Cybersecurity Glossary

A type of software designed to monitor and record traffic on a network. It can be used for good, to run diagnostic tests and troubleshoot potential problems. But it can also be used for malicious purposes, to snoop in on your private data exchanges. This includes: your web browsing history, your downloads, the people you send emails to, etc.

A type of virus that’s capable of associating itself with a file or inserting itself into a file. To remain undetected, this virus will give control back to the software it infected. When the operating system looks at the infected software, it will continue to give it rights to run as usual. This means that the virus will be able to copy itself, install itself into memory or make other malicious changes to the infected PC. Although this type of virus appeared early on in the history of computer infections, it’s now making a comeback.

A type of attack during which cyber criminals try to gain unauthorized access to confidential information. It’s called passive because the attacker only extracts information without changing the data, so it’s more difficult to detect as a result.

A tactic used by cyber criminals to harvest passwords. They do this through monitoring and snooping in on network traffic to retrieve password data. If the password is sent over an unencrypted connection (for example, you put in a password on a website that isn’t protected by a security certificate doesn’t start with https), it’s even easier for attackers to get their hands on your passwords.

A small software update released by manufacturers to fix or improve a software program. A patch can fix security vulnerabilities or other bugs, or enhance the software in terms of features, usability and performance.

Refers to the activity of getting, testing and installing software patches for a network and the systems in it. Patch management includes applying patches both for security purposes and for improving the software programs used in the network and the systems within it.

The act of applying a software update, which is designed to fix or enhance a software program. This includes both securityrelated updates and improvements in terms of software features and user experience.

The data cargo transported by a piece of malware onto the affected device or network. The payload contains the fundamental objective of the transmission, which is why the payload is actually the element of the malware that performs the malicious action (i.e. stealing financial information, destroying data, encrypting data on the affected device/network, etc.). When you consider a malware’s damaging consequences, that’s when you can talk about the payload.

Occurs when a malicious attacker manages to bypass a system’s defenses and acquire confidential data from that system.

A type of attack launched a network or computer system in order to identify security vulnerabilities that can be used to gain unauthorized access to the network’s/system’s features and data. Penetration testing is used to help companies better protect themselves against cyber attacks.

A firewall is a network security system designed to prevent unauthorized access to public or private networks. Its purpose is to control incoming and outgoing communication based on a set of rules. A personal firewall is a smaller architectural piece designed to run on personal computers.

A type of online scam aimed at extracting information such as passwords, usernames and more from the victim. Pharming means redirecting Internet traffic from a legitimate website to a fake one, so victims can put in their confidential information and attackers can collect it. This type of attacks usually targets banking and ecommerce websites. What makes it difficult to detect is that, even if the victim types in the right URL, the redirect will still take the user to the fake website, operated by IT criminals.

A malicious technique used by cyber criminals to gather sensitive information (credit card data, usernames and passwords, etc.) from users. The attackers pretend to be a trustworthy entity to bait the victims into trusting them and revealing their confidential data. The data gathered through phishing can be used for financial theft, identity theft, to gain unauthorized access to the victim’s accounts or to accounts they have access to, to blackmail the victim and more.

Unencrypted, simple text. This is what it is called before it’s encrypted or after being decrypted. If passwords, or other sensitive data is stored in plaintext, it means that they can be read by anyone. This is a big lapse in cyber security.

Is capable of mutating and changing while maintaining the initial algorithm. Each time it runs, the code morphs, but keeps its function. This tactic is usually used by malware creators to keep their attacks covert and undetected by reactive security solutions.

Is used to generate polymorphic malware. This is a computer program capable of transforming a program in derivative versions (different versions of code), but which perform the same function. Polymorphic engines rely on encryption and obfuscation to work, and are used almost exclusively by malware creators and other cyber criminals. Using this type of engine, malicious hackers can create malware types that can’t be detected by antivirus engines or have a very low detection rate.

Is capable of transforming itself into various derivative versions that perform the same function and have the same objective. By using obfuscated code and constantly changing their code, polymorphic malware strains can infect information systems without being detected by solutions such as traditional malware, which is a key asset in the perspective of cyber criminals.

A software tool used for bundling up different types of malware in a single package (for example, in an email attachment). Malicious actors use polymorphic packers because they’re able to transform over time, so they can remain undetected by traditional security solutions for longer periods of time.

Windows used for advertising. They appear on top of your browser window when you’re on a website, and they’re often annoying because they are intrusive. While they’re not malicious by nature, sometimes they can become infected with malware, if a cyber attacker compromises the advertising networks that’s serving the popup.

When a cyber security risk is assessed, the loss of the 3 essential factors is considered: confidentiality, integrity and availability. If a risk becomes a cyber attack, it can have low, moderate or high impact.

Applications you might install on your devices which contain adware, which may install toolbars or have confusing purposes. These applications can be nonmalicious by nature, but they come with the risk of potentially becoming malicious. Users must seriously consider the risks before they install this type of applications.

A Trojan designed to perform click-fraud operations on the affected PC. Its specific character is given by the fact that it’s a type of file less malware, which makes it very difficult to be detected by traditional, signature-based anti-malware and antivirus solutions. Poweliks installs itself in the Windows registry, where it can inject itself into essential Windows functions. This also helps Poweliks achieve persistence on the infected PC. This malware can be used to also download other threats onto the victim’s PC, such as ransomware delivered through malvertising.

This type of computer virus is capable of executing a specific code that triggers the maximum CPU power dissipation (heat generated by the central processing units). Consequently, the computer’s cooling ability would be impaired and the virus could cause the system to overheat. One of the potential effects is permanent physical damage to the hardware. Power viruses are used both by good actors, to test components, but can also be used by cyber criminals.

Is made of all the data that is unique to a company and ensures its ability to stay competitive. This can include customer details, technical information, costs and trade secrets. If cyber criminals compromise or reveal this information, the impact on the company can be quite severe, as we’ve seen in major data breaches.

Is a gobetween a computer and the Internet. Proxies are used to enhance cyber safety because they prevent attackers from invading a computer/a private network directly.