Archives: Encyclopedia

Advanced Persistent Threat

What is an Advanced Persistent Threat (ATP)? An advanced persistent threat (APT) is a stealthy threat actor, typically a nation-state or state-sponsored group(s), which gains unauthorized access to computer networks and remains undetected for an extended period. Key Takeaways APT

Read More »

Adware

What is Adware? Adware can be safe for users and a valid business advertisement-supported software. However, not all adware programs are genuine. Some are manipulative and open doors for malicious activities. Developers create adware for advertising other software to earn

Read More »

Antimalware

What is Antimalware? An antimalware is a software program designed to enhance computer security by identifying, preventing, and eliminating malicious programs—the software targets malware such as worms, viruses, Trojan horses, spyware, and adware. The antimalware scans computer systems to detect

Read More »

Banner Grabbing

What is Banner Grabbing? Banner grabbing is a technique used by hackers and security teams to gain information about a computer system on a network and services running on its open ports. A banner is a text displayed by a

Read More »

Cloud Security

What is Cloud Security? Cloud security, also known as cloud computing security, encompasses a broad range of controls-based technologies, policies, and procedures that enterprises deploy to protect data, information, applications, communication channels, and infrastructure in the cloud. As with on-premise

Read More »

Cross-Site Scripting

What is Cross-Site Scripting Cross-site scripting (XSS) is a client-side code injection attack. The web security vulnerability allows an attacker to compromise the interactions that users have with a vulnerable application. In XSS attacks, a hacker executes malicious scripts in

Read More »

Cyberattack

What is a Cyberattack? A cyberattack is a malicious activity that cybercriminals launch using different tactics against systems and networks. Hackers use cyberattacks to expose, gain unauthorized access, alter, steal, destroy, or make unauthorized use of information assets. Cybercriminals engage

Read More »

Cybersecurity

What is Cybersecurity? Cybersecurity consists of processes, procedures, and tools that businesses and individuals use to protect computers, servers, mobile devices, networks, applications, electronic systems, software, and information from malicious cyberattacks. Businesses and individuals use cybersecurity to prevent unauthorized access

Read More »

Defense in Depth

What is Defense in Depth (DiD)? In the context of information security, Defense in Depth (DiD) is a strategy that utilizes a series of security approaches and controls. These security protocols are typically layered across the entire computer and system

Read More »

Denial of Service

What is a Denial of Service? A Denial of Service (DoS) attack is a malicious activity meant to shut down a system or a network, making it inaccessible to intended users. Hackers launch DoS attacks by flooding target systems with

Read More »

Eavesdropping

What is Eavesdropping?   Merriam-Webster dictionary defines eavesdropping as the act of secretly listening to something private. In computer security, eavesdropping refers to the interception of communication between two parties by a malicious third party. An eavesdropping attack, also known

Read More »

Encryption

What is Encryption? Encryption is a security control that alters information from a readable to random format to prevent unauthorized access. Encryption mechanisms convert a human-readable plain text to incomprehensible ciphertext. Key Takeaways Encryption is a process scrambling data to

Read More »

Espionage

What is Espionage? Merriam-Webster defines espionage as “the practice of spying or using spies to obtain information about the plans and activities, especially for a foreign government or competing company. Espionage in cybersecurity refers to a form of cyberattack where

Read More »

Firewall

What is a Firewall? A firewall is a network security solution that monitors incoming and outgoing network traffic to permit or block data packets based on defined security rules. Packets refer to data pieces formatted for internet transfer. They contain

Read More »

Insider Threat

What is an Insider Threat? An insider threat is a security risk that originates within an organization. Insider threat actors include current employees, consultants, former employees, business partners, or board members A 2019 Verizon Data Breach Investigation Report reveals that

Read More »

Malware

What is Malware? Malware is a contraction of malicious software. The umbrella term refers to viruses, worms, trojans, and other malicious computer programs hackers use to gain unauthorized access to systems and data. Malware encompasses any program that causes damage

Read More »

Man-in-the-middle Attack

What is a Man-in-the-Middle Attack? Man-in-the-middle (MITM) attack is a common attack method where hackers eavesdrop on an active communication channel between two users. As the name implies, the attackers position themselves in a spot to intercept the communication and

Read More »

Network Security

What is Network Security? Network security refers to an organization’s strategy, technologies, devices, procedures, and other provisions for ensuring the security of information assets and all network traffic. It encompasses all physical and software measures that a business puts in

Read More »

Phishing

What is Phishing? Phishing is a method that hackers employ to collect personal data using deceptive websites and emails. The goal is to trick the victim into believing that a message, a website, or an attachment is something they want

Read More »

Ransomware

What is Ransomware? Ransomware is a malware that encrypts a victim’s files and systems. The malicious program prevents you from accessing your systems or files. The attacker demands a ransom from the target to restore access to files. In ransomware

Read More »

Social Engineering

What is a Social Engineering? Social engineering involves tricking a user into divulging sensitive information or taking action that enables a hacker to gain unauthorized access to systems. In social engineering attacks, hackers take advantage of a potential victim’s natural

Read More »

Spam

What is Spam? Spam is unsolicited bulk messages sent to multiple recipients. It is the use of messaging and emailing systems to send unsolicited messages to large numbers of recipients for commercial adverting and other prohibited purposes like phishing. Key

Read More »

Spyware

What is a Spyware? Spyware is malicious software that infiltrates your computer to steal sensitive information. Spyware is a form of malware that gains access and causes damage to your systems, often without your knowledge. Spyware collects a victim’s personal

Read More »

SQL Injection

What is SQL Injection? SQL injection is a code injection technique that might destroy a database. Code injection is the exploitation of a computer bug that results from processing invalid data. Attackers use injection to introduce or inject code into

Read More »

Supply Chain Attack

What is a Supply Chain Attack? A supply chain attack, also known as a value-chain attack, occurs when a cybercriminal attacks your systems through an external partner or service provider with access to your network and data. The attack seeks

Read More »