connection for the number chosen by the user, (2) a program that connects a system to the internet over a telephone or ISDN line, or (3) malware that connects a system to a network or phone number with the intent to fraud. 298. Other forms: Dialler 299. Dictionary attack 300. A dictionary attack is an act of penetrating password-protected computer systems or servers using large sets of words in a dictionary. This attack usually works as many users still use ordinary words for their passwords. 301. See also brute force attack 302. Digital footprint 303. A digital footprint is the term used to describe the recorded—thus, traceable—internet or device activities of a particular person. 304. Synonym: digital shadow 305. Distributed Denial of Service (DDoS) 306. A distributed denial of service (DDoS) attack is a network attack wherein threat actors force numerous systems (usually infected with malware) to send requests to a specific web server to crash, distract, or disrupt it enough that users are unable to connect to it. 307. For a more in-depth look, see this page: DDoS attacks. 308. Domain 309. In computer security, a domain can refer to: 310. A group of computers that are under the control of a common operator and administered as one unit, or 311. The name of a Web resource following the rules of the Domain Name System (DNS), which translates the domain name into an IP address 312. Domain administrator privileges 313. Domain administrator privileges refer to administrator access to all machines within a network. 314. Domain Name System (DNS) 315. A Domain Name System, abbreviated as DNS, is an Internet protocol that translates user-friendly, readable URLs, such as malwarebytes.com, to their numeric IP addresses, allowing the computer to identify a web server without the user having to remember and input the actual IP address of the server. 316. Name Servers, or Domain Name Servers, host these translations. They are part of the overall Domain Name System. 317. To learn how threat actors can abuse DNS protocols, read up on DNS hijackers, a type of malware that modifies users’ DNS settings. 318. Domain Name System Security Extensions (DNSSEC) 319. Domain Name System Security Extensions, abbreviated as DNSSEC, is a set of extensions that add extra security to the DNS protocol. For more information, see this blog post on why we need DNSSEC. 320. Downloader 321. A downloader, or Trojan downloader, is malware with the sole intention of downloading other programs—usually more malware—to the affected system as soon as an Internet connection is available. 322. Dox 323. Dox is an informal abbreviation of the word “documents”. The term is used to describe the act of researching and disseminating private information about a person or organization. Many doxxers—those who dox—employ a number of techniques to gather information, such as searching the internet, hacking, and social engineering. 324. Other form(s): doxing, doxxing 325. Drive-by download 326. A drive-by download pertains to (1) the unintended download of one or more files, malicious or not, onto the user’s system without their consent or knowledge. It may also describe the download and installation of files bundled with a program that users didn’t sign up for. Drive-by mining Drive-by mining is a term coined to describe a method in which a piece of JavaScript code is embedded into a Web page to perform cryptocurrency mining on user machines that visit this page. For more information, see this blog post on drive-by mining and ads. 329. Dropper 330. A dropper, or Trojan downloader, is a type of malware that installs other malware on the affected system. The other malware is part of the same executable, which is usually in compressed form. 331. Dwell time 332. Dwell time refers to the amount of time passed from when malware has initially infiltrated a system to when it has been detected and removed 334. E 335. Electronic sports (eSports) 336. Electronic sports, or eSports, are basically video games competitions. Any computer- or console-game that has a multi-player competition qualifies as an eSport. 337. Encryption 338. Encryption is the process of changing data in a way that can not (easily) be undone (or decrypted) by parties that don’t have the decryption key. For more information, see this blog post on encryption and types of secure communication and storage. 339. End-user 340. The end-user is the person that a specific product is designed, developed, and created for. For this intended user, the product should be suitable (ease of use), and it should be a finished product. 341. Enterprise Resource Planning (ERP) 342. An ERP is a suite of business management software that allows companies to collect, store, manage, and interpret data coming from multiple departments. 343. EternalBlue 344. EternalBlue is one of the handful of “exploitation tools” leaked by a group called The Shadow Brokers (TSB) that take advantage of weaknesses in how Windows implemented the Server Message Block (SMB) protocol. The WannaCry and NotPetya ransomware strains used this exploit to target unpatched systems. 345. For more information, see this blog post on how threat actors are using SMB vulnerabilities in their attack campaigns. 346. EternalChampion 347. EternalChampion is one of the handful of “exploitation tools” leaked by a group called The Shadow Brokers (TSB) that take advantage of weaknesses in how Windows implemented the Server Message Block (SMB) protocol. EternalChampion particularly exploits a race condition in how SMB handles a transaction. TrickBot is an infamous banking Trojan known to use EternalChampion to spread laterally. 348. More information can be found in our blogs: TrickBot takes over as top business threat and How threat actors are using SMB vulnerabilities. 349. EternalRomance 350. EternalRomance is one of the handful of “exploitation tools” leaked by a group called The Shadow Brokers (TSB) that take advantage of weaknesses in how Windows implemented the Server Message Block (SMB) protocol. Successful exploitation results in a remote code execution (RCE) attack. The ransomware strain known as BadRabbit has used EternalRomance in its campaign. 351. More information can be found in our blogs: BadRabbit: a closer look at the new version of Petya/NotPetya and How threat actors are using SMB vulnerabilities. 352. Ethernet 353. Ethernet is a networking technology commonly used in various networks, such as LAN, MAN, and WAN. It is so commonplace that most PC motherboards have a built-in Ethernet interface. 354. Executable and Link format (ELF) 355. An ELF file is an executable file format for the Linux and Unix platforms. Its known file extensions are .axf, .bin, .elf, .o, .prx, .puff, .ko, .mod, and .so. 356. Exploit 357. Exploits are a type of malware that takes advantage of bugs and vulnerabilities in a system in order to allow the exploit’s creator to take control. 358. For an in-depth look at exploits, see this page. 359. Exploit kit 360. An exploit kit is a packaged collection of exploits for use by criminal gangs in spreading malware. 361. Synonym: Exploit pack 362. Extended Validation SSL Certificate (EV SSL) 363. An Extended Validation SSL Certificate is an identity authentication solution used in HTTPS websites that tells users that the owner or operator of the site they’re interacting with is legitimate. A green bar displayed in the address bar denotes the presence of an EV SSL. 365. F 366. Family 367. In computer security, a family refers to a group of malware variants that all exhibit at least one base characteristics. 368. Fear, uncertainty, and doubt (FUD) 369. Fear, uncertainty, and doubt is a disinformation strategy that is used as a weapon against competitors. 370. In hacking, FUD could also mean “fully undetected,” which means (1) that data that is made to appear like random noise due to encryption, or (2) a piece of software that cannot be detected by AV tools and scanners. 371. File type 372. A file type is a name given to a specific kind of file. For example, a Microsoft Excel sheet file and a Python script file are two different file types. A file type is not the same as a file format. 373. File-based attack 374. A file-based attack is an attack where threat actors use certain file types, usually those bearing document file extensions like .DOCX and .PDF, to entice users to open them. The file in question is embedded with malicious code; thus, once opened, this code is also executed. 375. Fingerprinting 376. Fingerprinting refers to the process of gathering information about a system at first contact. It is commonly used by malware to determine whether a system is vulnerable to certain attacks. 377. Firmware 378. Firmware is software that is written to a hardware device’s memory. It is used to run user programs on said devices. 379. Foothold expansion 380. Foothold expansion is the act of creating backdoors that are used to re-enter a network after its initial infiltration. 381. Fraud 382. Fraudulent websites appear to be one thing, like a tech support site, a dating site, or a shopping site with illegal products or great deals, but they’re really scams to try to steal your information or credit card details. 383. Freeware 384. Freeware is software that comes without a cost. Some freeware may give the option of voluntary payments to the developer, which is typically be called donationware. 385. Frequently asked questions (FAQ) 386. Frequently asked questions, or FAQ, is a list drawn up around a particular subject of commonly asked questions and their answers. This list is often the first line of support for many products and answers many of the issues that users may have. 388. G 389. General Data Protection Regulation (GDPR) 390. The General Data Protection Regulation is the standard data protection law affecting the European Union and its citizens that puts strict regulations on organizations on how personally identifiable information (PII) are to be controlled, processed, and stored. For more information, see this post on how businesses can adequately assess their readiness to GDPR. 391. Globally unique identifier (GUID) 392. A globally unique identifier is a unique number created by Microsoft applications to identify components, hardware, files, user accounts, etc. 393. Graphical user interface (GUI) 394. A graphical user interface, or GUI, is a type of interface that helps a user to control and manipulate software. The alternative is command line programs, which is generally perceived as challenging to understand and learn. 395. Graymail 396. Graymail is bulk solicited email that users opted-in to receiving at first, but after losing interest, just accumulates in the inbox until recipients decide to opt-out or report them as spam. 397. Greyware 398. Greyware is a classification of software that generally does annoying, disruptive, or undesirable tasks but not to the point of being malicious. 399. Other forms: Grayware 400. Griefing 401. In video gaming, particularly in MMORPG circles, griefing is the deliberate act of annoying, irritating, and generally causing other players grief. This is done by attacking and terminating other characters and destroying player property among others. 403. H 404. Hacker 405. A hacker is a person that has a profound understanding of particular systems or processes. Their knowledge enables them to use those subjects for other purposes than what they were initially designed for. 406. For an in-depth look at hackers, see this page. 407. Hacktivism 408. Hacktivism is a portmanteau of “hacking” and “activism”. Hacktivism is the defacement of a website where the compromise isn’t as significant as the statement the hackers make through it. 409. Hash value 410. A hash value is an alphanumeric string that uniquely identifies data or files. MD5, SHA-1, and SHA-2 are three of its known algorithms. 411. Synonym: Hash code 412. Heap spray 413. In the context of computer security, a heap spray is an old technique that allows vulnerable systems to be taken advantaged of easily. This happens when threat actors write to the heap—a predetermined location in the computer’s memory—for a running program. This task of writing is often referred as “spraying the heap”. And then, at a later time, these same attackers will take advantage of a vulnerability to cause the exploit code to call commands in the heap. 414. Other form(s): Heap spraying 415. Heap spraying 416. Heap spraying is a technique wherein code is written in various places in the heap (memory allocated for the use of programs) for malicious software to refer to at a later date, giving exploits a higher chance of success. 417. Other forms: Heap spray, “spraying the heap” 418. Heartbleed 419. Heartbleed is the term used to refer to a vulnerability in some OpenSSL implementations. This vulnerability’s official identifier is CVE-2014-0160. For more information, see this blog post on systems still unpatched five years after Heartbleed’s discovery. 420. Heuristic analysis 421. Heuristic analysis is a scanning technique used by many antivirus programs wherein they look for certain malicious behaviors from potentially new and undetected variants. 422. Other forms: Heuristics 423. Hibernation 424. Is a state of inactivity to save energy. In computing this expression is used for powering down a computer while preserving the state it is in. The content of the RAM (Random Access Memory) is saved to a drive (usually the main hard disk of the system) and will be restored in RAM as soon as the system is brought back out of hibernation. Not to be confused with sleep mode, which is another energy saving method that uses a little energy to keep the data in RAM. The advantage of sleep mode is that the system is ready for use almost instantaneously where waking from hibernation takes some time. 425. Hijacker 426. A hijacker is a type of malware that modifies a web browser’s settings without users’ permission, usually to inject unwanted ads into the browser or redirect to scam sites. 427. Synonyms: browser hijacker 428. Hoax 429. A hoax is a term we use to generally describe a fake or false warning. For more information, see this blog post on a more in-depth look at hoaxes. 430. Synonyms: scams and shams 431. Homograph 432. A homograph is, by definition, a word of the same written form as another but of different meaning and usually origin, whether pronounced the same way or not. But in cybersecurity, this is expanded to include words that look the same. 433. Homograph attacks 434. A homograph attack is a method of deception wherein a threat actor leverages on the similarities of character scripts to create and register phony domains of existing ones to fool users and lure them into visiting. For more information, see this blog post on an in-depth look at homograph attacks. 435. Synonym: homoglypth attacks, Punycode attack, script spoofing, homograph domain name spoofing 436. Host Intrusion Prevention System (HIPS) 437. A Host Intrusion Prevention System, or HIPS, is a software package that monitors for suspicious activities occurring within a host machine. For more information, see this blog post on how HIPS work. 438. Host-based solution 439. A host-based solution refers to software that is installed in end-point systems as opposed to a centralized solution. 440. Hyper-Text Transfer Protocol (HTTP) 441. The Hyper-Text Transfer Protocol is a set of underlying rules used in the World Wide Web, defining how files are transferred and formatted, and how web servers and internet browsers should respond to specific commands. 442. Hyper-Text Transfer Protocol Secure (HTTPS) 443. In a nutshell, Hyper-Text Transfer Protocol Secure is secure HTTP. This means that file transference and communication over the network is protected due to encryption on both the server side and the client side. 445. I 446. Identity and access management (IAM) 447. Identity and access management (IAM) is a collective term pertaining to processes, services, and technologies that allow the right individuals and groups to access the right resources within a network. 448. Identity theft 449. Identity theft is an electronic and real-world crime of deliberately using someone else’s information to commit fraud. Usually, identity thieves are financially motivated, consequently disadvantaging their target. 450. Incident scope 451. In a malware attack against enterprises, an incident scope generally refers to the extent of damage against the organization, how much data has been stolen, what the attack surface is, and how much it’d cost them to resolve the attack and prevent it from happening again in the future. 452. Indicator of compromise (IOC) 453. Indicators of compromise, or IOC, can be found after a system intrusion. These indicators can be IP addresses, domains, hashes of malware files, virus signatures, and similar artifacts. 454. Information Technology (IT) 455. Information Technology, or IT, is the study or the use of systems for storing, retrieving, and sending information. 456. Injection attacks 457. Injection attacks is a broad term referring to a certain attack vector. Usually, malicious code is used in such attacks; but generally speaking, attackers provide input that, once interpreted, alters the execution or outcome of a program. Injection attacks have several types. They include: 458. Cross-site scripting (XSS) 459. SQL injection 460. Input/Output (I/O) 461. Input/Output, or I/O, is an expression used to describe any information exchange between a computer system and the outside world. Usually, an I/O is illustrated (but are not limited to) as the traffic between a system and peripheral devices. 462. Intellectual property 463. Intellectual property refers to creations of the mind, whether they are inventions, art, designs, names, or commercial images. Laws on intellectual property differ from one country to the other, but they usually protect the rights of the person or company that first successfully claims coming up with the creation. 464. Internationalized domain names (IDN) 465. Internationalized domain names, or IDN, is a domain name containing at least one non-ASCII character. They enable internet users from all over the world can create and register domain names using their own native language. 466. Internet of things (IoT) 467. The internet of things, or IoT, represents a host of internet-connected devices that do not require direct human input. For more information, see this blog post on what an IoT security is and what it should never be. 468. Internet Service Provider (ISP) 469. An ISP is a company that provides users with internet services, such as basic connections, broadband, web hosting, and a range of other services. 470. Intranet 471. An intranet is a private network with restricted access. It is usually set up by or for a company that only to the members of the company can access. 472. Intrusion Prevention System (IPS) 473. An Intrusion Prevention System, or IPS, monitor network traffic to determine whether a security breach or malware infection has taken place. When applicable, they can intervene in such cases as pre-determined by the network administrator to avoid further damage. 474. IP address 475. An IP address is a number assigned to each system that is participating in a network using the Internet Protocol, such as the World Wide Web. 477. J 478. Jailbreak 479. In computing, to jailbreak means to modify a device, usually a smartphone, by removing any restrictions imposed by the device manufacturer, such as the downloading and installation of unauthorized software or apps from third-party markets. 480. Other forms: jailbreaking 481. Joke programs 482. A joke program is a file that may not have a malicious payload but may inconvenience the user in another way. For example, it might play loud audio files, or pop up a funny video, or move the mouse cursor around the desktop. 483. Juice jacking 484. Juice jacking is a cyberattack against unsuspecting targets via their mobile devices. This happens when the target plugs their device into a USB port to charge; however, the charging port also functions as a data connection, so threat actors can abuse this. Malware could be introduced to the device via the USB port or the USB cable itself, or sensitive information could be quietly retrieved from the device. 485. Junk mail 486. Junk mail is, essentially, email spam. 488. K 489. Key generator 490. A key generator, or popularly known as keygen, is a piece of software that generates random keys—usually software product keys—for the purpose of letting the user activate and operate a program without them actually purchasing it. 491. Keylogger 492. In the context of malware, a keylogger is a type of Trojan spyware that is capable of stealing or recording user keystrokes. You can learn more at our dedicated keylogger page. 493. For an in-depth look at keyloggers, see this page. 494. Other forms: keylogger, keylogging 495. Synonyms: keystroke logger, system monitor 496. Keystroke 497. A keystroke is one stroke of any key on a machine operated by a keyboard, such as a typewriter or a computer terminal. Sometimes keystrokes per hour (KSPH) or keystrokes per minute (KSPM) are used as a standard of typing speed. 499. L 500. Latency 501. In computing, latency generally means a time delay from system input to desired output. This can be defined differently, depending on context. 502. Lateral movement 503. Lateral movement refers to various techniques and/or tactics that threat actors use that allow them to move through a network to access or search for critical assets and data within a network. At times, they employ this to control remote systems. 504. Layered Service Provider (LSP) 505. A Layered Service Provider (LSP) is a Windows feature that allows software to tap into data flowing through the network. It can intercept, filter, and even modify all the traffic between the internet and a system’s applications. For more information, see this blog post for an overview on how legit and illegitimate programs use LSPs. 506. Linux 507. Linux is a favorite and most used free, open-sourced operating system to date. This term also denotes a family of OS distributions (or distro) built around the Linux kernel. 508. Local administrator privilege 509. A local administrator privilege refers to administrator privileged access to a specific machine within a network, allowing an owner to make system configurations, install and uninstall software, and use other OS components. 510. Local administrator privileges 511. Refers to administrator access to a specific machine within a network, allowing an owner to make system configurations, install and uninstall software, and use other privileged OS components. The owner of the machine is usually (and by default) the administrator. 512. Local Area Network (LAN) 513. A Local Area Network, or LAN, is a network of computers and other devices spread over a relatively small space, e.g., a building or group of buildings. Usually, these devices all connect to a server or group of servers by ethernet or Wi-Fi. 514. Localhost 515. On any given system, the localhost refers to “This computer.” It uses the IP address 127.0.0.1 to use the loopback function to reach the resources stored on the system itself. 517. M 518. MAC address 519. A MAC address is your computer hardware’s unique number. MAC stands for Media Access Control. 520. Machine code 521. Machine code is the basic or fundamental language of computers. It is composed of binary numbers. 522. Synonym: machine language 523. Machine learning (ML) 524. Machine learning is a form or subset of artificial intelligence (AI) where computers make use of large data sets and statistical techniques to improve at specific tasks without being manually reprogrammed. 525. Machine-to-machine (M2M) 526. Machine-to-machine (M2M) is any technology that allows for the communication of machines without a human aid. Artificial intelligence (AI) and machine learning (ML) usually facilitates this exchange. 527. Macro 528. Macro is a set of commands that application users group together and save, so they can execute it with a single command or keystroke. 529. Macro virus 530. A macro virus is malware written in the same macro language used in software applications, examples of which are Microsoft Word and Microsoft Excel. 531. Madware 532. Madware is aggressive advertising on mobile devices, particularly tablets and smartphones. 533. Magecart 534. Magecart is the collective name given to several groups of online criminals who engage in web skimming. They usually target the Magento system, a highly popular e-commerce platform, of online shops to steal customer payment card information. 535. Mail bomb 536. “Mail bomb” is a verb pertaining to the act of sending too much email to a person, group, or systems. 537. Other form(s): Mail bombing 538. Malspam 539. Malspam, short for malware spam or malicious spam, is spam email that delivers malware. While regular spam is simply any unsolicited email, malspam contains infected attachments, phishing messages, or malicious URLs. It can also deliver a myriad of malware types, including ransomware, Trojans, bots, info-stealers, cryptominers, spyware, and keyloggers. 540. Malvertising 541. Malvertising, or “malicious advertising,” is the use of online advertising to distribute malware with little to no user interaction required. More information can be found in our blogs: What is malvertising? and Truth in malvertising: How to beat bad ads. 542. For an in-depth look at malvertising, see this page. 543. Malware 544. Malware, or “malicious software,” is an umbrella term that refers to any malicious program or code that is harmful to systems. 545. For an in-depth look at malware, see this page. 546. Man-in-the-Browser (MitB) 547. A man in the browser is a form of Man-in-the-Middle (MiTM) attack wherein malware—usually a Trojan—is used to intercept and manipulate communication between the internet browser and its mechanisms or libraries to commit fraud. 548. Other forms of abbreviation include: MIB, MiB, MITB 549. Man-in-the-Middle (MitM) 550. In cybersecurity, a Man-in-the-Middle (MitM) attack happens when a threat actor manages to intercept and forward the traffic between two entities without either of them noticing. In addition, some MitM attacks alter the communication between parties, again without them realizing. 551. To pull this off, the attacker should not only be convincing in their impersonation but also be able to follow and influence the conversation between two or more parties. 552. A MitM attack can be done between browser and Internet, for example, or between a Wi-Fi hotspot and an Internet user. 553. Managed service provider (MSP) 554. A managed service provider (MSP) is a company that proactively offers remote support to a client’s IT infrastructure or endpoints. Oftentimes, this term is used interchangeably with “cloud service provider”. 555. Master Boot Record (MBR) 556. Typically, the Master Boot Record (MBR) is the first sector on a startup drive or other partitioned media. It contains a bootloader, an executable code that works as a loader for the OS. For more information, see this blog post for a deep dive on MBRs. 557. Synonyms: partition sector, master partition table 558. Memory dump 559. A memory dump is content of a system’s RAM (random access memory) created at a specific point in time. This is usually done at the moment of a program crash or system failure and used to diagnose the problem. However, this can also be made manually for memory forensics, such as investigating advanced malware (e.g. fileless). 560. Memory resident 561. A memory resident program possesses the ability to remain in memory, and can be a common trait of certain pieces of malware. 562. Metadata 563. Metadata is data about data. It gives background information, such as origin, relevance, and creation, about data. Examples are geotags in media files (say, where was a photograph taken) and author and data modified in document files. 564. Metropolitan area network (MAN) 565. A metropolitan area network (MAN) is a network of LANs. It spans an entire campus or an entire city, but it’s smaller than a WAN. 566. Middelware 567. Middleware is software that sits between the OS and the software it runs, thus the name. Middleware provides additional services to these software that the OS cannot. For example, middleware allows users to submit a form on a web browser, or allows a server to return results based on user queries. 568. Miner 569. Miner is also known as cryptocurrency miner. This is a form of malware that uses the resources of an infected system to mine cryptocurrency (e.g. Bitcoins) for the threat actor. 570. Mitigation 571. In computing, mitigation is the process or act of containing the impact and/or risk from an attack. Remediation usually follows mitigation. 572. Mixed reality 573. Mixed reality is a piece of technology that marries the physical and the virtual worlds through by combining virtual reality (VR) and augmented reality (AR). 574. Money mule 575. A money mule is someone who is tricked into accepting money from scammers, keeping it in their account for a period of time, and then forwarding it on to a second account. For more information, see this blog post on children and young adults as the next generation money mules. 576. Other forms: Money muling, muling 577. Multi-factor authentication (MFA) 578. Multi-factor authentication (MFA) suggests using two or more authentication protocols. The most well-known MFA is two-factor authentication (2FA). Both represent the combination of more than one method of gaining access to a resource. For more information, see this blog post on the basics of 2FA. 579. Multi-tenancy 580. Muti-tenancy refers to a software architecture in which a single instance of software running in a server can cater to multiple users. A tenant is referred to here as the user. 581. Multimedia Messaging Service (MMS) 582. Multimedia Messaging Service (MMS) is an enhancement of the Short Message Service (SMS), which allows users to send longer messages (SMS is limited to 160 characters) accompanied by pictures, short videos, and audio over a cellular network. 583. Multiplatform 584. Multiplatform, or cross-platform, is an expression to describe software that has been developed to work on multiple operating systems. 585. Mumblehard malware 586. Mumblehard malware is a type of malware that specifically targets Linux and BSD servers, using spambots to compromise systems. It derived its name from the spam being “mumbled” out of affected systems and servers. 588. N 589. National Cyber Security Centre (NCSC) 590. The National Cyber Security Centre (NCSC) is an organization in the United Kingdom that gives cyber security guidance and support to the public and private sectors. Its headquarters is in London. 591. National Institute of Standards and Technology (NIST) 592. The National Institute of Standards and Technology (NIST) is a unit of the US Commerce Department that promotes and maintains measurement standards. It was formerly known as the National Bureau of Standards. 593. National Security Agency (NSA) 594. The National Security Agency (NSA) is an intelligence agency of the US Department of Defense that monitors, processes, and collects information and data for the purpose of foreign and domestic intelligence and counterintelligence. 595. Near-field communication (NFC) 596. Near-field communication (NFC) is a short-range communication standard co-developed by Sony and Philips. Like Bluetooth, NFC is also a wireless means of doing peer-to-peer (P2P) data transfer without an internet connection. For NFC to work, two devices must either be touched together or be a few centimeters away of each other. A majority of modern smartphones come with NFC. 597. Net neutrality 598. Net neutrality is a concept, principle, or idea that ISPs must treat all internet data equally, regardless of its kind, source, or destination. The term was first coined in 2002 by Tim Wu, a professor at Columbia Law School. 599. Other form(s): network neutrality 600. Synonym: internet neutrality 601. Network 602. In computing, the definition of a network is a group of two or more computers or systems linked together. For example, your home network might consist of several devices that connect to a central router, including your desktop, gaming consoles, laptops, phones, and other Internet-connected gadgets. 603. A prime property of networks is their topology, or the way they are laid out, connect to one another, and communicate with one another. The main topologies of networks are: 604. Mesh: every device, or node, is connected to one another. This is the most secure network that can handle the highest amount of traffic, but it’s also the most expensive. 605. Star: every device connects through a central hub. This allows for other nodes to stay online if one goes down, but if the central hub/server goes down, the entire network goes with it. 606. Bus: every device is connected by one cable that acts as the backbone of the network. This also allows for other nodes to stay online if one goes down, but any problems with the cable render the entire network useless. It’s the cheapest option, but not optimal for large networks. 607. Ring: every device is connected in a circular fashion, and the data travels in one direction. This configuration is easy to install and manage, and can handle large volumes of traffic. Expanding the network is time-consuming, however, and if one computer goes down, so does the network. 608. Tree: a hybrid topology that connects clusters of star networks to a single bus line. This helps to divide and manage a larger network, but can be just as easily taken down as a bus configuration. 609. Network perimeter 610. A network perimeter refers to the boundary between a private network and a public network, such as the World Wide Web. 611. Network segmentation 612. In computer networking, network segmentation is the practice of dividing a network into subnetworks to boost performance and improve security. 613. NewTab 614. NewTab is software that changes the default page of a new tab on the browser. This can result in similar negative effects and behavior to browser toolbars or browser hijackers. NewTab can manipulate browser(s) to change their home page or search provider in order to hijack Internet traffic and inject advertisements. 616. O 617. Obfuscation 618. Obfuscation is when malware deliberately tries to obscure its true intent to potential victims, and/or attempts to hide portions of code from malware researchers performing analysis. 619. Open Systems Interconnection (OSI) 620. Open Systems Interconnection (OSI) is a model that defines a networking framework to implement protocols in seven layers: 621. Physical 622. Data Link 623. Network 624. Transport 625. Session 626. Presentation 627. Application 628. This model was designed by ISO (International Organization for Standardization) as a design template for building network systems. The lower layers deal with electrical signals, chunks of binary data, and routing of these data across networks. Higher levels cover network requests and responses, representation of data, and network protocols as seen from a user’s point of view. 629. OpenSSL 630. OpenSSL is a popular software cryptographic library for applications designed for secure communication over computer networks. It provides an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. 631. Operating system (OS) 632. An operating system (OS) is software that supports a computer’s basic functions, such as executing applications, controlling peripherals, and scheduling tasks. The most well-known operating systems are Microsoft Windows, Linux, Apple macOS and iOS, Android, and Google’s Chrome OS. 633. Opportunistic attack 634. In contrast to a targeted attack, an opportunistic attack involves malware that is distributed in large numbers for anyone to download or injected into websites for anyone to access. Well-known methods are email and exploit kits. 635. Synonym: mass malware 637. P 638. Packer 639. Packer is usually short for runtime packers. It is also known as self-extracting archives, which is software that unpacks itself in memory when the “packed file” is executed. Finally, this technique is also called executable compression. 640. This type of compression was invented to make files smaller so that users wouldn’t have to unpack them manually before they could be executed. However, given the current size of portable media and faster Internet speeds, the need for smaller files is not that urgent anymore. So when you see some packers being used nowadays, it is almost always for malicious purposes: to make reverse engineering more difficult, with the added benefit of a smaller footprint on the infected machine. For more information about this subject, have a look at the blog post Explained: Packer, Crypter, and Protector. 641. Passcode 642. A passcode is essentially a short and simple password. This could be the four-digit numerical code to unlock a smart phone or a banking PIN number, for example. 643. Passphrase 644. A passphrase is essentially a complex password made up of a sequence of words. The difference between a passphrase and a regular password is that passphrases are more complex because of the presence of spaces and their longer lengths. 645. Password 646. In cybersecurity, a password is a method of authentication used to gain entry into an online account. Passwords are typically made up of a combination of letters and numbers, sometimes with special characters included. It’s generally understood that the longer a password is, the more secure it is. 647. Username and password combinations have become popular modes of authentication due to their relative ease of use. However, the growing need for longer and more complex passwords, each one unique for each online account, has diminished that ease of use a bit. 648. Password cracking 649. Password cracking, like password guessing, is another “brute force” method of attack against encrypted accounts or systems. However, it’s less about guessing and more about working with an acquired list of passwords hashes or the database itself. These hashes can be obtained via network sniffing. 650. Password cracking application 651. A password cracking application is typically a tool designed to recover a password from a system, or brute force its way in by manner of guessing the right password. 652. Password guessing 653. Password guessing is a “brute force” method of gaining access to an encrypted account or system by systematically guessing its password. Typically, a dictionary type scheme is used to do this. Guessing a password successfully is only possible in the event that weak passwords are used. 654. Password guessing shouldn’t be confused with password cracking. 655. Synonym: PG-ing 656. Password manager 657. A password manager is a software application designed to store and manage online credentials. It also generates passwords. Usually, these passwords are stored in an encrypted database and locked behind a master password. For more information, see this blog post for a longer brief on password managers, and what to do if you’re opposed to using one. 658. Payload 659. In cybersecurity, a payload is malware that the threat actor intends to deliver to the victim. For example, if a cybercriminal sent out an email with a malicious Macro as the attachment and the victim gets infected with ransomware, then the ransomware is the payload (and not the email or document). 660. Peer-to-peer (P2P) 661. Peer-to-peer, sometimes abbreviated as P2P, involves the sharing of files and/or resources between two computers connected to each other through a network. Each of these computers become a file server to the other. 662. Penetration testing 663. Penetration testing, or pen testing, is the practice of running controlled attacks on a computer system, network, software, or other application in an attempt to find unpatched vulnerabilities or flaws. By performing pen tests, an organization can find ways to harden their systems against possible future real attacks, and thus make them less exploitable. 664. Peopleware 665. Peopleware is the term used to refer to the role of humans/people in information technology, such as the creation of hardware and software. 666. Personal identification number (PIN) 667. A personal identification number (PIN) is a set of numeric or alphanumeric characters used for authentication. While typically used in ATMs and point-of-sale card transactions, PINs are also used by operating systems like Windows and macOS. 668. Personally Identifiable Information (PII) 669. Personally Identifiable Information (PII) is the term used for data that can be tracked back to one specific user. Examples of PII are names, social security numbers, biometrics, and other information that, in combination with other data, could be enough to identify a user. 670. “Personally Identifiable Information” also has a legal definition, depending on the country and its laws. Personally Identifiable Information in one state may not include the same type of information as “personal information” or “personal data” in another state, but the purpose of these laws is often the same—to protect the types of data that could reveal a person’s identity. 671. Pharma 672. Pharma is short for “pharmacy.” In cybersecurity, the expression refers to spam or websites that traffic in fake or illegal medication. These sites may also sell legal medication, but in violation of local laws. 673. Phishing 674. Phishing scams attempt to obtain your information by presenting themselves as legitimate websites, then asking for your password, credit card details, or other sensitive information. 675. For an in-depth look at phishing, see this page. 676. Phishing kit 677. A phishing kit is a set of materials and tools that allows scammers with little technical ability to create a convincing phish. Someone in need of a large-scale attack also uses a kit to deploy a phishing campaign at short notice. 678. Phreaking 679. Phreaking is the act of hacking into telecommunication systems, primarily to obtain free phone calls. 680. Platform 681. A platform is most commonly the software used to operate a PC, such as an operating system. 682. Point-of-sale (PoS) malware 683. Point-of-sale (PoS) malware usually targets payment terminals and card readers to compromise payment data and send it to criminals. 684. Polymorphism 685. In the context of malware terminology, polymorphism is the ability of code to change its identifiable features while maintaining its functionality. Because of this ability, polymorphic malware like Emotet are difficult to detect. 686. Portable device 687. A portable device is a device that can easily be carried around, such as a laptop, notebook, tablet, or phone. 688. Portable Executable (PE) file header 689. The Portable Executable (PE) file header contains the metadata about the executable file itself. At its bare minimum, it comprises of the following: a DOS stub, a signature, the architecture of the file’s code, a time stamp, a pointer, and various flags. 690. Power User 691. A power user is typically someone performing specific tasks or functions to a higher level than others, often with specialised equipment or tools to get the tasks done. 692. PowerShell 693. PowerShell is a configuration management framework that allows system administrators and power-users to perform administrative tasks via a command line. 694. Preinstalled software 695. Preinstalled software is software that typically comes pre-loaded on a new computer separate from the operating system. Most preinstalled software is not necessary for the proper functioning of the computer. In some cases, it may have the negative effect of impacting the computer’s performance by using memory, CPU, and hard drive resources. 696. Privilege escalation 697. An act or event that occurs when a threat actor or unauthorized user achieves full access to normally restricted resources on a computing device’s operating system (OS) it has gained access to. 698. Professional Service Automation (PSA) 699. A PSA is software that allows companies to manage their resources efficiently. It is used from start to finish of a project’s lifecycle, which usually begins from assigning people up to billing the client once the project is done. 700. Proof of concept 701. A proof of concept (PoC) is a demonstration that a certain idea or method works. In computer security this often means that hackers show that they have been able to make use of a security flaw in software or hardware. 702. Protector 703. In malware research, a protector is software intended to prevent tampering and reverse engineering of programs. The methods used can—and usually will—include both packing and encrypting. This combination, plus added features, makes what is usually referred to as a protector. Researchers are then faced with protective layers around the payload, making reverse engineering difficult. 704. A completely different approach, which also falls under the umbrella of protectors, is code virtualization, which uses a customized and different virtual instruction set every time you use it to protect your application. Of these protectors, there are professional versions that are used in the gaming industry against piracy. More information about this and related subjects can be found in our blog post, Explained: Packer, Crypter, and Protector 705. Proxy 706. A proxy is something which sits between your computer and whatever you may be connecting to, shielding your true identity from it. These are mostly used for increased anonymity. 707. Proxy server 708. A proxy server is something that sits between your device and the servers you’re making requests to. A benefit of this is shielding some of your information, such as your IP address. 709. Pseudocode 710. Pronounced as soo-doh-kohd. It is a detailed human-readable yet detailed description of what a computer program or algorithm is supposed to do. Pseudocode is often used in developing a program. It also provides programmers a template to follow in writing their code. 711. Related blog post(s): 712. Using ILSpy to analyze a small adware file 713. PUM 714. Stands for potentially unwanted modification. This is an alteration made to a computer’s registry (or other settings), which either damages the computer or changes its behaviour, without knowledge of the user. Such unwanted alterations can be done by legitimate software, malware, grayware, or PUP. 715. Punycode 716. Is a method of encoding that converts Unicode to ASCII. This is especially helpful when representing non-Latin or foreign characters that are used in Internet host names. 717. Related blog post(s): 718. Out of character: Homograph attacks explained 719. PUP 720. PUPs, or Potentially Unwanted Programs, are programs that may include advertising, toolbars, and pop-ups that are unrelated to the software you downloaded. PUPs often come bundled with other software that you installed. 722. Q 723. QR Code 724. A QR code is a 2-dimensional barcode. They are squares filled with black and white blocks invented to keep track of cars during manufacturing. 725. Quarantine 726. In computing terms, to quarantine is when a potentially malicious file is placed into a “safe” location by the onboard security software, so that it can do no harm while the user decides what to do with it. 728. R 729. RAM scraping 730. RAM scraping, or memory scraping, is the act of scanning the memory of digital devices, such as point-of-sale (PoS) systems, to retrieve sensitive personal and banking information. PoS malware can usually perform RAM scraping. 731. Random access memory (RAM) 732. A random access memory (RAM) is a computer hardware device where the OS, installed software applications, and data the user currently uses is stored so it would be easier for the processor to retrieve them. It is the main memory of a computer. 733. Ransomware 734. Ransomware is a form of malware that locks you out of your device and/or encrypts your files, then forces you to pay a ransom to get them back. 735. For an in-depth look at ransomware, see this page. 736. Ransomware-as-a-service 737. Is abbreviated as RaaS. This is a form of software-as-a-service (SaaS) catered by underground vendors to threat actors by providing them a ransomware platform tool. 738. See: Anything-as-a-Service 739. RAR 740. RAR files, like other archives, are essentially data containers where one or more files are stored in compressed form. WinRAR is the software typically used to compress these files. RAR files use the .rar extension. 741. Recon 742. Is short for reconnaissance, which (in the context of information security) describes an act of a threat actor using remote access tools (RAT) to gain access to a target system to assess items of value and map the network landscape. 743. Remediation 744. In computing, this is the process or method of correcting system changes, regardless of severity, on the affected system. Mitigation usually precedes remediation. 745. Remote access 746. Is controlling a computer system from another location. There are many programs that enable this method of working. Unfortunately, it is also a tool of choice for Tech Support Scammers. 747. Remote administration tool (RAT) 748. A software program that allows users to control another system as if they have physical access to it. 749. Remote code execution (RCE) attack 750. A remote code execution (RCE) attack happens when a threat actor illegally accesses and manipulates a computer or server without authorization from its owner. A system can be taken over using malware. 751. Remote desktop protocol (RDP) 752. Remote desktop protocol (RDP) is a network communications protocol that allows remote management of assets. Network administrators normally use RDP to diagnose problems on the endpoint. 753. Remote monitoring and management (RMM) 754. Remote monitoring and management (RMM) refers to the process of managing and controlling systems within a networking remotely via a specialized software, which is often referred to as RMM software. MSPs usually perform RMM for their clients. 755. Remote user 756. Is someone who operates or accesses a computing device from an off-site location. 757. Retrovirus 758. A retrovirus is also referred to as an anti-anti-virus virus. This means that it tries to attack and disable any anti-virus or protective software on the system it is trying to infect to avoid detection. 759. Revenge porn 760. Revenge porn is the distribution of sexually explicit material, such as images and videos, of someone without their consent whether they know such material existed or not. Usually, revenge porn is initiated by former intimate partners of the subject to humiliate them. 761. Other form(s): revenge pornograpy 762. Synonym: image-based sexual abuse 763. Riskware 764. Riskware, or “risky software,” describes legitimate software programs that contain loopholes or vulnerabilities that can be exploited by hackers for malicious purposes. 765. Robocall 766. A robocall is an automated phone call that delivers a recorded message. Normally, political parties, schools, and telemarketing companies use robocall. But scammers are known to abuse robocalls. For more information, see this blog post for a deep dive on robocalling. 767. Rootkit 768. Is software, generally classified as malware, that provides the attacker with administrator privileges on the infected system and actively hides. They also hide from other software on the system, often even from the operating system. 769. RunPE Technique 770. A common technique malware uses: running the original executable, suspending it, unmapping from the memory, mapping the payload on its place, and running it again. 772. S 773. Safe Mode 774. It’s a boot option that loads only the most basic drivers needed for Windows to run. There are different sets of drivers that can be loaded, depending on the kind of “Safe Mode” the user selects. For more information, see the article safe mode. 775. Sandbox solution 776. A type of solution wherein IT administers run a program in a controlled environment to determine whether it is safe to deploy within their network or not. 777. Scam 778. In cybersecurity, scams are attempts to obtain money or something else of value through dishonest means, mostly over the Internet, though sometimes with a phone call. 779. Screen scraper 780. A screen scraper is a form of malware capable of taking screenshots or gathering data from the visible desktop to send them back to its controller. 781. Screenlocker 782. A screenlocker can either be a legitimate program that locks a PC while users are away from the desk, or a piece of malware, which could be anything from a “prank” software to ransomware. The latter locks a desktop while encrypting files to blackmail a victim into paying a ransom. 783. Script kiddie 784. A script kiddie is a derogatory term given to hackers who may feel have no technical ability. Some wear the name as a badge of pride. 785. Search neutrality 786. Search neutrality is a concept asserting that the rules for net neutrality should be applied to search engines. 787. Secure Sockets Layer (SSL) 788. A Secure Sockets Layer (SSL) is an encryption protocol that secures connections between clients and servers over the internet. This protocol has been deprecated in 2015 and replaced by the Transport Layer Security (TLS) protocol. 789. Security information and event management (SIEM) 790. In computer security, security information and event management (SIEM) refers to software or a service that gives organizations the big picture of its information security. It is a hybrid of security information management (SIM) and security event management (SEM), allowing one to identify, analyze, alert, and take appropriate action on flagged issues. 791. Seed 792. In computer security related terminology a seed is one of the factors used to create (a series of) seemingly random numbers or strings. 793. SEO 794. Is short for search engine optimization. This is a set of marketing techniques aimed at raising the popularity of a website. The goal is to have your site high up in the search results when a user searches for certain relevant keywords. 795. Server 796. A server is a computer or computer program that manages access to a centralized resource or service in a network. 797. Server Message Block (SMB) 798. In the context of computer networking, a Server Message Block (SMB) is an internet standard communications protocol used for sharing folders, printers, serial ports, and other resources between a server and its client within a network. 799. Service-level agreement (SLA) 800. An SLA is an agreement between a service provider and its clients. This is usually legally binding. 801. Sextortion 802. Sextortion is a form of blackmail in which the victim is forced to perform sexual favors for the blackmailer. This is often done by threatening to make embarrassing pictures public that were obtained under false pretenses over the internet. 803. Shareware 804. Shareware is software that is used and distributed for free, which may or may not have limited features, up to a certain period of time. Once that period is exceeded, users may be required to pay for its continued use. 805. Shimming 806. Shimming is hailed as an upgraded version of skimming. Instead of stealing information from your debit or credit card’s magnetic strip, it steals from their EMV chip. For more information, see this blog post on the various types of ATM fraud and scams. 807. SIEM 808. Stands for Security information and event management. SIEM systems are designed to provide SOCs or other security managers with information about the entire system’s infrastructure to support detection and help with incident response and prevention. 809. Signature 810. In computer security, a signature is a specific pattern that allows cybersecurity technologies to recognize malicious threats, such as a byte sequence in network traffic or known malicious instruction sequences used by families of malware. 811. Signature-based detection, then, is a methodology used by many cybersecurity companies to detect malware that has already been discovered in the wild and cataloged as part of a database. 812. SIMjacking 813. SIMjacking is the method of assuming control of a target’s mobile number. Fraudsters do this in a number of ways. One way is porting the target’s phone number from one mobile service provider to another. 814. Other forms: SIM jacking, SIM-jacking 815. Synonyms: SIM splitting, SIM swapping, SIM swap scam, port-out scam 816. Skimming 817. Skimming is a type of fraud targeting automated teller machine (ATM) and point-of-sale (POS) terminals wherein a device (called a skimmer) or malware is used to steal information from your credit or debit card’s magnetic strip. For more information, see this blog post on ATM skimming. 818. Smart home 819. Also called smart house or building. This is an establishment that incorporates advanced automated systems that enable users to remotely control an array of electronic devices. For example, a user living in a smart home is capable of controlling appliances, room temperature, lighting, and the security system by issuing commands to a computing device. 820. SMS phishing (Smishing) 821. Smishing, short for SMS phishing, is a type of phishing on mobile devices. It is carried out via SMS text messaging. For more information, see our blog posts on how to detect phishing attempts and what is smishing. 822. SOC 823. Stands for Security Operations Center and is a centralized unit of personnel, processes and technology that guard the security and investigate security breaches for a bigger entity, usually a company or a network. A SOC does not necessarily have to be part of an organization, they can be hired externally. 824. Social engineering 825. Social engineering is the description of methods that attackers use to get the victims to breach security protocol or give up private information. There are many tactics that lead to this goal, and they rely on psychological manipulation, such as seducing the victims by playing to their greed, vanity, or their willingness to help someone. 826. Software delivery layer 827. Refers to a method for network administrators to push out and manage software on the systems they are responsible for. 828. Software vulnerability 829. Refers to a weakness or flaw in software, which leaves it open to be exploited by threat actors. 830. Spam 831. Spam is an undesired communication, often an email or call, that gets sent out in bulk. Spam wastes time and resources, so many communication tools have built-in ways of minimizing it. 832. For an in-depth look at spam, see this page. 833. Spambot 834. A program designed to build mailing lists to send unsolicited emails to by harvesting email addresses from websites, newsgroups, and even chat room conversations. 835. Spear phishing 836. Spear phishing is a method of deceiving users via online messages, usually email, into giving up important data. Such attacks are targeted at a particular user or group of users (e.g. employees of one company). The intended victim(s) will be asked to fill out forms or lured into installing data-gathering malware on their system. 837. Spyware 838. Spyware is a type of malware that gathers information on a device and sends it to a third-party actor or organization that wouldn’t normally have access. In the past, this term was also used for adware and cookies. 839. For an in-depth look at spyware, see this page. 840. SQL injection 841. An SQL injection is a type of injection attack wherein a threat actor introduces a malicious SQL code into a MySQL database as a way to circumvent web application security measures to reveal sensitive information, destroy it, or tamper with it. This is usually done on vulnerable sites that accept user entries, such as a search box. 842. For an in-depth look at SQL injection, see this page. 843. SSL certificate 844. An SSL certificate is installed to a web server, providing the means to make payments and send communications securely without fear of eavesdropping. 845. Stalkerware 846. Stalkerware is a general term used to describe software applications that are specifically designed to track individuals while hiding from view. Many stalkerware applications market themselves as parental monitoring tools, but they can be and often are used to stalk and spy on a person. 847. The most common users of stalkerware are domestic violence abusers, who load these programs onto their partner’s computer or mobile device without their knowledge. 848. Synonyms: spyware, commercial surveillance software, commercial spyware, spouseware 849. Steganography 850. Is the science of hiding information. In cyber-security this usually comes down to hiding the malicious information behind seemingly harmless messages. Consider for example malvertising where the code is hidden in images. Or malware where the threat actors used Twitter as their C&C infrastructure. 851. Supply-chain attack 852. A type of attack that targets the weakest or most vulnerable element in a business’s or organization’s supply chain network. There are several ways this can be done: one, cybercriminals can continuously attack the system through hacking; another is by embedding malware into a manufacturer’s software. However this is done, the purpose of a supply chain attack is to gain access to sensitive data repositories and damage the company. 853. Related blog post(s): 854. Stuxnet: new light through old windows 855. Revealed: POS malware used in Target attack 856. Petya-esque ransomware is spreading across the world 857. Infected CCleaner downloads from official servers 858. Suspicious activity 859. In our Malwarebytes product, “possible suspicious activity” encompasses a variety of behaviors that are commonly attributed to technical support scams, cryptojacking, browser hijacking, and other types of harmful or potentially unwanted programs (PUPs). 860. Symbian malware 861. Symbian malware targets mobile devices running Symbian, a smartphone OS that is discontinued. Some of the well-known malware affected this mobile OS are Cabir (a worm), Drever, and Locknut (both Trojans). 862. System on a Chip (SoC) 863. A system on a chip (SoC) is a piece of technology built to integrate all components of a computer or electronic device. It’s essentially a functional computer miniaturized to the size of a silicon chip. SoCs are commonly used in small electronic devices, such as a smartphone, tablet, smart watch, and others. 864. Other forms: System on chip 865. System optimizer 866. This type of software combines some or all of the below functionalities: 867. Registry cleaner 868. Driver Updater 869. Temp file cleaner 870. Disk optimizer (disk defragmenter) 871. Report system errors 872. Since all these functionalities are offered by free tools built into the Windows operating system, many system optimizers are considered Potentially Unwanted Programs (PUPs), especially if they exaggerate the seriousness of possible improvements that can be made on user system. 874. T 875. Targeted attack 876. Refers to an attack aimed at a certain person or group of people. The attackers can be an organization or people that work in a certain field. 877. The United States Computer Emergency Readiness Team (US-CERT) 878. The US Computer Emergency Readiness Team (US-CERT) is a branch of the Office of Cybersecurity and Communications’ (CS&C) National Cybersecurity and Communications Integration Center (NCCIC). It was created to protect the country’s internet infrastructure, improve the US’s cybersecurity posture, coordinate information sharing, and reduce the risk of cyber threats proactively. US-CERT also educates consumers and businesses about data security, and assist security organizations in terms of threat detection and management among others. 879. Third party 880. Is a term used to describe an entity that is involved in a deal, but not directly as one of the entities that close the deal. In privacy policies, the term is often used to avoid being blamed, as the publisher, for something any third party might do to the user. For example, additional software that is included in a bundler, will usually be referred to as “third-party software”. 881. Threat actor 882. In cybersecurity, a threat actor is a group or person behind a malicious incident. As it is sometimes unclear whether an attack was done by one person or whether there is a group or organization involved, we use this as a general term to describe the responsible entity. 883. Threat modeling 884. Threat modeling is the process of identifying vulnerabilities and potential security threats, weighing their seriousness, and then prioritizing which weaknesses to address or mitigate. 885. TLD 886. Is short for Top Level Domain. This is the right hand part of a domain name. Examples are .com, .gov, and . info. In the hierarchical structure of the DNS system these are at the highest level, hence the name. A complete list of valid TLDs can be found at the ICANN.org site. 887. Token 888. In information security, a token is a small hardware device that, together with what a user knows—such as a PIN—gives him/her authorized access to a computing system or network. A smart card and a key fob are examples of security tokens. 889. Tor 890. Tor is the acronym for the software project called “The Onion Router”. This is created to promote privacy and anonymity online by stopping people learning and collecting user data on their locations and browsing habits. 891. Torrent 892. A torrent refers to a torrent descriptor file used by BitTorrent clients when sending and receiving files, which are usually large, over the internet. It uses the .torrent extension. 893. Trackware 894. Trackware is a type of program used to gather system information and/or user activity from computing devices, and then send the information to third-party entity. 895. Transport Layer Security (TLS) 896. Transport Layer Security (TLS) is an encryption protocol that authenticates the communication of two computing applications. It also ensures that the channel is private and the data exchanged is uncorrupted and can only be viewed by authorized parties. 897. TLS is the successor of Secure Sockets Layer (SSL). 898. Trojan 899. Trojans are programs that claim to perform one function but actually do another, typically malicious. Trojans can take the form of attachments, downloads, and fake videos/programs and, once active on a system, may do a number of things, including stealing sensitive data or taking control of the device. 900. For an in-depth look at Trojans, see this page. 901. Trolling 902. Trolling is the act of deliberately causing quarrels, annoyance, disagreements, and flame wars by posting controversial, insulting, derogatory, and even off-topic comments online. For more information, see this blog post on trolling-as-a-service. 903. Troubleshooting 904. Is a systematical approach to finding the cause of a malfunction or other problem. With computers this usually starts with studying logs, some of which may have been created specifically for the problem at hand, others may be error logs or even memory dumps. 905. Typosquatting 906. Typosquatting is the practice of deliberately registering a domain name which is similar to an existing popular name, in the hope of getting traffic by people who mis-type the URL of the popular domain. For more information, see the article typosquatting. 908. U 909. Ubiquitous computing (ubicomp) 910. Ubiquitous computing (ubicomp) is the technological trend of adding computational capability into everyday electronic devices by embedding a microprocessor. This allow them to communicate effectively and perform tasks that lessens the user’s need to interact with computers as computers. Examples of ubiquitous computing are laptops, tablets, smartphones, and wearable devices. 911. Synonym(s): pervasive computing, everyware, ambient intelligence 912. Ubuntu 913. Pronounced as oo-boon-too. It is a Linux distro that is based on the Debian architecture. It was designed for use on personal computers; however, it can be used on network servers as well. In fact, it is the most used OS in hosted environments, i.e., the cloud, and it’s also arguably the most famous distro. 914. Unicode 915. Unicode is a global standard for character encoding. It provides a unique number to every character in existence, which comprises of scripts and symbols. As such, it simplifies the localization of software and supports multilingual text processing. 916. The Unicode Consortium maintains, develops, and promotes the use of the Unicode standard. 917. External link(s): 918. The Unicode Standard 919. Unicode Transformation Format (UTF) 920. A Unicode Transformation Format (UTF) is also known as the Universal Transformation Format. UTF is one of the two encodings used in Unicode. It maps the Unicode code ranges into sequences of code units. 921. Universal Authentication 922. Universal authentication is the method or process of allowing a user access to secure sites without having to verify his/her identity more than once. This may involve the use of software or a dedicated device. As of this writing, there is no standard for universal authentication. 923. Synonym: Single sign-on (SSO) 924. Universal serial bus (USB) 925. The USB is an industry standard establishing a common way for connections between devices and peripherals. 926. UNIX 927. UNIX is a modular operating system developed in the 1970s, leading to widespread academic and commercial use over time. 928. Urban legend 929. In computing, urban legends are typically viral scare stories warning of a particular hacker’s skill, or how something bad will happen on a social network by a precise date unless people perform some tasks. 930. URL 931. Stands for Uniform Resource Locator and is a method to find resources located on the World Wide Web. A URL consists of (at least) a protocol (i.e. HTTP) and either a domain or an IP address. They can also include a path on the server to point to a particular file or site. 932. USB attack 933. Refers to an attack where threat actors use a USB drive to spread malware. In a targeted attack, infected USB drives are deliberately dropped in public locations, such as parking lots, to entice victims to picking it up and opening it using their computers. 934. USB boot 935. A USB boot is booting up a computer using an OS or recovery program located on a USB stick as opposed to the computer’s hard drive. 936. Usenet 937. Usenet is a method of online communication first established in 1980, superficially resembling modern day internet forums. 938. User interface 939. In information technology, a UI is the visual part of an operating system or software that allows users to interact with a computing system, an application, or a website via input devices. There are three (3) known types of UI: command language, menu, and graphical user interface (GUI). 941. V 942. Vaporware 943. In computer slang, it is a non-existent hardware or software that is publicly announced and actively promoted. 944. A vaporware announcement may be a marketing strategy to gauge user interests in a particular product. 945. Variant 946. Often refers to closely related malware strains or types of malware that are in the same family. Usually, it is a version of an existing malware family with modifications. 947. Virtual machine 948. A software computer or application environment that runs on another computer or OS. User experience with virtual machines is the same as they would have on dedicated hardware. 949. Virtual memory 950. Is a memory management technique in use by the Windows operating system to enlarge the address space. It uses a part of the hard drive to store pages and copy them into the RAM memory when they are needed. This method is slower then using RAM only, but it enables the user to run programs even if his RAM memory is already all in use. 951. Virtual private network (VPN) 952. A virtual private network is a virtual extension of a private network over the internet. It is often used to allow employees that are not in the physical office to connect to resources on the intranet as if they were in the office. But there are also commercial VPNs that can be used to anonymize your internet traffic. You can find more information about those in our blog post, One VPN To Rule Them All! 953. Virtual reality (VR) 954. VR is a computer-generated simulation of an environment, using images, sounds, and sometimes other sensations to give users the illusion that they are in that environment and can interact with the objects in that environment. 955. Virus 956. A virus is malware attached to another program (such as a document) which can replicate and spread after an initial execution on a target system where human interaction is required. Many viruses are harmful and can destroy data, slow down system resources, and log keystrokes. 957. Virus hoax 958. A false message warning users of having a computer virus. It comes in many forms, some are emails and some are pop-up windows. 959. Vishing 960. Short for voice phishing. It is a phishing tactic that uses voice, either via VoIP or phone, to steal information from call recipients. 961. See also: 962. Something’s phishy: How to detect phishing attempts 963. Visual spoofing 964. Is a type of threat vector where the similarities of characters and letters from different languages are used (deliberately or accidentally) to confuse and/or trick users. According to Chris Weber, a cybersecurity expert, there are several possible scenarios where visual spoofing can be used to give threat actors the advantage: 965. Domain name spoofing 966. Fraudulent vanity URLs 967. User interface and dialog spoofing 968. Malvertising 969. Internationalized email forging 970. Profanity filter bypassing 971. Related blog post(s): 972. Out of character: Homograph attacks explained 973. VLAN 974. Is short for Virtual Local Access Network. It describes a network of systems that are simulating to be on the same network. They are bound at OSI Layer 2 (the datalink layer) which means they can communicate as if connected by wire while they can in fact be on different LAN‘s and be physically far apart. VLAN’s are often used to divide LANs into subsets that are allowed to share certain information and devices. Or to create a group of systems around the world that belong to a certain group in the same organization. 975. VLAN 976. Short for Virtual Local Area Network (LAN). 977. It’s a group of devices on different physical LANs that are configured to communicate with each other as if they are connected to the same wire. If set up right, a VLAN can significantly improve the overall performance of a network. 978. VM-aware 979. A capability of malware to detect and identify that the environment it resides on is a virtual machine (VM). Some methods of determining a VM are simple while others are not. Once the malware is aware that it’s on a VM, it usually ceases functioning as its supposed to. 980. Related blog post(s): 981. A look at malware with virtual machine detection 982. Voice authentication 983. Sometimes called voice ID. It is a type of biometric verification wherein a user’s voiceprint is applied to confirm his or her identity. This relies on the fact that vocal characteristics are as unique as fingerprints and iris patterns of each individual. 984. Voice over Internet Protocol (VoIP) 985. VoIP, short for Voice over Internet Protocol, is a technology that allows users to make voice calls over an Internet broadband connection instead of an analog connection. VoIP is a phone service over the Internet. 986. Voice phishing (vishing) 987. Vishing, short for voice phishing, is a type of phishing on mobile devices. It is carried out over-the-phone (e.g. landline, VoIP, smartphone). For more information, see this blog post on how to generally detect phishing attempts. 989. W 990. Walled garden 991. This term is used in a lot of ways in computing and technology. Generally, this is an environment that limits user access to certain content and services. 992. WAP 993. Stands for Wireless Application Protocol. This is a standardized set of communication protocols that allows wireless devices (usually mobile devices, two-way radios, smartphones, and pagers) to securely access the Internet. WAP supports most wireless networks and is supported by all operating systems. 994. Warez 995. Is an internet slang that means software that has been illegally copied and made available to users. 996. This shouldn’t be confused with shareware or freeware. 997. Warm boot 998. In computing, this is also called a soft boot. It restore the system to its initial state without shutting it down completely. It is often used when applications are hanging or frozen, or after installing software. In Windows ,for example, this can be achieved by choosing “Restart” in the shutdown menu. Also see cold boot. 999. Warm standby 1000. It is a redundancy method involving two systems running simultaneously: the primary system at the foreground and a secondary or backup system at the background. 1001. WASP 1002. Short for wireless application service provider. These are services similar to regular application service providers (ASP) but are accessible via wireless devices, such as smartphones and personal digital assistants (PDAs). 1003. Wayback Machine 1004. This is a website that allows Internet users to see what certain websites look like at some point in the past. These sites are archived and are currently inaccessible outside the Wayback Machine. 1005. The Wayback Machine is created by the Internet Archive. 1006. Wearable computer 1007. Also known as body-borne computers or wearables. An electronic computing device that can either be strapped on or carried around on (like being incorporated in clothing and personal accessories) a user’s body. This is also capable of storing, processing, and transmitting data. 1008. Wearable device 1009. See: Wearable computer 1010. Web 1011. Pertains to the World Wide Web (W3). Although many define the Web as “the internet”, they are not synonymous. The Web is a way of accessing information that is on the internet. It’s an information-sharing model. The internet, on the other hand, is a massive global network infrastructure comprising of millions of computers. 1012. Web application security 1013. This deals with the security of websites, Web applications, and Web services. It aims to address and/or fulfill the four principles of security, which are confidentiality, integrity, availability, and nonrepudiation. 1014. Web inject 1015. A web inject is HTML or JavaScript code injected into affected Web page before the page renders on the user’s browser. 1016. Other form(s): Webinject 1017. Web scraping 1018. Also known as screen scraping, Web data extraction, and Web harvesting among others. This is an automated technique used in extracting large amounts of data from websites to be saved locally in a computer as a file or a database (in spreadsheet format). Web scraping is usually done with the aid of software. 1019. Web skimmer 1020. A web skimmer is usually a piece of malicious JavaScript (JS) code embedded in web payment pages to perform skimming. Such malware arrives on target pages via a compromised third-party script service. Web skimmers were designed to retrieve customer payment information. 1021. Magecart is a group known to use web skimmers. For more information, see this blog post on how you can protect yourself from Magecart and other e-commerce attacks. 1022. Synonym(s): digital skimmer 1023. Web-enabled 1024. A product or service is called “Web-enabled” if it can be used in conjunction with or through the World Wide Web. 1025. This was once a famous buzzword; nowadays, it’s rare to find products or services that don’t use the Web. 1026. Website defacement 1027. Website defacements happen when a hacker compromises a site to promote a message, cause general annoyance, boost search rankings, and also potentially load a webpage with malware or spyware. 1028. Website spoofing 1029. Website spoofing happens when an attacker creates an imitation website designed to look like the real thing. Threat actors may use real company logos, design, and URLs similar to the target website to enhance the spoof and make it more convincing. 1030. Wetware 1031. A slang term pertaining to the human element of an IT architecture. An IT system is comprised of hardware (or the physical computers), software (or the applications installed on the computers), and wetware (or the people using and maintaining the computers). 1032. Whack-a-mole 1033. In IT, this is a term used to describe a situation where a problem keeps recurring after it is supposedly fixed. The term was inspired by the arcade game, Whac-A-Mole. 1034. An example of a whack-a-mole situation is when one cleans a malware-ridden computer only to find it re-infected again. 1035. Whaling 1036. Also known as whale phishing. It’s a type of fraud or phishing scheme that targets high-profile end-users, usually C-level businessmen, politicians, and celebrities. Fraudsters behind whaling campaigns aim to trick targets into giving out their personal information and/or business credentials. Whaling is usually done through social engineering efforts. 1037. White hat hacker 1038. A term most commonly used within the computer security circle to describe a type hacker who uses their knowledge and skills to help improve the security of a product and/or service by identifying their weak points before threat actors take advantage of them. 1039. White screen of death (WSoD) 1040. This is an error in the OS, particularly Mac OS and Linux, causing it to display a white screen. A WSoD also happens when an application, such as a Web page, locks up or freezes. 1041. Sometimes, a WSoD also happens on Windows. 1042. Synonym: White death 1043. White space padding 1044. White space padding is an old trick where multiple white spaces are inserted into a filename to hide the real extension from the victim, who would otherwise have seen, for example, .exe at the end. Spammers have applied this trick to naming malicious attachments to allay suspicions from careful email users. 1045. Whitelist 1046. In computing, it is a list of resources and destinations that we decided to trust. Application whitelisting is a method that allows only specific software and applications to run in order to maintain security. This is more restrictive than blacklisting processes, which has pros and cons. Whitelisting is more secure yet time-consuming to manage. 1047. WHOIS 1048. Pronounced “who is”. This is not an abbreviation; however, it stands for “Who is responsible for this domain name?” 1049. It’s an internet service used to look up information about domain names. 1050. Wi-Fi 1051. Is a trademarked phrase for connections compliant with the IEEE 802.11 standard. This is a wireless technology used to provide internet and other WLAN connections. Wi-Fi-certified products are interoperable with each other. The IEEE 802.11 is often combined with a letter to indicate the radio frequency band the products use. 1052. Wide Area Network (WAN) 1053. A Wide Area Network (WAN) is a private telecommunications network that interconnects multiple LANs and MANs. It covers a wide geographical area. A router is typically used to connect a LAN to a WAN. 1054. Windows Sockets API (Winsock) 1055. The Windows Sockets API—shortened to Winsock—is a standard that specifies how Windows networking software should deal with TCP/IP traffic. One of the features of Winsock 2 is the LSP. For more information, see this blog post that contains information about LSP hijacking. 1056. Wireless 1057. Is the name for any means of transferring information or power over a distance without the need of an electrical conductor (wire). 1058. Wiretap Trojan 1059. A program capable of secretly recording VoIP calls and IM conversations. This malware usually comes with a backdoor, which allows a threat actor to retrieve the recordings. 1060. WLAN 1061. Stands for Wireless Local Area Network. This is also referred to as LAWN or Local Area Wireless Network. 1062. This is a type of network connection that uses high-frequency radio waves rather than wires to communicate. As it’s wireless, users connected to a WLAN are free to move around provided they stay within the coverage area. 1063. Also see Wi-Fi. 1064. Worm 1065. Worms are a type of malware similar to viruses, but they do not need to be attached to another program in order to spread. 1066. WoT 1067. Stands for the Web of Things. This is considered as a subset of IoT that focuses on software standards and frameworks. One can think of them as everyday objects capable of communicating with Web services. 1068. WPA 1069. Is short for Wi-Fi Protected Access. WPA and WPA2 are security protocols designed for the secure access of Wi-Fi. WPA was intended as an easy upgrade from WEP, but that turned out to be less straightforward than expected. Later WPA2 replaced WPA and supports CCMP, an encryption mode with strong security. 1070. See also WPA2 and WPA-PSK. 1071. WPA-PSK 1072. Short for Wi-Fi Protected Access Pre-Shared Key. Also known as WPA Personal. This is a security method that uses Pre-Shared Key (PSK) authentication, which is designed for homes, to validate users over a wireless internet. WPA-PSK is a variation of the WPA protocol. 1073. See also WPA2. 1074. WPA2 1075. Short for Wi-Fi Protected Access II or Wi-Fi Protected Access 2. This is a security standard for computers connected to the internet over a wireless network. Its purpose is to achieve complete compliance with the IEEE802, an IEEE standard for LANs and MANs. 1076. WPA2 generally doesn’t work with old network cards. 1077. See also WPA and WPA-PSK. 1078. WPAN 1079. Stands for Wireless Personal Area Network. This is a network for various interconnected devices within the circumference of an individual’s workspace. The connection among these devices is usually wireless, and the area of coverage is no greater than 10 meters. An example of a WPAN technology that permits this short-range communication is Bluetooth. 1080. See also WPA2. 1081. Write protection 1082. The ability of a physical, hardware device or software to prevent old information from being overwritten and new data from being written. 1083. Write protection features are normally found in computers and devices that can carry or store information. 1084. WYSIWYG 1085. WYSIWYG, pronounced “wiz-ee-wig”, stands for What You See Is What You Get. In computing, it refers to an editor or tool that allows the developer to see the changes they make on what they’re creating in real time. 1087. X 1088. XaaS 1089. XaaS is the abbreviated form of Anything-as-a-Service. XaaS is a catch-all term referring to all available services provided online instead of locally or on-premise. 1090. Synonym: Everything-as-a-Service, Cloud computing 1092. Y 1093. Y2K 1094. Stands for “year 2000”. This abbreviation is well known today because of the term “the Y2K problem” or “the millennium bug”. The Y2K problem stemmed from fears of computer programs that store year values as two-digits figures—”97″ to mean the year 1997, for example—would cause problems as the year 2000 rolls in. 1096. Z 1097. Zbot 1098. Zbot is a known family of Trojans capable of stealing user information, such as banking credentials, using man-in-the-browser (MiTB) keystroke logging and form grabbing. For more information, see this blog post on the analysis of a Zbot variant. 1099. Synonym: Zeus/ZeuS 1100. Zero Administration for Windows 1101. Abbreviated as ZAW. This refers to an initiative led by Microsoft that allows administrators to install, update, and manage Windows from a central server to LAN-connected machines. Microsoft has aimed to decrease the amount of time it takes for administrators to perform these tasks and to reduce the cost of maintaining PCs in large corporations. 1102. Zero-day 1103. A zero-day vulnerability is an exploitable vulnerability in software that has not been disclosed yet. Zero days sarcastically stands for the time the software creator has then left to patch the vulnerability. More information can be found in our blog post, What is a Zero-Day? 1104. Zero-trust 1105. Zero-trust is a security model wherein no one inside or outside a network is trusted by default, thus requiring users to verify themselves when they want to use a network’s resource. 1106. Zombie 1107. Is the description for systems that have been infected by a Trojan that added the system to a botnet. The term is used because the system is taken out of control of its owner, and now obeys the botherder like a zombie. You can read more about these botnets in our blog post, The Facts about Botnets. 1108. Zombie network 1109. See botnet. 1110. Zombie process 1111. Also known as defunct process. It’s what you call a process in its terminated state. 1112. In programs with parent-child functions, a child usually sends an exit status message to its parent after executing. Unless the parent receives and acknowledges this message, the child is in a ‘zombie’ state. This means that it has executed but hasn’t exited. 1113. Zoombombing 1114. Also known as Zoom squatting, occurs when an unauthorized user joins a Zoom conference, either by guessing the Zoom meeting ID number, reusing a Zoom meeting ID from a previous meeting, or using a Zoom ID received from someone else. In the latter case, the Zoom meeting ID may have been shared with the Zoombomber by someone who was invited to the meeting or circulated among Zoombombers online. 1115. Contributors 1116. Threat Center 1117. Glossary 1118. Scams 1119. Write for Labs 1120. Cybersecurity info you can't do without 1121. Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats. 1123. 1125. Imagine a world without malware. We do. 1126. FOR PERSONAL 1127. FOR BUSINESS 1128. COMPANY 1129. ABOUT US