Ad supported software, often called adware, is used when referencing any type of software that downloads or displays unwanted advertisement on a computer while the software is being used. Adware is often bundled in with software the computer owner wants. Adware can also be spyware; a type of malware that is considered to be privacy invasive.
Antivirus (or anti-virus) software is used to safeguard a computer from malware, including viruses, computer worms, and trojans. Antivirus software may also remove or prevent spyware and adware, along with other forms of malicious software.
Arbitrary Code Execution
Through arbitrary code execution, a cybercriminal may acquire control of a target through some sort of vulnerability, thereby gaining the power to execute commands at will.
A backdoor refers to a method in which a hacker can bypass normal authentication on a computer to gain remote access without the knowledge of the user. A backdoor is a general term that may refer to installed software or a modification to an existing program or hardware.
Black Hat Hacker
An individual with extensive computer knowledge whose purpose is to breach or bypass internet security. The general view is that, while hackers build things, crackers break things. Also known as a Cracker.
Black Hat SEO
Black hat search engine optimization refers to a backhanded method of garnering a higher ranking in search engines. The practice is understandably frowned upon by search engines, and the perpetrating sites are punished accordingly. Common techniques include spamdexing, hidden text, and cloaking.
Bots, or robots, serve a command computer, carrying out automated functions at their master’s bidding. Common bot crimes include denial-of-service, extortion, identity theft, spam, and fraud. Multiple infected computers together form a botnet, with each individual computer also termed a zombie.
A cache is a repository for stored data. It expedites the process of retrieving data.
Cloud computing is a general term for services over the internet that is better divided into three categories: Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. IaaS (or utility computing) follows a traditional utilities model, providing servers and storage on demand with the consumer paying accordingly. PaaS allows for the construction of applications within a provider’s framework, like Google’s App Engine. SaaS enables customers to use an application on demand via a browser.
A computer virus is a computer program that spreads malicious code. Although some viruses are latent, others can corrupt data or impede system performance. The term is specific, distinguished by how viruses are distributed (through downloads, email attachments, or removable media such as CDs, DVDs, or USB drives), but is often used as a catchall, much like the word “malware.”
Cookies are text retained on computers by browsers containing information filled into websites. A cookie may be used to remember a username, for example, so that the name will autofill on the user’s next visit. Cookies may be disabled, or cookie options customized, due to privacy concerns.
An individual with extensive computer knowledge whose purpose is to breach or bypass internet security. The general view is that, while hackers build things, crackers break things. Also known as a Black Hat Hacker.
Cyberterrorism In the most extreme sense of the term, cyberterrorism encompasses a computer-based act (a threat or an attack) perpetrated with the express intent of inspiring fear and performed in the name of some sort of ideology.
Denial of Service (DoS) Attack
A denial-of-service (DoS) attack involves an attempt to disrupt the normal functioning of a website or web service. In a typical DoS attack, the attacker will overload a site’s server with requests for access far above the capacity of the site, meaning that legitimate requests cannot be processed.
Domain Name System (DNS)
The Domain Name System (DNS) allows users to type easy-to-remember domain names into a browser while the computer interprets the name as a series of numbers, the IP (Internet Protocol) address. Each address is unique, enabling users to access the same result from any computer, anywhere, without conflict.
Drive-by downloads are downloads of software, adware, or malware that is either authorized by the user without understanding the consequences or downloaded without the knowledge of the user. This can occur by visiting nefarious websites, clicking on links in email, or clicking on a popup ad.
An exploit is the use of software, data, or commands to “exploit” a weakness in a computer system or program to carry out some form of malicious intent, such as a denial-of-service attack. Patches are intended to remedy these vulnerabilities as soon as they are revealed.
Fast Flux Botnets
Botnets employ fast flux techniques to obfuscate the specific host involved in their phishing schemes. A fast-flux domain name service enables bots to utilize a shifting number of compromised hosts.
Firewalls are configured (in hardware, software, or both) with specific criteria to block or prevent unauthorized access to a network.
The term “hacker” generally refers to any person who enjoys understanding, modifying, and exploring programmable systems, particularly computers and computer systems. “Hacker” has been used to describe individuals who bypass security measures for malicious purposes or criminal activity; however, most people within the hacker community refer to these individuals as “Crackers.”
Hacktivism is a term that combines the terms “hacker” and “activism” and generally means the use of technical tools, including denial of service attacks, virtual sit-ins, web page defacement or redirects, to showcase a political message through either illegal or legally ambiguous methods.
Heap spraying refers to the attempt to insert code into a predetermined location. This technique is often behind the exploits of vulnerable browsers.
Heuristics refers to an experimental method of problem solving. The rapid production of malware necessitates such a quick-fix approach to solutions.
“In the Wild”
A virus is said to be “in the wild” if it is spreading uncontained among infected computers in the general public. A virus being studied in a controlled environment for research purposes would not be considered “in the wild.”
A keylogger, also known as keystroke logging or keylogging, is a method of tracking the strokes on a keyboard without the knowledge of the user. This information is collected and used to access private accounts or collect personal information. Keyloggers can come in the form of software, hardware, or external monitoring such as acoustic analysis.
A macro virus is a computer virus written in the same macro language used for software applications like word processors. Its effect is to release a chain of events in conjunction with the application. Microsoft Word is an example of an application susceptible to macro viruses; this explains why it is a bad idea to open suspicious or unknown attachments even if they may appear legitimate.
Malware is an abbreviated term meaning “malicious software.” This is software that is specifically designed to gain access or damage a computer without the knowledge of the owner. There are various types of malware including spyware, keyloggers, true viruses, worms, or any type of malicious code that infiltrates a computer. Generally, software is considered malware based on the intent of the creator rather than its actual features.
Patch Tuesday refers to the second Tuesday of each month when Microsoft releases security fixes and patches developed and discovered over the previous month. Windows systems from Windows 98 on have included automatic checks for patches to avoid any concerns.
Pharming refers to an attempt by a hacker to redirect a website’s traffic to another site, developed for the purpose of stealing information from users. Hackers can exploit vulnerabilities in either the host files on a personal computer or on the domain name system (DNS) server software. DNS servers work to direct information on the internet, similar to a road map for traffic. Compromised DNS servers are referred to as “poisoned.”
Phishing refers to an attempt by a hacker to obtain confidential information about a user through fraudulent means; specifically by pretending to be a legitimate communication from a credible source. In a typical phishing scheme, a spam email will direct a reader to an external website, often with a masked URL. When the user inputs his or her information, it falls into the hands of the cybercriminal.
Ransomware is a category of malware that demands some form of compensation, a ransom, in return for data or functionality held hostage. For instance, ransomware might change Proxy settings in a browser to limit web use, making it difficult to find a solution to remove a computer virus.
Rogue Security Software
Rogue security software, or “scareware,” masquerades as genuine security software, while in actuality reporting incorrect results of fake malware scans. Most people are tricked into installing rogue security software when a pop-up window appears on their screen informing them that their computer may be infected, or as a result of SEO poisoning.
A rootkit is a type of software designed to hide the fact that an operating system has been compromised, sometimes by replacing vital executables. Rootkits allow viruses and malware to “hide in plain sight” by disguising as necessary files that your antivirus software will overlook. Rootkits themselves are not harmful; they are simply used to hide malware, bots and worms.
A script kiddie is often, but not always, a juvenile hacker; an attacker who uses scripts or programs developed by more sophisticated cybercriminals. Oftentimes the underlying motivation for a script kiddie’s attack is simply to garner the attention of peers.
Search Engine Poisoning
Search engine poisoning exploits the use of search engines to spread malware and viruses. This practice is becoming more prominent as a means of stealing credit card information. Generally, hackers will employ black hat SEO methods to gain higher search rankings for particular terms that launch rogue antivirus software upon clicking, followed by collecting credit card information.
A security hole, also generally referred to as a computer vulnerability, is a a flaw or susceptibility in a system that can be exploited. If discovered, security holes are gateways for hackers to install malicious software and possibly initiate a zero day attack if not discovered and patched by the vendor.
Social engineering involves deceiving victims into unwittingly disclosing confidential information or pursuing a fraudulent action. Phishing is a prime example.
Spear-phishing defines a more specialized phishing scheme (an attempt by a hacker to obtain confidential information about a user through fraudulent means) targeting a specific employee in order to gain access to a company’s information.
Spyware is a type of malware that is installed on a computer without the knowledge of the owner to collect private information. Spyware is often hidden from the user in order to gather information about internet interaction, keystrokes (also known as keylogging), passwords, and other valuable information.
A trojan horse, often shortened to trojan, is a type of malware designed to provide unauthorized access to a user’s computer. Trojans, unlike worms, are non-self-replicating, meaning they do not harm the computer, rather just provide a gateway for a remote hacker to access a computer to perform various actions based on the design of the trojan and the privileges of the user.
A white paper is a persuasive, educational document that informs readers of the best manner in which to solve a problem also described in the text. Other content might include the introduction of new information or may be instructional in nature, and could be accompanied by graphs or charts.
A computer worm, unlike a trojan, is a self-replicating computer virus that penetrates an operating system with the intent of spreading malicious code. Worms utilize networks to send copies of the original code to other computers, causing harm by consuming bandwidth or possibly deleting files or sending documents via email. Worms can also install backdoors on computers.
Zero Day Attack
A zero day attack refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and races to fix it. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information.