Phishing
A type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
Smishing
The act of committing text message fraud to try to lure victims into revealing account information or installing malware.
Vishing
An electronic fraud tactic in which individuals are tricked into revealing critical financial or personal information to unauthorized entities.
Spam
An unsolicited bulk messages sent to multiple recipients who did not ask for them.
Spam over instant messaging (SPIM)
Refers to unsolicited instant messages.
Spear phishing
An email or electronic communications scam targeted towards a specific individual, organization or business.
Dumpster diving
A technique used to retrieve information that could be used to carry out an attack on a computer network.
Shoulder surfing
A direct observation techniques, such as looking over someone's shoulder, to get information.
Pharming
A form of online fraud involving malicious code and fraudulent websites.
Tailgating
A physical security breach in which an unauthorized person follows an authorized individual to enter a secured premise.
Eliciting information
A reporting format designed to elicit as much information as possible about individuals involved in a group or network.
Whaling
A method used by cybercriminals to masquerade as a senior player at an organization and directly target senior individuals, with the aim of stealing or gaining access to their computer systems for criminal purposes.
Prepending
A technique used to deprioritize a route in a netork.
Identity fraud
A crime in which an imposter obtains key pieces of personally identifiable information (PII) to impersonate someone else.
Invoice scams
A fraudulent way of receiving money or by prompting a victim to put their credentials into a fake login screen.
Credential harvesting
The process of gathering valid usernames, passwords, private emails, and email addresses through infrastructure breaches.
Reconnaissance
A term for testing for potential vulnerabilities in a computer network.
Hoax
A message warning the recipients of a non-existent computer virus threat.
Impersonation
A form of fraud in which attackers pose as a known or trusted person to dupe an employee into transferring money to a fraudulent account, sharing sensitive information or revealing login credentials.
Watering hole attack
A targeted attack designed to compromise users within a specific industry by infecting websites they typically visit and luring them to a malicious site.
Typosquatting
A form of cybersquatting which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser.
Pretexting
A form of social engineering in which an individual lies to obtain privileged data.
Social media
A computer-based technology that allows the sharing of ideas, thoughts, and information through the building of virtual networks.
Authority
The power to enforce rules or give orders.
Consensus
Allows anyone in the network to join dynamically and participate without prior permission.
Ransomware
A malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.
Trojans
A type of malware that is often disguised as legitimate software.
Worms Potentially unwanted programs (PUPs)
A program that may be unwanted, despite the possibility that users consented to download it
Fileless virus
A type of malicious software that uses legitimate programs to infect a computer.
Command and Control
A computer controlled by a cybercriminal to send commands to systems compromised by malware and receive stolen data from a target network.
Bots
A network of computers infected by malware that are under the control of a single attacking party, known as the "bot-herder."
Cryptomalware
A type of ransomware that encrypts user's files, and demands ransom.
Logic bomb
A string of malicious code used to cause harm to a network when the programmed conditions are met.
Spyware
A type of malware that collects and shares information about a computer or network without the user's consent.
Keyloggers
A type of monitoring software designed to record keystrokes made by a user.
Remote access Trojan (RAT)
A malware program that allows hackers to assume remote control over a device via covert surveillance.
Rootkit
Asoftware used by a hacker to gain constant administrator-level access to a computer or network.
Backdoor
A means to access a computer system or encrypted data that bypasses the system's customary security.
Brute force
A brute-force technique where attackers run through common words and phrases, such as those from a dictionary, to guess passwords.
Rainbow table
A listing of all possible plaintext permutations of encrypted passwords specific to a given hash algorithm.
Plaintext
A message before encryption or after decryption.
Card cloning
The practice of making an unauthorized copy of a credit card.
Skimming
Cybercriminals' strategies for capturing and stealing cardholder's personal payment information.
Supply-chain attacks
A cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain.
Birthday
A type of cryptographic attack, which exploits the mathematics behind the birthday problem in probability theory.
Collision Attack
An attack on a cryptographic hash to find two inputs producing the same hash value, i.e. a hash collision.
Downgrade
A form of cyber attack in which an attacker forces a network channel to switch to an unprotected or less secure data transmission standard.
Privilege escalation
A type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker an access to the network.
Cross-site scripting
A web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application.
Structured query language (SQL)
A programming language designed to get information out of and put it into a relational database.
Dynamic-link library (DLL)
A collection of small programs that can be loaded when needed by larger programs and used at the same time.
LDAP (Lightweight Directory Access Protocol)
A software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network
Access Protocol (LDAP)
A software protocol that enables an entity to look up data stored in a server.
Directory traversal
A web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application.
Buffer overflows
When the volume of data exceeds the storage capacity of the memory buffer.
Replay attack
A form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed.
Integer overflow
A type of an arithmetic overflow error when the result of an integer operation does not fit within the allocated memory
Request forgeries
An attack that forces authenticated users to submit a request to a Web application against which they are currently authenticated.
Resource exhaustion
Computer security exploits that crash, hang, or otherwise interfere with the targeted program or system.
Memory leak
A resource leak that occurs when a computer program incorrectly manages memory allocations.
Shimming
This involves creating or modifying an API to bypass a driver in order toperform a different function.
Refactoring
It is the name given to a set of techniques used to identify the flow and then modify the internal structure of code without changing the code's visible behavior.
Evil twin
A fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications.
Rogue access point
An access point installed on a network without the network owner's permission.
Bluesnarfing
The unauthorized access of information from a wireless device through a Bluetooth connection.
Bluejacking
The sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices.
Disassociation attack
A type of DoS attack in which the attacker breaks the wireless connection between the victim device and the access point.
Jamming
The transmission of radio signals that disrupt communications by decreasing the Signal-to-Inference-plus-Noise ratio (SINR).
Initialization vector (IV)
A fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom.
Near-field communication (NFC)
A technology which can be used for wireless exchange of data over short distances.
Address Resolution Protocol (ARP)
A communication protocol used for finding the link layer address, such as a MAC address, associated with a given internet layer address.
Protocol (ARP) poisoning
A technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network.
Media access control (MAC) flooding
A technique employed to compromise the security of network switches by flooding the network with fake MAC Addresses.
MAC cloning
Setting the MAC address of your PC or any other MAC address as your device WAN port
Domain hijacking
An attack whereby an organization's domain is stolen by changing the registration of a domain name.
DNS poisoning
The act of placing false information in a DNS resolver cache.
Domain reputation
The overall "health" of your branded domain as interpreted by mailbox providers.
Distributed denial-of-service (DDoS)
An attempt to crash a web server or online system by overwhelming it with data.
PowerShell
A cross-platform task automation and configuration management framework, consisting of a command-line shell and scripting language.
Advanced persistent threat (APT)
An attack in which an unauthorized user gains access to a system or network and remains there for an extended period of time without being detected.
Insider threats
A security risk that originates within the targeted organization.
State actors
An individual with a 'Licence to Hack'. They work for a government to target governments, organisations or individuals to gain access to valuable data or intelligence.
Hacktivists
Groups of criminals who unite to carry out cyber attacks in support of political causes.
Script kiddies
An unskilled individual who uses scripts or programs, developed by others to attack computer systems and networks and deface websites.
Shadow IT
The use of information technology systems, devices, software, applications, and services without explicit IT department approval.
Hacker
A person who finds and exploits the weakness in computer systems and/or networks to gain access.
Direct access attack
Gaining physical access to the computer or its part and performing various functions or installing various types of devices to compromise security.
Wireless attack
A penetration and intrusion acts that target wireless networks and pose serious threats.
Open-source intelligence (OSINT)
The practice of collecting information from published or otherwise publicly available sources.
Dark web
An ungoverned and seemingly ungovernable area of the internet where you can browse and communicate with complete anonymity.
Automated Indicator Sharing (AIS)
Enables the exchange of cyber threat indicators, at machine speed, among the Federal Government.
Predictive analysis
The use of data, statistical algorithms and machine learning techniques to identify the likelihood of future outcomes based on historical data.
Threat maps
A real-time map of the computer security attacks that are going on at any given time.
Weak encryption
An encryption algorithm which can be broken within a time frame that would enable the breaker to take advantage of the information that has been encrypted.
Zero-day
A computer-software vulnerability that is unknown to those who should be interested in mitigating the vulnerability.
Firmware
A small piece of software that makes hardware work and do what its manufacturer intended it to do.
Data breach
An incident wherein information is stolen or taken from a system without the knowledge or authorization of the system's owner.
Data Exfiltration
A technique used by malicious actors to target, copy, and transfer sensitive data.
Identity theft
The use of another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes.
Threat hunting
The practice of proactively searching for cyber threats that are lurking undetected in a network.