50 Frequently Used Cyber Security Terminologies
Introduction
In this article, you will be able to know and learn about some crucial terminologies that are frequently used in cyber security. Some essential terminologies discussed below are necessary to understand the computer network security policy, and cyber security system and raise security awareness knowledge.
Some important terminologies frequently used in cyber security are:Cyberspace
· Cyberspace refers to the information environment consisting of the interdependent network of information systems infrastructures including the internet, telecommunications network, computer systems, and embedded processors and controllers.
The cyberspace or cyber world is a human-made world without any physical boundaries and it is a dynamic world that is constantly evolving.
· Cyberspace is the virtual world created by links between computers, internet-enabled devices, servers, routers, and other components of the internet’s infrastructure.
· Cyberspace elements include servers, computers, telecom equipment, communication channels, information, and telecommunication networks.
· Risks of cyberspace include electrical blackouts, failure of military types of equipment, breaches of national security secrets, the theft of valuable and sensitive data like medical records, disrupting phone and computer networks or paralyzing systems, and making data unavailable.
· Some common examples of cyberspace are the home of Google, Yahoo, and Facebook.
Cybercrime
· Cybercrime refers to any criminal activity that involves a computer, the internet, a networked device, or a hardware device.
· Cyber crimes are carried out to generate profit for the cybercriminals, and to damage or disable computers or devices.
Cyber security
· Cyber security is also known as information technology security or electronic information security.
· Cyber security refers to the protection of internet-connected systems such as hardware, software, and data from cyber threats.
· Cyber security framework’s major functions are to identify, protect, detect, respond, and recover.
· The most common cyber security threats are app-based threats (malicious apps), web-based threats (phishing), network threats (free Wi-Fi), and physical threats (no PIN or biometric authentication).
Cyberactivism
· Cyberactivism is also known as digital activism.
· Cyberactivism is a form of activism that uses the internet and digital media as crucial platforms for mass mobilization and political action.
Cyber hacking
Cyber hacking refers to any illegal intrusion into a computer or a network to steal personal or private information.
Cyberbullying
· Cyberbullying refers to an act of harassing a minor using the internet or mobile phones.
· Cyberbullying can take place through text messages, e-mails, or social media posts.
· Some common examples of cyberbullying are sending upsetting messages, sending threatening e-mails, posting mean comments, and uploading embarrassing photos of someone.
Cyberstalking
· Cyberbullying among adults is referred to as cyberstalking.
· Cyberstalking is the use of the internet to harass, stalk, or threaten someone.
· Cyberstalking is done to harass a person by sending objectionable or threatening messages.
· Cyberstalking is a criminal offense.
Cyber safety
Cyber safety means safe and responsible use of internet services to make sure that we don’t cause harm to either ourselves or others while using the internet.
Internet activism or hactivism or hacktivism
Hacktivism refers to the use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change.
Network security
· Network security refers to protecting data and resources from any unauthorized access.
· Network security is a type of cyber security.
· Network security aims to protect the usability, integrity, and safety of a network, associated components, and data shared over the network.
· Network security is a set of technologies that protect the company’s working infrastructure by preventing the entry of potential threats.
· Network security includes antivirus and antispyware programs, a firewall that blocks unauthorized access to a network, and VPNs (Virtual Private Networks) used for secure remote access.
· The most common network security threats are malware, advanced persistent threats, and DDOS attacks.
Cloud Security
· Cloud security is also known as cloud computing security.
· Cloud security or cloud-based security refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, and services.
· Cloud security ensures user and device authentication, data and resource access control, and data privacy protection.
Hacking
Hacking refers to unauthorized access to the computer system.
Ethical hacking
· Ethical hacking is also known as penetration testing, intrusion testing, and red teaming.
· Ethical hacking refers to an authorized attempt to gain unauthorized access to a computer system, application, or data.
· Some common examples of ethical hacking are login into an email account that is not supposed to have access to, gaining access to a remote computer that you are not supposed to have access to, and reading information that you are not supposed to be able to read.
Hacker
· Hacker refers to a person who uses his abilities to gain unauthorized access to systems or networks in order to commit crimes.
· Computer hacking activities include password cracking using a password cracking algorithm to gain access to a computer system, stealing your money and opening a credit card and bank accounts in your name, ruining your credit, requesting new personal identification numbers or additional credit cards, and make purchases without your consent.
White hat
· A white hat refers to an ethical security hacker.
· A white hat hacker is an individual who uses hacking skills to identify security vulnerabilities in hardware, software, or networks.
· White hat hackers respect the rule of law as it applies to hacking.
Black Hat
· Black Hat refers to a hacker who violates laws or typical ethical standards and infiltrates a computer system for his own personal profit or for malicious purposes (such as to disable a website or uncover secret information).
· A Black hat hacker uses hacking techniques and tools for financial gain, cyber espionage, and implanting malware into computer systems.
Grey hat
· Grey hat refers to a computer hacker who violates laws or typical ethical standards, but usually doesn’t have the malicious intent typical of a black hat hacker.
· Grey hat hackers are exact a blend of both black hat and white hat activities.
· Grey hat hackers often look for vulnerabilities in a system without the owner’s permission or knowledge.
· Grey hat hackers tell people that vulnerabilities exist in the system in order to spread public awareness.
Blue hat
· Blue hat refers to computer security firms hired to bug test a system prior to launch.
· Blue hats are employed to check for exploits so they can be closed.
· The Blue hat is for the management and organization of thinking and is concerned with meta-cognition.
Computer vulnerabilities
· Computer vulnerability refers to a flaw or weakness in a system or network, security procedures, internal controls, or design and implementation that could be exploited to cause damage or allow an attacker to manipulate the system in some way.
· Some common and well-known vulnerabilities to computer information security are software that is not regularly updated, a weakness in a firewall that can lead to malicious hackers getting into a computer network, lack of security cameras, unlocked doors at businesses, missing data encryption, OS command injection, Buffer overflow, missing authentication for critical function, missing authorization, unrestricted upload of dangerous file types, reliance on un-trusted inputs in a security decision.
Phishing
· Phishing attacks refer to the practice of sending fraudulent communications that appear to come from a reputable source.
· Phishing is usually done to steal sensitive data like credit card and login information or to install malware on the victim’s machine.
· Phishing is usually done through email.
· Phishing attacks are the biggest, most damaging, and most widespread threat facing small businesses. Phishing accounts for 90% of all breaches that organizations face.
· Some common phishing attacks are email phishing, spear phishing, whaling smishing, and angler phishing.
Adware
Adware refers to a type of spyware, which lets third parties access your browsing history and target you with specific ads.
· Adware is a program that pop-up various advertisements and offers, often based on the websites you visit.
· Adware in the form of spyware can steal your internet history, contacts, passwords, or even credit card information.
· Some common examples of adware are fireball, Appearch, Dollar Revenue, Gator, DeskAd, and pop-up ads on websites.
Keylogger
· A keylogger is an insidious form of spyware.
· Keylogger refers to activity-monitoring software programs that give hackers access to your personal data.
Computer worm
· Computer worm refers to a standalone malware computer program that replicates itself in order to spread to other computers.
· Some common malicious computer worms are email worms, file-sharing worms, crypto worms, internet worms, and instant messaging worms.
A denial-of-service attack (DOS)
· Denial-of-service attack refers to a cyber attack that shut down a machine or network, making it inaccessible to its intended users by temporarily or indefinitely disrupting the services of a host connected to a network.
· In case of Denial- of- service attack, an attacker purposefully tries to exhaust the site’s resources, denying legitimate users access.
· Denial-of-service attack is done by flooding the target with traffic or sending it information that triggers a crash.
· Some common DOS attacks are the AWS DDOS attack in 2020, the GitHub attack in 2018, the Mirai Dyn DDOS attack in 2016, the Cloud Flare DDOS attack in 2014, and Black Friday sales when thousands of users are clamoring for a bargain, often cause a DOS.
Distributed Denial- of- service (DDOS)
· Distributed Denial- of- service attack refers to cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites.
· A DDOS attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic.
· A DDOS attack is a crude but effective form of cyber attack.
· Some common types of DDOS attacks are volume-based attacks, protocol attacks, and application layer attacks.
· Some common examples of DDOS attacks are UDP flooding, SYN flooding, and DNS amplification.
Defacement
· A defacement attack refers to a public indicator that a website has been compromised, and causes damage to the brand and reputation, which lasts long after the attacker’s message has been removed.
· Cyber-defacement is done to censor the freedom of speech of those with whom the hackers don’t agree.
· Hackers deface websites by gaining unauthorized access to an environment or network or resources.
· Defacement methods include vulnerabilities in third-party plugins and stolen login credentials.
· Hackers generally deface a website to take some revenge, prove their point, humiliate a government or organization or disrupt a website’s operations.
Web Defacement
Web Defacement refers to an attack in which malicious parties penetrate a website and replace content on the site with their own messages.
Trojans
· Trojans or Trojan horses refer to any malware that misleads users of its true intent.
· Trojan horse malware is camouflaged in the form of regular software such as utilities, games, and even antivirus programs.
Defacement Trojan
· Defacement Trojan refers to an attack in which resource editors allow to view, edit, extract, and replace strings, bitmaps, logos, and icons from any windows program.
Backdoor Trojans
· Backdoor Trojans refer to malicious software programs designed to grant unwanted access for a remote attack.
Remote Access Trojan (RAT)
· RAT is a malware designed to allow an attacker to remotely control an infected computer. Once the RAT is installed on a compromised system, the attacker can send commands to it and receive data back in response.
· RAT provides the capability to allow covert surveillance or the ability to gain unauthorized access to a victim's PC.
Backdoor
· Backdoor refers to a covert method of bypassing normal authentication or encryption in a computer, product, embedded device, or its embodiment.
· Backdoors are most often used for securing remote access to a computer or obtaining access to plaintext in cryptographic systems.
· Backdoor compromises overall system security.
· Backdoors look like normal PHP code or obfuscated (intentionally obscured to make code ambiguous and hidden).
· Some common applications of backdoors are ShadowPad, Back orifice, Android APK Backdoor, Borland/Inprise Interbase backdoor, malicious chrome, and Edge extension backdoor, Backdoors in outdated WordPress plugins, and Bootstrap-Sass Ruby library backdoor.
· A common and well-known example of a backdoor is FinSpy. When FinSpy is installed on a system, it enables the attacker to download and execute files remotely on the system the moment it connects to the internet, irrespective of the system’s physical location.
· Microsoft window has a universal backdoor through which any change whatsoever can be imposed on the users.
Backdoor password
· Backdoor password refers to a common method to solve the problem of lost or forgotten administrative passwords of an information system.
· Backdoor password weakens the system's security against hostile activities.
Remote Administration Tool (RAT)
· RAT refers to a software program that gives you the ability to control another device remotely.
· A RAT opens a backdoor, enabling administrative control over the victim’s computer.
Spoofing
· Spoofing refers to cybercrime that happens when someone impersonates a trusted contact or brand, pretending to be someone you trust in order to access sensitive personal information.
· Spoofing attacks generally copy and exploit the identity of your contacts, the look of well-known brands, or the addresses of trusted websites.
· Cyber criminals use spoofing to fool victims into giving up sensitive information or money or downloading malware.
· Cyber criminals can spoof email addresses or even websites.
· A common example of spoofing is impersonation via telephone.
E-mail Spoofing
· E-mail Spoofing refers to the creation of e-mail messages with a forged sender address.
· E-mail spoofing is done when the sender is attempting to send mail from, or on behalf of, the exact target domain.
· Spoofed e-mail messages are easy to make and easy to detect.
E-mail impersonation
· E-mail impersonation refers to a phishing technique. Cybercriminals create email addresses that look legitimate to trick their targets into trusting them.
· E-mail impersonation is a tool of a phishing attack, designed to take over your online accounts, send malware, or steal funds.
· E-mail impersonation is done when the sender is attempting to send mail that is a lookalike, visually similar, to a targeted domain, targeted user, or targeted brand.
Plaintext
Plaintext refers to unencrypted data.
Ciphertext
Ciphertext refers to encrypted data.
Encryption
· Encryption refers to the method by which information is converted into secret code that hides the information’s true meaning.
· Encryption is a form of data security in which information is converted to ciphertext.
· Encryption is an important way for individuals and companies to protect sensitive information from hacking.
· Some common examples of encryption are websites that transmit credit card and bank account numbers. These websites encrypt information to prevent identity theft and fraud.
Cryptography
Cryptography refers to the science of encrypting and decrypting information.
Data dump
· Data dump is also called data export or exported data or data bank.
· Data dump refers to the transfer of a large amount of data between two systems, often over a network connection.
· A common example of a data dump is a database that can be dumped to another network server, where it could be utilized by other software applications or analyzed by a person.
Pornography
· Pornography refers to books, magazines, and films that are designed to cause sexual excitement by showing or describing sexual acts.
· Watching and keeping pornography materials is illegal in India.
Cyber pornography
· Cyber pornography refers to an act by using cyberspace to create, display, distribute, import, or publish obscene materials, especially materials related to children who are engaged in sexual acts with adults.
· Cyber pornography is a criminal offense, classified as causing harm to persons.
Dark web
· The dark web refers to the World Wide Web content that exists on darknets: overlay networks that use the internet but require specific software, configurations, or authorization to access.
· Dark web content is a part of the internet but you can’t find it with traditional search engines such as Google.
· The dark web content is hidden and accessing or getting the dark web content is not easy.
· The dark web is used by people wishing to carry out illegal activities online, such as selling weapons or drugs.
· The dark web content is also dotted with sites that specialize in illicit pornography, including child pornography.
Script kiddie, skiddie, or skid
· Script kiddie refers to an immature or unskilled individual who uses scripts or programs, such as a web shell, developed by others to attack computer systems, and networks and deface websites, according to the programming and hacking cultures.
· A script kiddie lacks programming knowledge and uses existing software to launch an attack.
· Script kiddies often pick up off the shell exploits, scripts, and tools to attack a target.
Social engineering
· In the context of information security, social engineering refers to the psychological manipulation of people into performing actions or divulging confidential information.
· Social engineering is used for a broad range of malicious activities accomplish through human interactions.
Spam
· Spam refers to unwanted bulk e-mails that come from strange sources.
· Spam is generally sent in large numbers for commercial advertising.
· Spam is a serious security concern as it can be used to deliver Trojan Horses, viruses, worms, and spyware, and organize targeted phishing attacks.
Internet privacy
· Internet privacy refers to the privacy and security level of personal data published via the internet.
· Internet privacy is a broad term depending on a variety of factors, techniques, and technologies used to protect sensitive and private data, communications, and preferences.
Software piracy
· Software piracy refers to the act of illegally using, copying, or distributing software without ownership or legal rights.
· Copying software to multiple computers or sharing it with your friends without multiple licenses is considered software piracy, which is illegal.
To know more visit https://zueducator.blogspot.com
No comments:
Post a Comment