Cybersecurity
Glossary

A-Z Cybersecurity
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

A

Account Takeover (ATO)

Account takeover (ATO) is a form of identity theft and fraud. It happens when a malicious third party gains access to a user’s account credentials. Criminals can then change account details, send out phishing emails, and steal financial info or sensitive data.

Attack Vectors

An attack vector is the path that a hacker takes to exploit cybersecurity vulnerabilities.

B

Brand Forgery (brand impersonation)

Brand forgery, also known as brand impersonation, is a type of phishing email that uses well-known company names and logos to exploit victims.

Brute Force Attacks

Brute-force attacks are when a cybercriminal submits many passwords or passphrases with the hope of eventually guessing the correct password.

Business Email Compromise (BEC)

In a BEC scam, cybercriminals send an email that appears to come from a known source making a legitimate request.

C

CEO Fraud

Cybercriminals send savvy emails impersonating the company CEO or other company executives and ask employees, typically in HR or accounting to help them out by sending a wire transfer. Often referred to as Business Email Compromise (BEC), this cybercrime uses spoofed or compromised email accounts to trick email recipients into acting.

Cloud App Security

Cloud App Security uses advanced threat and data protection for Microsoft Office 365, Google Workspace, and other cloud services.

Code Obfuscation

Code Obfuscation is a way to make the source code of an application difficult to read and comprehend.

Code-injection attacks

Code Injection is the general term for attack types that consist of injecting code that is then interpreted/executed by the application.

Collaboration Tools

Online collaboration tools help both remote and in-house teams achieve greater levels of transparency, execute projects better, optimize resources and work together better overall.

Computer Vision

Computer Vision is a type of AI that identifies brand logos, QR codes, and text-based images to thwart phishing attacks designed to bypass content-filtering technologies

Content-Based Attacks

Content-based attacks are advanced threats hidden in files and links deliviered through email, cloud drives and instant messaging apps.

D

Domain Spoofing

Domain spoofing occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. This is usually done by sending emails with false domain names that appear legitimate. Or by setting up websites and alternating characters that read as correct.

E

Domain Spoofing

Domain spoofing occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. This is usually done by sending emails with false domain names that appear legitimate. Or by setting up websites and alternating characters that read as correct.

F

Domain Spoofing

Domain spoofing occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. This is usually done by sending emails with false domain names that appear legitimate. Or by setting up websites and alternating characters that read as correct.

G

H

Heuristic Analysis

Heuristic analyses looks for new threats that are not found by signature-based solutions, such as new malware patterns or new types of malware.

I

IP spoofing

IP spoofing is when a hacker uses tools to change the source address in the packet header. The receiving computer system thinks the packet is from a trusted source, such as another computer on a legitimate network, and accept it. Because this occurs at the network level, there are no external signs of tampering.

J

K

L

Lateral Phishing

Attackers use recently hijacked accounts to send phishing emails to unsuspecting recipients. These usually include close contacts in the company and partners at external organizations.

Login page Spoofing

(AKA as website spoofing). Login Page spoofing is when an attacker makes a malicious website that looks like a legitimate one.

Look-alike Domain

See Domain Spoofing.

M

Malware

Malware (shorthand for malicious software) consists of code developed by cyberattackers. It's created to cause extensive damage to data and systems or to gain unauthorized access to a network.

Malware Obfuscation

Malware Obfuscation is a process that makes textual and binary data difficult to understand.

N

N-Day

N-day is a flaw that is already publicly known but may or may not have a security patch available.

O

Online Collaboration Software

Online Collaboration Software allows employees to work remotely while still being able to directly communicate and collaborate on projects and documents.

P

Phishing

Phishing is a social engineering attack with the goal of gaining confidential information.

Phishing Kit

A phishing kit is a set of materials and tools that allows scammers with little technical ability to create a convincing phish.

R

S

Signature-based detection

Signature-based detection uses a known list of indicators of compromise (IOCs). These may include specific network attack behaviors, known byte sequences, and malicious domains. They may also include email subject lines and file hashes.

Social Engineering

Social engineering is the art of manipulating people so they give up confidential information.

Spear phishing

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business.

Steganography

Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message to avoid detection. The secret data is then extracted at its destination.

T

U

V

W

X

Y

Z