Advanced Persistent Threat (APT)

A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period.

Adware

Software designed to display advertisements on your computer, often bundled with free software.

Antivirus Software

Programs designed to detect, prevent, and remove malware from a computer system.

Application Allowlisting

A security measure that allows only pre-approved software to run on a system, blocking all others to prevent unauthorized or harmful applications.

Black Hat Hackers

Individuals who infiltrate systems with malicious intent, such as stealing data or causing disruption.

Blue Hat Hackers

Security professionals hired to test systems for vulnerabilities before they are launched. Sometimes, they may also retaliate against perceived wrongdoers without considering the consequences.

Blue Team

A group of security experts responsible for defending an organization's systems and networks from attacks by identifying vulnerabilities, implementing security controls, and responding to incidents.

Botnet

A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.

Brute Force Attack

A trial-and-error method used to decode encrypted data such as passwords or PINs by systematically trying all possible combinations.

Certificate Authority (CA)

An entity that issues digital certificates for use by other parties, providing proof of the certificate's validity.

Cryptography

The practice and study of techniques for securing communication and data in the presence of adversaries.

Cyber Reconnaissance

The process of gathering information about potential targets, vulnerabilities, and attack vectors, often as a precursor to a cyberattack.

DDoS (Distributed Denial of Service)

An attack where multiple compromised systems are used to target a single system, causing a denial of service.

DFIR (Digital Forensics and Incident Response)

A field combining digital forensics and incident response to manage and investigate cybersecurity incidents. It involves collecting and analyzing data to determine the root cause of an incident and responding to mitigate damage.

DNS Hijacking

An attack where the attacker takes control of the victim's DNS settings, redirecting traffic to malicious websites or intercepting data.

Data Breach

An incident where information is stolen or taken from a system without the knowledge or authorization of the system's owner.

DevSecOps

An approach to software development that integrates security practices into every phase of the development lifecycle, ensuring that security is a shared responsibility.

Double Extortion

A type of ransomware attack where attackers not only encrypt the victim's data but also steal it and threaten to release it unless a ransom is paid.

EDR (Endpoint Detection and Response)

A cybersecurity approach that focuses on detecting and investigating security incidents on endpoints such as desktops, laptops, and servers by analyzing data, network traffic, and user behavior.

Encryption

The process of converting information or data into a code to prevent unauthorized access.

Ethical Hacking

The practice of testing an organization's security measures by simulating attacks in a controlled manner to identify and fix vulnerabilities.

Exploit

A piece of software, data, or sequence of commands that takes advantage of a bug or vulnerability to cause unintended behavior in software or hardware.

Firewall

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Firmware

Permanent software programmed into read-only memory, providing the low-level control for the device's specific hardware.

Gateway

A network node used in telecommunications that connects two networks with different transmission protocols.

Grey Hat Hackers

Hackers who exploit security weaknesses without permission, often notifying the target and offering to fix the issue for a fee.

Hacktivists

Individuals or groups that use hacking to promote political agendas or social change.

Hashing

The process of converting an input (or 'message') into a fixed-size string of bytes, typically for security purposes.

Honeypot

A security resource whose value lies in being probed, attacked, or compromised to study attack methods.

IDS (Intrusion Detection System)

A device or software application that monitors a network or systems for malicious activity or policy violations.

IoT (Internet of Things)

A system of interrelated computing devices, mechanical and digital machines, or objects that are provided with unique identifiers and the ability to transfer data over a network.

Jailbreaking

The process of removing software restrictions imposed by the manufacturer on devices like iPhones and iPads.

Keylogger

A type of surveillance software that records every keystroke made on a computer to gain access to passwords and other confidential information.

Logic Bomb

A piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.

Malware

Any software intentionally designed to cause damage to a computer, server, client, or computer network.

Man-in-the-Middle Attack (MitM)

An attack where the attacker secretly intercepts and possibly alters the communication between two parties.

Network Security

Policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

OAuth (Open Authorization)

An open standard for access delegation commonly used as a way to grant websites or applications limited access to user information without exposing passwords.

Penetration Testing

A simulated cyber attack against your computer system to check for exploitable vulnerabilities.

Phishing

A method of trying to gather personal information using deceptive e-mails and websites.

Purple Team

A collaborative team combining the offensive capabilities of Red Teams and the defensive strategies of Blue Teams to enhance an organization's cybersecurity posture.

Quarantine

The isolation of infected files on a computer system to prevent the spread of malware.

Ransomware

A type of malware that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.

Red Team

A group that simulates real-world attacks on an organization's systems to test and improve the effectiveness of security measures.

Rootkit

A collection of malicious software tools that an attacker uses to gain control over a computer system without being detected.

SOC (Security Operations Center)

A centralized facility where a team of cybersecurity experts monitors, detects, analyzes, and responds to security incidents to protect an organization's digital infrastructure.

Script Kiddies

Unskilled individuals who use existing scripts or tools to launch hacking attacks without understanding how they work.

Shadow IT

IT systems and solutions used within an organization without explicit approval from the organization's IT department.

Social Engineering

The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Spyware

Software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.

TTP (Tactics

Techniques

Threat Actor

Any individual or group that conducts malicious activities against digital systems, such as hackers, organized crime groups, or nation-state entities.

Trojan Horse

A type of malware that is often disguised as legitimate software and used to hack into the victim's computer by misleading users of its true intent.

Two-Factor Authentication (2FA)

A security process in which the user provides two different authentication factors to verify themselves.

URL Filtering

A technology used to block access to inappropriate or harmful websites.

Virus

A type of malicious software that, when executed, replicates by inserting copies of itself into other computer programs, data files, or the boot sector of the hard drive.

Vulnerability

A weakness in a system or its design that could be exploited by a threat actor, such as an attacker, to perform unauthorized actions within a computer system.

Worm

A standalone malware computer program that replicates itself in order to spread to other computers.

XSS (Cross-Site Scripting)

A security vulnerability typically found in web applications that allows attackers to inject malicious scripts into content from otherwise trusted websites.

YARA

A tool aimed at helping malware researchers identify and classify malware samples.

Zero-Day Exploit

An exploit for a software vulnerability that is unknown to the software vendor or to antivirus vendors.