Cybersecurity Glossary

also called a pen tester, is a skilled computer expert or programmer that uses their skillset to overcome issues. A hacker can also use their skills to also exploit vulnerabilities in a computer system. Also, possibly more accurately called a cracker, a person who manages to gain unauthorized access to a computer system in order to cause damage. But keep in mind that there are two types of hackers: whitehat hackers, who do penetration testing and reveal their results to help create more secure systems and software, and blackhat hackers, who use their skills for malicious purposes.

hackers who employ hacking techniques to support social causes or to fight for justice.

A security bug that first appeared in 2014, which exposed information that was usually protected by SSL/TLS encryption. Due to a vulnerability that affected the OpenSSL library, attackers could steal data that was kept confidential by a type of encryption used to secure the Internet. This bug caused around 500,000 web servers (17% of all severs on the Internet) to be exposed to potential data theft.

a false computer virus warning. You may receive such hoaxes via email, instant messaging or social media. Before acting on it, be sure to go online and check the validity of the claim. Also, when you have proof that it’s fake, it’s a good idea to inform the sender as well. Remember that such hoaxes can lead to malicious websites which can infect your devices with malware.

This is an automated system designed to simulate the actions of a user who’s browsing websites on the Internet. The purpose of the system is to identify malicious websites that try to exploit vulnerabilities that the browser might have. Another name for this is Honey Client.

A program used for security purposes which is able to simulate one or more network services that look like a computer’s ports. When an attacker tries to infiltrate, the honeypot will make the target system appear vulnerable. In the background, it will log access attempts to the ports, which can even include data like the attacker’s keystrokes. The data collected by a honeypot can then be used to anticipate incoming attacks and improve security in companies.

Another name for a Man-in-the-Middle attack. Scanning HTTPS (Hypertext Transfer Protocol Secure) content allows the attackers to decrypt, analyze, and re-encrypt content between websites that use SSL (Secure Sockets Layer) for security and a user’s browser. This type of attack is usually used to snoop in on information exchanges and steal confidential data.

Combines the characteristics of multiple types of attacks to potentially increase the severity of the attack or to work faster. One example is to make a dictionary attack, which is used to crack passwords, even stronger by adding numerals and symbols, so credentials can be hacked even faster.