SlideShare una empresa de Scribd logo
1 de 13
Descargar para leer sin conexión
Security
AtoZ
themost
important
terms
A to Z
2SWITCH ON FREEDOM
UNDERSTAND
THEOFFICIAL
TERMINOLOGY.
This is F-Secure Labs.
Learnmoreaboutthemostimportantsecuritytermswith
ourofficialexplanationsfromF-SecureLabs.
A to Z
3SWITCH ON FREEDOM
B
BACKDOOR
A remote administration utility that bypasses normal security mechanisms to secretly
control a program, computer or network. These utilities may be legitimate, and may be
used for legitimate reasons by authorized administrators, but they may also be misused
by attackers. A backdoor is usually able to gain control of a system because it exploits
vulnerabilities, bugs or undocumented processes in the system’s code.
BANKING FRAUD / TROJAN
Malware that attackers use to access their
victim’s online banking.
BOTNET
Anetwork ofdevicesinfectedwith
a specializedformofmalwareknownas
a botthatcanberemotelycontrolledbyan
attacker,usuallyvia a command-and-control
(C&C) server.Eachinfectedcomputer may
beknownasa bot,a zombiecomputer,or
a zombie.Anattacker,or groupofattackers,
canharnessthecollectiveresourcesof
a botnettoperformmajor maliciousactions,
suchassendingmillionsofspamemails,
launchinga distributeddenial-of-service
(DDoS),attack andmuchmore.
BRUTE-FORCE ATTACK
Atypeofattackthattypicallytargets
authenticationmechanismssuchas
passwords.Abrute-forceattackisan
exhaustive,trial-and-errorattemptthat
involvesrapidlycyclingthrough
acomprehensivelistofpossiblepasswords
ordecryptionkeys,untilthecorrectone
isentered.Brute-forceattackscommonly
succeedduetoweakpasswordsand/or
humanerrororlaxness.Often,abrute-force
attackiscombinedwithadictionaryattack,
whichusesalonglistofwordstakenfrom
dictionariesandpopularculturereferences.
Unlikeastandardbrute-forceattack,
adictionaryattackuseswordsthatare
thoughttobethemostlikelytosucceed.
A
ADWARE
AdwareisF-Secure’sclassificationnameforsoftwarethat
displaysadvertisementsonthecomputersordevices.
Theadvertisementsmaybedisplayedonthedesktopor
duringawebbrowsingsession.Adwareisoftenbundled
withfreesoftwarethatprovidessomefunctionalityto
theuser.Revenuefromtheadvertisingisusedtooffset
thecostofdevelopingthesoftware,whichistherefore
knownas‘ad-supported’.
ATTACK SURFACE
Codethatisactiveinatargetsystemandsomehow
involvedinprocessinginputthatcanbeusedinattacks.
Anyvulnerabilitiesthatcanbeexploitedarepartof
attacksurface.Thebasicidea insecurityistodisableall
unnecessaryfeaturesinsoftware,andthuslimitattack
surfaces.Disablingcodeinthismanner preventsitfrom
beingexploited-evenifitcontainsa vulnerability.
ATTACK VECTOR
Method of contact used to
attack victims. Examples of
typical attack vectors include
email, the web, and USB media.
4SWITCH ON FREEDOM
CYBER ATTACK
Cyberattackstargetcomputerized
infrastructure,andcanthereforeproduce
affectsoutsideofthecomputingdomain.
Effectsarewhatdefinecyberattacks,not
methods.Ifadenial-of-serviceattackagainst
abankwebsitecrashespaymentprocessing
servers,andpreventspeoplefrompayingfor
thingswithcreditcardsorwithdrawingmoney
fromanATM,itisacyberattack.Anattack
againstahobbygameservermaybetechnically
identical,butifitonlyaffectsthatparticular
game,itwouldnotbeconsideredacyberattack.
CYBER SECURITY
Security that focuses on preventing
cyber attacks. Basically the same as
information security, except that
one should also consider the effects
that attackers can produce once they
have control of corporate systems and
build custom security mechanisms for
critical resources. A typical example
would be restricting the network
connections for workstations with
access to a corporate bank account,
or a production line controller
computer, etc. Cyber security is also
used by less honest consultants as a way
to rename everything that used to be
called information security in order to
charge bigger fees from customers.
CYBER ESPIONAGE
Espionage using
computers as tools for
espionage. It typically
involves hacking or using
malware to break into
corporate computers and
stealing information.
C
CLIENT / ENDPOINT
PC/Mac workstation or laptop,
or a mobile phone. Basically
anything that runs code, and
capable of running security
software. The basic definition
of a client is a device that can
run independent applications,
while a terminal is just a screen
that input access to computer
that is somewhere else.
CLOUD SECURITY
Security that is provided from a remote server.
The benefit of cloud security is that a remote
server receives information from multiple
sources, so it can make better decisions.
Another security benefit of cloud security
is that attackers cannot reverse engineer
security features that are implemented
at remote cloud server.
COMMAND AND CONTROL / C2
The command and control(C&C, or CC)
server of a botnet is the main control
point for the entire network of enslaved
computers.
5SWITCH ON FREEDOM
D
DATA BREACH
An incident that involves data
leaking from an organization
as the result of a successful attack.
DDOS
AtypeofattackconductedovertheInternet,using
thecombinedresourcesofmanycomputersto
bombard,andfrequentlycrash,atargetedcomputer
systemorresource(e.g.,aprogram,websiteor
network).Therearevarioustypesof distributed
denial-of-service (DDoS) attacksthatcanbe
conductedindifferentways basedonhowtheattack
isconducted.DDoSattacksaresometimesincluded
aspartofawormortrojan’spayload-allinfected
computersaredirectedtoattacktheselectedtarget.
DDoSattacksarealsooftenperformedbybotnets,
asthecombinedresourcesofallthecomputersin
thebotnetcangenerateaterrificamountofdata,
enoughtooverwhelmmosttarget’sdefenseswithin
seconds.DDoSattackshavebecomeoneofthemore
dangerousmenacesofthemodernInternet.
DLP
Data Leakage Prevention -
a software or service used to detect
and possibly prevent information/
data breaches.
DOMAIN
A domain name (e.g. www.f-secure.com) is a human-friendly
text string given to identify a specific resource on the Internet –
in most cases, a website. Each domain name maps to a specific
IP address. Domain names are used because IP addresses, which
are what the computers use to identify common resources,
aren’t easy for humans to remember. Domain names are a part
of the hierarchical Domain Name System (DNS) used to organize
all resources on the Internet.
DRIVE-BY DOWNLOAD
The automatic download of a program from a visited website
onto a user’s computer, almost always without their knowledge
or authorization. Drive-by downloads are often used in conjunction
with Search Engine Optimization (SEO) attacks, in which search
engine results are poisoned in order to redirect users to a malicious
site where the drive-by attack can take place. The term ‘drive-by
download’ is most frequently used to describe the situation of a
website forcibly and silently downloading malware on to a visitor’s
system, but clicking on pop-up ads or viewing an email message
may also result in the user being subjected to this attack.
6SWITCH ON FREEDOM
E
ENCRYPTION
The use of a cipher or algorithm to transform data, such
as a program’s code, into an unintelligible form. There are many
different ways to perform encryption, based on the algorithm
or cipher used. Some examples of encryption algorithms include
ROT13 and the Vigenere cipher. Encryption usually requires a
specific piece of information (a ‘key’) in order to transform the
encrypted information back to a usable state when necessary.
The simplest form of encryption uses a static unchanging key;
more sophisticated encryption may involve changes in the key
itself as well as the code to be transformed. Virus writers use
encryption to create encrypted viruses, which are harder for
antivirus programs to detect. Once installed, the encrypted virus
uses the key to decrypt its own code and execute it.
HACKING
Act of breaking into workstations,
servers or mobile phones through
a network or other connection.
A typical example of hacking would
be someone finding a vulnerability
in a server and then using an exploit
against that vulnerability to access
the system.
HEURISTICS
Reasoning based automation that is used to
detect malware or other attacks. Both clients
and servers in security clouds use heuristics.
Basically, heuristics model human decisions
for computer programs, allowing those
programs to automate decision making
processes. F-Secure uses heuristics to detect
malware and other types of attacks.
EXPLOIT VS EXPLOIT KIT
Exploit: An object - a program, a section of code, even a string of characters - that takes
advantage of a vulnerability in a program or operating system to perform various actions.
An exploit is almost always used in a malicious context. If successfully used, exploits can
provide an attacker with a wide range of possible actions, from viewing data on a restricted-
user database to almost complete control of a compromised system. Exploit kit: A server
which has a selection of exploits targeting vulnerabilities in several softwares or versions,
and a capability to analyze the client and select proper exploit. Typical exploit kit has
a selection of exploits for different web browsers and plugins.
HACKTIVISM
Type of activism which uses hacking in order
to push some agenda. Most typical cases of
hacktivism involve website defacement in
which attackers gain control of a web page
and change it to show political or other
messages. Twitter, Facebook and other
social media accounts are often seized for
hacktivism purposes.
HARDENING
Improving the security of a server
or workstation by modifying
security, server or application
settings. A typical example of
hardening would be to reduce an
attack surface by disabling features
that are not needed by a client or
server application. For example,
disabling JavaScript from a PDF
reader will break most PDF exploits.
H
7SWITCH ON FREEDOM
K
L
M
KEYLOGGER
A program or hardware component that surreptitiously monitors and stores all the strokes
typed into a device’s keyboard. Some keylogger programs will also forward the stored
information to an external server for easier retrieval by the attacker. Keyloggers are typically
used by attackers to steal vital information such as personal details, credit card details, online
account login credentials, and so on. The stolen information can then be used to perpetrate
crimes such as identity theft, online fraud, monetary theft, and so on. Keylogger programs
are typically installed on a device by other malware, though they may also be manually
installed by an attacker with physical access to a device. Hardware components must
be manually installed.
MAN-IN-THE-MIDDLE ATTACK
A type of attack that involves an undetected third-party actively
eavesdropping and controlling communications between
two systems. The specific technical details of how the attack
is performed depends on the type of communication being
intercepted (wireless, Internet, mail, etc.), but for it to be
successful, the attacker must be able to impersonate each side
of the dialogue and convince them that the communication is
private and authentic. MITM attacks are usually done in order
to intercept or modify messages sent between the two systems,
or to inject false information.
LAYERED PROTECTION
A protection principle in which multiple methods are used to
protect against attacks. Layered protection is based on the
reality that it is almost impossible to make one security solution
that can stop 100% of attacks. Providing layered protection
requires the use of multiple technologies in security solutions.
ONLINE SCAMS = PHISHING
A type of social engineering attack in which fraudulent communications are used to trick the
user into giving out sensitive information, such as passwords, account information, and other
details. Phishing is a criminal activity in many jurisdictions. A phishing attack usually involves a
fake communication, often supposedly from a trusted corporation or institution that requires
some kind of response from the user. Usually, the subject matter is enticing or alarming, to
motivate the user into complying. Victims are then directed to a specific (usually fraudulent)
website in order to trick them into providing information to the attackers. Phishing attempts
are most commonly done via email, but attempts made by instant messages, SMS messages,
and even voicemail are also known. Malware may also drop phishing communications as part
of their payload. Phishing can often be executed using spam emails, but targeted phishing
attacks can also occur. The information stolen can have considerable value to a criminal, but
its loss can be even more significant to the victim. Such information theft is rapidly becoming
a major concern for law enforcement agencies and web service operators worldwide.O
8SWITCH ON FREEDOM
P
PATCHING
Aprogramor pieceofcodeissuedbya program
vendor tofix issuesina programor operating
system.Patchesareusuallyissuedtofix bugs,
vulnerabilitiesor usabilityissues.Agoodsecurity
practiceistoinstallpatchesassoonaspossibleafter
theyarereleased.Unfortunately,for manybusinesses
andhomeusers,theremaybea significantdelay
betweenthetimea patchisreleasedandwhen
itisinstalledonanaffectedapplication
or machine,leavingthemvulnerabletoattacks.
RANSOMWARE
Amaliciousapplicationthatstealsor encryptsa user’s
dataorsystem,thendemandsa ransompaymentto
restorethedataornormalsystemaccess.Ransomware
programstypicallyencryptfilesona computer or device,
thendisplaysamessagestatingthattheuser needsto
payacertainsuminaspecifiedmanner.Thespecifics
ofhowtheencryptionisdone,thekindofmessage
displayed,andthepaymentmethodtobeusedusually
differbasedontheransomwarefamilyinvolved.Thisform
ofextortionworksontheassumptionthattheuser values
thedataenoughtopayforitsrecovery.However,there
isnoguaranteeofactualrecovery,evenafter a payment
ismade.Asencryptionisusuallyextremelydifficultto
break,thebestsafeguardagainstlosingaccesstocritical
datathiswayistokeepup-to-datebackupsofyour files
inaseparate,unconnectedlocationor device.
Up-to-dateantivirusprotectionanduser cautionarealso
keyinavoidingunintentional contactwithransomware.R REMOTE CODE EXECUTION
In computer security, remote code execution means
that an outside party being able to run arbitrary
commands on a target machine or in a target process,
almost always with malicious intent. Remote code
execution is usually the goal of a system or program
exploit, as it essentially means an attacker can take
complete control of the compromised machine.
REPUTATION
Information about whether
an application, URL or some
object is malicious, known
to be clean, or unknown.
Reputation is the information
that is used for whitelisting or
blacklisting applications.
9SWITCH ON FREEDOM
SANDBOXING
An isolated, tightly controlled virtual environment that
replicates a normal computer system. Sandboxes are usually
virtual machines installed as a completely contained entity
on a host, or ‘real’ machine. Security researchers often use
sandboxes to run and examine suspect, untested or malicious
code without risking damage to their actual systems. Modern
antivirus programs also use sandboxes to run suspicious
programs found on a device, which allows the program to
be scanned in order to examine its behavior. If the suspect
program performs a harmful routine within the sandbox, it can
be identified as malicious without affecting the actual machine.
As malware evolves constantly, some sophisticated threats are
now ‘VM-aware’. They first check for the presence of a virtual
machine or sandbox on the system. If found, the malware
can refuse to run, or even uninstall itself as a precaution
against detection.
S
SOCIAL ENGINEERING
A general term used to describe attacks that leverage
psychological or social pressures to dupe an unsuspecting victim
into providing sensitive information such as passwords, account
details and so on. Social engineering attacks can take place both
online and offline. Online social engineering attacks usually
take the form of phishing or pharming attempts, which present
unsuspecting users with legitimate looking emails or websites
in order to convince potential victims to part with important
information or money. Another form of online social engineering
involves convincing a user to download a file, usually in the
guise of a security or application update, game or other desired
program. However, once downloaded and run, the file turns out
to be something entirely different, and almost always malicious.
Social engineering attacks tend to be effective in spite of their
simplicity, as they exploit natural human tendencies based on
trust, desire and curiosity.
SPEAR-PHISHING
Phishing in which the attacker has studied the target and
is able to personalize the attack to make it more credible.
Spearphishing is also used for sending malicious documents
with customized content, while conventional phishing attacks
are used to describe attacks which rely for scams rather than
malware or exploits.
10SWITCH ON FREEDOM
SQL INJECTION
A type of attack that exploits poor user-input filtering to inject and run executable
commands in improperly configured Structured Query Language (SQL) databases.
Technically, a few types of SQL injection attacks are possible, but the end result of all
successful SQL injection attacks is that an attacker can manipulate or gain total control over
the database. SQL databases are a common feature of many applications. Often, companies
will use such databases for vital operations such as payrolls and customer records. The
most commonly reported attacks are launched against databases that can be accessed
via a website, simply because these databases are much easier for a hacker to reach. SQL
databases are commonly used on websites with dynamic content, making them popular
targets for hackers. SQL injection attacks only work against databases that don’t sanitize
user input properly. Whenever a user interacts with a database, such as by trying to log into
a “Members Only” section of a website, any input they provide should be ‘sanitized’, or
checked to make sure it doesn’t contain invalid characters. Poor or improper checking of the
data input may cause programming errors, which an alert or malicious user can then exploit.
SPYWARE
Aprogramdesignedtocompromisepersonalor confidential
information.Spywarecanbe installedona systemwithouta user’s
authorizationorknowledge.Spywarecanvarywidelyinthekinds
ofactionstheyperform.Somecommonactionsincludedisplaying
unsolicitedpop-ups,hijackinga browser’shomeor searchpages,
redirectingbrowsingresults,andmonitoringuser activities.These
actionsmayborderon,orbeoutrightconsidered,asmalicious.
Spywareissometimesconsidereda grayarea intermsofethics
andlegality.Dependingonthespecific action,contextofuseand
applicablelaws,spywaremay belegalandacceptable,dubious
butunlegislated,oroutrightillegalandunethical.Complicating
theissueisthatsomespywareisnotintentionallydesignedas
such.Instead,programmingerrorsmayresultinthemperforming
actionsthatmakethembehavelikespyware.Oncetheflawsare
corrected,theprogrammaythenbereclassified.
S
SPOOFING
The act of falsifying characteristics or data. Spoofing is usually
done in order to conduct malicious activities. For example, if
a spam email’s header is replaced with a false sender address
in order to hide the actual source of the spam, the email
header is said to be ‘spoofed’. An attack can also involve
elements of spoofing, as it prevents or complicates the
process of identifying the correct source of the attack. There
are many kinds of such ‘spoofing attacks’: email spoofing,
Internet Protocol spoofing, URL spoofing, and so on.
11SWITCH ON FREEDOM
TCP
Transmission
Control Protocol,
the most commonly
used networking
protocol used to send
packages through
the Internet.
UNWANTED SOFTWARE/APP
Software that is not malware, but has annoying
or intrusive features that make it something
most people would prefer not to run. A typical
example would be adware that focuses only
on information gathering, and does not display
advertisements by itself.
T
U
TROJAN
This is a deceptive program that performs additional actions
without the user’s knowledge or permission. It does not
replicate itself. Trojans were named after the Trojan Horse of
Greek legend, and are sometimes referred to as Trojan Horse
programs. Quite often, the Trojan will have, or pretend to have,
a functionality that offers a useful service to the user -
a screensaver, a utility program, a service pack or application
update and so on - in order to encourage the user to run the
file. While the legitimate action is executing, the Trojan silently
performs its unauthorized routines in the background.
The effects of a Trojan’s payload on a computer system can
range from mildly annoying pranks (like changing desktop icon
positions) to serious, user-inhibiting functions (like disabling
the keyboard or mouse). They can even produce critically
destructive actions (like erasing files or stealing data). Trojans
can cause significant damage by stealing financially sensitive
data such as bank account credentials, or personal information
that can be used for identity theft. There are numerous types
of Trojans, and they can be categorized based on the malicious
action(s) they perform.
TWO-FACTOR
AUTHENTICATION
User login method that requires
information in addition to
a username and password.
A typical example of two-factor
authentication would
be verification through an SMS.
VULNERABILITY
A flaw or security loophole in a program, web service, network, or operating system that
allows a user or attacker to perform unintended actions, or gain unauthorized access.
A vulnerability can be a flaw in a program’s fundamental design, a bug in its code that allows
improper usage of the program, or simply weak security practices that allow attackers to
access the program without directly affecting its code. Fixing a vulnerability requires the
program vendor to create a patch (adding or changing the source code to rectify the flaw
or loophole) and distribute it to all users of the vulnerable product to protect them from
possible exploitation. A publicly announced vulnerability is often targeted by attackers, who
attempt to exploit it before the vendor can create and release a patch (known as a zero-day
attack). Unfortunately, there is often a significant time gap between when a patch is released,
and when it is installed on a vulnerable machine. During that time, the machine remains
exposed to attacks targeting the vulnerability.
V
12SWITCH ON FREEDOM
ZOMBIE (IN CONNECTION TO BOTNETS)
Acomputer,serverormobiledevicethathasbeeninfectedwithspecializedmalwareknown
asabot,whichallowsanattacker tocontrolit.Azombiemachineisalsooftenknownasa bot.
Zombieorbotmachinesareusuallyropedintoa network ofsimilarlyinfecteddevices,known
asabotnet.Thiscollectivegroupofcontrolledmachinesisunder thecontroloftheattacker(s),
whocanbereferredtoasthe botnetcontroller,operator or botherder.Instructionsfromthe
botherdertoazombieinthebotnet- or toallofthem- areusuallysentvia a Commandand
Control(CnC)server,whichrelaysthecommands.TheCnCserver couldbea server,a malicious
orcompromisedwebsite,orevena hijackedsocialmedia account.Somebotnetsalsousea
peer-to-peer(P2P)commandstructure,sothatinstructionsarerelayedbetweeninfected
machines,makingitmuchharder totracetheattacker(s).Thecollectiveresourcesofallthe
machinesinabotnetareoftenusedfor maliciousactivity,suchaslaunchingdistributeddenial
ofservice(DDoS)attacks,sendingoutspam,andsoon.Often,thelegitimateowner or user
ofazombiemachinehasnoidea thatthedevicehasbeenhijackedandputtonefarioususe.
WORM
A program that replicates by sending copies of itself
from one infected system to other systems or devices
accessible over a network. Though most worms only
focus on self-propagating, some also include other
malicious actions in their payload - for example,
installing other malware, changing system settings, and
so on. A worm is usually classified based on the type of
network it uses to spread, such as the Internet, email,
IRC chat channels, peer-to-peer networks, Bluetooth,
SMS, or social media networks. A worm-infected
machine can suffer from productivity and network
issues if the malware’s propagation takes up too
much of the system’s resources. If many machines in a
network are simultaneously sending out worm copies,
the entire network may be affected, causing significant
disruption and inconvenience.
WHALING
Whaling is basically the
same as spear-phishing, i.e.
a type of social engineering
attack in which fraudulent
communications are used
to trick the user into giving
out sensitive information.
The difference is, however,
in the target. Whaling refers
to specifically highly targeted
attacks against the executives
and other high profile targets.
These targets hold business
critical data, and are worth
the extra effort of catching
the “big phis”.
ZERO-DAY
Azero-dayvulnerabilityisa vulnerabilitythatisstillunknownto
thevendor,andtherefore,unpatched.Attacksthatareperformed
beforethevulnerabilityhasa publiclyavailablepatch,or even
beforetheyareknowntothevendor arecalledzerodayattacks.
Evenafter a patchbecomespubliclyavailable,thereisoftena
timegapbeforemostcompaniesor homesuserscaninstallthe
patchona vulnerablemachine,whichgivesattackersanadditional
opportunitytoperforma successfulattack.Duetothehigh
chanceofattackerstargetinga vulnerabilitythathasbeenrecently
announced,manysecurityresearcherswillwork quietlywith
vendorstocreateandreleasethepatchfor a vulnerabilitybefore
publishingthenewstothegeneralpublic.
W
Z
Copyright © 2014-2015 F-Secure – All rights reserved.
Learn more about
F-Secure Labs
on our website.
Business Security Insider by F-Secure
Your information source for the latest news and insights into
cyber security and IT security for businesses.
WEBLOG - LATEST FROM THE LABS
Updates on research done by F-Secure Labs, and views on the latest
developments in information security and digital technology.
GET SOLUTIONS & GET INFORMED
Find a solution for a security concern with one of our free tools, or learn
more about threats and products in our descriptions and advisories.
REMOVAL TOOLS
Use these free tools to scan and remove malicious programs.
THREAT DESCRIPTIONS
Details of threats identified by F-Secure Labs.
SECURITY ADVISORIES
Details and fixes of all the vulnerabilities affecting F-Secure products.
1
2
3

Más contenido relacionado

La actualidad más candente

Making Threat Management More Manageable
Making Threat Management More ManageableMaking Threat Management More Manageable
Making Threat Management More ManageableIBM Security
 
Report on Rogue Security Software
Report on Rogue Security SoftwareReport on Rogue Security Software
Report on Rogue Security SoftwareSymantec Italia
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)Zara Nawaz
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)Aj Maurya
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems  and Intrusion Prevention Systems Intrusion Detection Systems  and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
IRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection MethodsIRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection MethodsIRJET Journal
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAkhil Kumar
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomwareOsirium Limited
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemMohit Belwal
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)shraddha_b
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysisBikrant Gautam
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyOPSWAT
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3Education
 

La actualidad más candente (20)

Making Threat Management More Manageable
Making Threat Management More ManageableMaking Threat Management More Manageable
Making Threat Management More Manageable
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Report on Rogue Security Software
Report on Rogue Security SoftwareReport on Rogue Security Software
Report on Rogue Security Software
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
 
Dickmaster
DickmasterDickmaster
Dickmaster
 
Demo
DemoDemo
Demo
 
intrusion detection system (IDS)
intrusion detection system (IDS)intrusion detection system (IDS)
intrusion detection system (IDS)
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
 
intruders types ,detection & prevention
intruders types ,detection & preventionintruders types ,detection & prevention
intruders types ,detection & prevention
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems  and Intrusion Prevention Systems Intrusion Detection Systems  and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
IRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection MethodsIRJET- A Survey on Android Ransomware and its Detection Methods
IRJET- A Survey on Android Ransomware and its Detection Methods
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Preventing lateral spread of ransomware
Preventing lateral spread of ransomwarePreventing lateral spread of ransomware
Preventing lateral spread of ransomware
 
OSCh19
OSCh19OSCh19
OSCh19
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)
 
Network intrusion detection system and analysis
Network intrusion detection system and analysisNetwork intrusion detection system and analysis
Network intrusion detection system and analysis
 
Malware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny CzarnyMalware and Anti-Malware Seminar by Benny Czarny
Malware and Anti-Malware Seminar by Benny Czarny
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
 

Similar a Security A to Z: Glossary of the most important terms

INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptxbabepa2317
 
V1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docV1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docpraveena06
 
Detection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service AttacksDetection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service Attacksijdmtaiir
 
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdfImplications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdfsrtwgwfwwgw
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptxKhappiyo
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesSymantec
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanannewbie2019
 
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackRSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackDan Gunter
 
ransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxdawitTerefe5
 
Ch19 OS
Ch19 OSCh19 OS
Ch19 OSC.U
 
Computing safety
Computing safetyComputing safety
Computing safetyBrulius
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 

Similar a Security A to Z: Glossary of the most important terms (20)

INTERNET SECURITY.pptx
INTERNET SECURITY.pptxINTERNET SECURITY.pptx
INTERNET SECURITY.pptx
 
V1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.docV1_I2_2012_Paper4.doc
V1_I2_2012_Paper4.doc
 
Detection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service AttacksDetection of Distributed Denial of Service Attacks
Detection of Distributed Denial of Service Attacks
 
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdfImplications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
Basics of hacking
Basics of hackingBasics of hacking
Basics of hacking
 
Computer security 7.pptx
Computer security 7.pptxComputer security 7.pptx
Computer security 7.pptx
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
cybersecurity
cybersecuritycybersecurity
cybersecurity
 
RSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System HackRSAC 2021 Spelunking Through the Steps of a Control System Hack
RSAC 2021 Spelunking Through the Steps of a Control System Hack
 
ransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptx
 
OS_Ch19
OS_Ch19OS_Ch19
OS_Ch19
 
Ch19 OS
Ch19 OSCh19 OS
Ch19 OS
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 
Computing safety
Computing safetyComputing safety
Computing safety
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guide
 
Network security
Network securityNetwork security
Network security
 

Más de F-Secure Corporation

How do you predict the threat landscape?
How do you predict the threat landscape?How do you predict the threat landscape?
How do you predict the threat landscape?F-Secure Corporation
 
Got hacked? It’s too late to run now!
Got hacked? It’s too late to run now!Got hacked? It’s too late to run now!
Got hacked? It’s too late to run now!F-Secure Corporation
 
The Real Costs of SIEM vs. Managed Security Service
The Real Costs of SIEM vs. Managed Security ServiceThe Real Costs of SIEM vs. Managed Security Service
The Real Costs of SIEM vs. Managed Security ServiceF-Secure Corporation
 
Les attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espace Les attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espace F-Secure Corporation
 
Les attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espaceLes attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espaceF-Secure Corporation
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
 
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3F-Secure Corporation
 
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2F-Secure Corporation
 
Cyber security webinar part 1 - Threat Landscape
Cyber security webinar part 1 - Threat LandscapeCyber security webinar part 1 - Threat Landscape
Cyber security webinar part 1 - Threat LandscapeF-Secure Corporation
 
F secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF-Secure Corporation
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
 
Best business protection for windows
Best business protection for windowsBest business protection for windows
Best business protection for windowsF-Secure Corporation
 
Six things to take into account when choosing cloud solutions
Six things to take into account when choosing cloud solutionsSix things to take into account when choosing cloud solutions
Six things to take into account when choosing cloud solutionsF-Secure Corporation
 
Small and midsize business security is big business
Small and midsize business security is big businessSmall and midsize business security is big business
Small and midsize business security is big businessF-Secure Corporation
 
大きなビジネスを生み出す中小中堅企業
大きなビジネスを生み出す中小中堅企業大きなビジネスを生み出す中小中堅企業
大きなビジネスを生み出す中小中堅企業F-Secure Corporation
 
Why should you care about government surveillance?
Why should you care about government surveillance?Why should you care about government surveillance?
Why should you care about government surveillance?F-Secure Corporation
 
Arbeta var du vill- eBook om modern mobilitet
Arbeta var du vill- eBook om modern mobilitetArbeta var du vill- eBook om modern mobilitet
Arbeta var du vill- eBook om modern mobilitetF-Secure Corporation
 

Más de F-Secure Corporation (20)

Post-mortem of a data breach
Post-mortem of a data breachPost-mortem of a data breach
Post-mortem of a data breach
 
How do you predict the threat landscape?
How do you predict the threat landscape?How do you predict the threat landscape?
How do you predict the threat landscape?
 
Got hacked? It’s too late to run now!
Got hacked? It’s too late to run now!Got hacked? It’s too late to run now!
Got hacked? It’s too late to run now!
 
The Real Costs of SIEM vs. Managed Security Service
The Real Costs of SIEM vs. Managed Security ServiceThe Real Costs of SIEM vs. Managed Security Service
The Real Costs of SIEM vs. Managed Security Service
 
Les attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espace Les attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espace
 
Les attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espaceLes attaques menées depuis la France dans le cyber espace
Les attaques menées depuis la France dans le cyber espace
 
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?
 
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3
 
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2
 
Cyber security webinar part 1 - Threat Landscape
Cyber security webinar part 1 - Threat LandscapeCyber security webinar part 1 - Threat Landscape
Cyber security webinar part 1 - Threat Landscape
 
F secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and managementF secure Radar vulnerability scanning and management
F secure Radar vulnerability scanning and management
 
F-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior controlF-Secure Policy Manager - onsite security management with superior control
F-Secure Policy Manager - onsite security management with superior control
 
The State of the Net in India
The State of the Net in IndiaThe State of the Net in India
The State of the Net in India
 
Best business protection for windows
Best business protection for windowsBest business protection for windows
Best business protection for windows
 
Six things to take into account when choosing cloud solutions
Six things to take into account when choosing cloud solutionsSix things to take into account when choosing cloud solutions
Six things to take into account when choosing cloud solutions
 
Small and midsize business security is big business
Small and midsize business security is big businessSmall and midsize business security is big business
Small and midsize business security is big business
 
大きなビジネスを生み出す中小中堅企業
大きなビジネスを生み出す中小中堅企業大きなビジネスを生み出す中小中堅企業
大きなビジネスを生み出す中小中堅企業
 
Why should you care about government surveillance?
Why should you care about government surveillance?Why should you care about government surveillance?
Why should you care about government surveillance?
 
Arbeta var du vill- eBook om modern mobilitet
Arbeta var du vill- eBook om modern mobilitetArbeta var du vill- eBook om modern mobilitet
Arbeta var du vill- eBook om modern mobilitet
 
Psb mobile security
Psb mobile securityPsb mobile security
Psb mobile security
 

Último

Zero-day Vulnerabilities
Zero-day VulnerabilitiesZero-day Vulnerabilities
Zero-day Vulnerabilitiesalihassaah1994
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsRoxana Stingu
 
world Tuberculosis day ppt 25-3-2024.pptx
world Tuberculosis day ppt 25-3-2024.pptxworld Tuberculosis day ppt 25-3-2024.pptx
world Tuberculosis day ppt 25-3-2024.pptxnaveenithkrishnan
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Shubham Pant
 
Presentation2.pptx - JoyPress Wordpress
Presentation2.pptx -  JoyPress WordpressPresentation2.pptx -  JoyPress Wordpress
Presentation2.pptx - JoyPress Wordpressssuser166378
 
A_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptx
A_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptxA_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptx
A_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptxjayshuklatrainer
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSedrianrheine
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteMavein
 
Niche Domination Prodigy Review Plus Bonus
Niche Domination Prodigy Review Plus BonusNiche Domination Prodigy Review Plus Bonus
Niche Domination Prodigy Review Plus BonusSkylark Nobin
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSlesteraporado16
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfmchristianalwyn
 
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024Jan Löffler
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdfIntroduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdfShreedeep Rayamajhi
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxnaveenithkrishnan
 

Último (15)

Zero-day Vulnerabilities
Zero-day VulnerabilitiesZero-day Vulnerabilities
Zero-day Vulnerabilities
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
 
world Tuberculosis day ppt 25-3-2024.pptx
world Tuberculosis day ppt 25-3-2024.pptxworld Tuberculosis day ppt 25-3-2024.pptx
world Tuberculosis day ppt 25-3-2024.pptx
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024
 
Presentation2.pptx - JoyPress Wordpress
Presentation2.pptx -  JoyPress WordpressPresentation2.pptx -  JoyPress Wordpress
Presentation2.pptx - JoyPress Wordpress
 
A_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptx
A_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptxA_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptx
A_Z-1_0_4T_00A-EN_U-Po_w_erPoint_06.pptx
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a Website
 
Niche Domination Prodigy Review Plus Bonus
Niche Domination Prodigy Review Plus BonusNiche Domination Prodigy Review Plus Bonus
Niche Domination Prodigy Review Plus Bonus
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
 
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdfIntroduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptx
 

Security A to Z: Glossary of the most important terms

  • 2. 2SWITCH ON FREEDOM UNDERSTAND THEOFFICIAL TERMINOLOGY. This is F-Secure Labs. Learnmoreaboutthemostimportantsecuritytermswith ourofficialexplanationsfromF-SecureLabs. A to Z
  • 3. 3SWITCH ON FREEDOM B BACKDOOR A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network. These utilities may be legitimate, and may be used for legitimate reasons by authorized administrators, but they may also be misused by attackers. A backdoor is usually able to gain control of a system because it exploits vulnerabilities, bugs or undocumented processes in the system’s code. BANKING FRAUD / TROJAN Malware that attackers use to access their victim’s online banking. BOTNET Anetwork ofdevicesinfectedwith a specializedformofmalwareknownas a botthatcanberemotelycontrolledbyan attacker,usuallyvia a command-and-control (C&C) server.Eachinfectedcomputer may beknownasa bot,a zombiecomputer,or a zombie.Anattacker,or groupofattackers, canharnessthecollectiveresourcesof a botnettoperformmajor maliciousactions, suchassendingmillionsofspamemails, launchinga distributeddenial-of-service (DDoS),attack andmuchmore. BRUTE-FORCE ATTACK Atypeofattackthattypicallytargets authenticationmechanismssuchas passwords.Abrute-forceattackisan exhaustive,trial-and-errorattemptthat involvesrapidlycyclingthrough acomprehensivelistofpossiblepasswords ordecryptionkeys,untilthecorrectone isentered.Brute-forceattackscommonly succeedduetoweakpasswordsand/or humanerrororlaxness.Often,abrute-force attackiscombinedwithadictionaryattack, whichusesalonglistofwordstakenfrom dictionariesandpopularculturereferences. Unlikeastandardbrute-forceattack, adictionaryattackuseswordsthatare thoughttobethemostlikelytosucceed. A ADWARE AdwareisF-Secure’sclassificationnameforsoftwarethat displaysadvertisementsonthecomputersordevices. Theadvertisementsmaybedisplayedonthedesktopor duringawebbrowsingsession.Adwareisoftenbundled withfreesoftwarethatprovidessomefunctionalityto theuser.Revenuefromtheadvertisingisusedtooffset thecostofdevelopingthesoftware,whichistherefore knownas‘ad-supported’. ATTACK SURFACE Codethatisactiveinatargetsystemandsomehow involvedinprocessinginputthatcanbeusedinattacks. Anyvulnerabilitiesthatcanbeexploitedarepartof attacksurface.Thebasicidea insecurityistodisableall unnecessaryfeaturesinsoftware,andthuslimitattack surfaces.Disablingcodeinthismanner preventsitfrom beingexploited-evenifitcontainsa vulnerability. ATTACK VECTOR Method of contact used to attack victims. Examples of typical attack vectors include email, the web, and USB media.
  • 4. 4SWITCH ON FREEDOM CYBER ATTACK Cyberattackstargetcomputerized infrastructure,andcanthereforeproduce affectsoutsideofthecomputingdomain. Effectsarewhatdefinecyberattacks,not methods.Ifadenial-of-serviceattackagainst abankwebsitecrashespaymentprocessing servers,andpreventspeoplefrompayingfor thingswithcreditcardsorwithdrawingmoney fromanATM,itisacyberattack.Anattack againstahobbygameservermaybetechnically identical,butifitonlyaffectsthatparticular game,itwouldnotbeconsideredacyberattack. CYBER SECURITY Security that focuses on preventing cyber attacks. Basically the same as information security, except that one should also consider the effects that attackers can produce once they have control of corporate systems and build custom security mechanisms for critical resources. A typical example would be restricting the network connections for workstations with access to a corporate bank account, or a production line controller computer, etc. Cyber security is also used by less honest consultants as a way to rename everything that used to be called information security in order to charge bigger fees from customers. CYBER ESPIONAGE Espionage using computers as tools for espionage. It typically involves hacking or using malware to break into corporate computers and stealing information. C CLIENT / ENDPOINT PC/Mac workstation or laptop, or a mobile phone. Basically anything that runs code, and capable of running security software. The basic definition of a client is a device that can run independent applications, while a terminal is just a screen that input access to computer that is somewhere else. CLOUD SECURITY Security that is provided from a remote server. The benefit of cloud security is that a remote server receives information from multiple sources, so it can make better decisions. Another security benefit of cloud security is that attackers cannot reverse engineer security features that are implemented at remote cloud server. COMMAND AND CONTROL / C2 The command and control(C&C, or CC) server of a botnet is the main control point for the entire network of enslaved computers.
  • 5. 5SWITCH ON FREEDOM D DATA BREACH An incident that involves data leaking from an organization as the result of a successful attack. DDOS AtypeofattackconductedovertheInternet,using thecombinedresourcesofmanycomputersto bombard,andfrequentlycrash,atargetedcomputer systemorresource(e.g.,aprogram,websiteor network).Therearevarioustypesof distributed denial-of-service (DDoS) attacksthatcanbe conductedindifferentways basedonhowtheattack isconducted.DDoSattacksaresometimesincluded aspartofawormortrojan’spayload-allinfected computersaredirectedtoattacktheselectedtarget. DDoSattacksarealsooftenperformedbybotnets, asthecombinedresourcesofallthecomputersin thebotnetcangenerateaterrificamountofdata, enoughtooverwhelmmosttarget’sdefenseswithin seconds.DDoSattackshavebecomeoneofthemore dangerousmenacesofthemodernInternet. DLP Data Leakage Prevention - a software or service used to detect and possibly prevent information/ data breaches. DOMAIN A domain name (e.g. www.f-secure.com) is a human-friendly text string given to identify a specific resource on the Internet – in most cases, a website. Each domain name maps to a specific IP address. Domain names are used because IP addresses, which are what the computers use to identify common resources, aren’t easy for humans to remember. Domain names are a part of the hierarchical Domain Name System (DNS) used to organize all resources on the Internet. DRIVE-BY DOWNLOAD The automatic download of a program from a visited website onto a user’s computer, almost always without their knowledge or authorization. Drive-by downloads are often used in conjunction with Search Engine Optimization (SEO) attacks, in which search engine results are poisoned in order to redirect users to a malicious site where the drive-by attack can take place. The term ‘drive-by download’ is most frequently used to describe the situation of a website forcibly and silently downloading malware on to a visitor’s system, but clicking on pop-up ads or viewing an email message may also result in the user being subjected to this attack.
  • 6. 6SWITCH ON FREEDOM E ENCRYPTION The use of a cipher or algorithm to transform data, such as a program’s code, into an unintelligible form. There are many different ways to perform encryption, based on the algorithm or cipher used. Some examples of encryption algorithms include ROT13 and the Vigenere cipher. Encryption usually requires a specific piece of information (a ‘key’) in order to transform the encrypted information back to a usable state when necessary. The simplest form of encryption uses a static unchanging key; more sophisticated encryption may involve changes in the key itself as well as the code to be transformed. Virus writers use encryption to create encrypted viruses, which are harder for antivirus programs to detect. Once installed, the encrypted virus uses the key to decrypt its own code and execute it. HACKING Act of breaking into workstations, servers or mobile phones through a network or other connection. A typical example of hacking would be someone finding a vulnerability in a server and then using an exploit against that vulnerability to access the system. HEURISTICS Reasoning based automation that is used to detect malware or other attacks. Both clients and servers in security clouds use heuristics. Basically, heuristics model human decisions for computer programs, allowing those programs to automate decision making processes. F-Secure uses heuristics to detect malware and other types of attacks. EXPLOIT VS EXPLOIT KIT Exploit: An object - a program, a section of code, even a string of characters - that takes advantage of a vulnerability in a program or operating system to perform various actions. An exploit is almost always used in a malicious context. If successfully used, exploits can provide an attacker with a wide range of possible actions, from viewing data on a restricted- user database to almost complete control of a compromised system. Exploit kit: A server which has a selection of exploits targeting vulnerabilities in several softwares or versions, and a capability to analyze the client and select proper exploit. Typical exploit kit has a selection of exploits for different web browsers and plugins. HACKTIVISM Type of activism which uses hacking in order to push some agenda. Most typical cases of hacktivism involve website defacement in which attackers gain control of a web page and change it to show political or other messages. Twitter, Facebook and other social media accounts are often seized for hacktivism purposes. HARDENING Improving the security of a server or workstation by modifying security, server or application settings. A typical example of hardening would be to reduce an attack surface by disabling features that are not needed by a client or server application. For example, disabling JavaScript from a PDF reader will break most PDF exploits. H
  • 7. 7SWITCH ON FREEDOM K L M KEYLOGGER A program or hardware component that surreptitiously monitors and stores all the strokes typed into a device’s keyboard. Some keylogger programs will also forward the stored information to an external server for easier retrieval by the attacker. Keyloggers are typically used by attackers to steal vital information such as personal details, credit card details, online account login credentials, and so on. The stolen information can then be used to perpetrate crimes such as identity theft, online fraud, monetary theft, and so on. Keylogger programs are typically installed on a device by other malware, though they may also be manually installed by an attacker with physical access to a device. Hardware components must be manually installed. MAN-IN-THE-MIDDLE ATTACK A type of attack that involves an undetected third-party actively eavesdropping and controlling communications between two systems. The specific technical details of how the attack is performed depends on the type of communication being intercepted (wireless, Internet, mail, etc.), but for it to be successful, the attacker must be able to impersonate each side of the dialogue and convince them that the communication is private and authentic. MITM attacks are usually done in order to intercept or modify messages sent between the two systems, or to inject false information. LAYERED PROTECTION A protection principle in which multiple methods are used to protect against attacks. Layered protection is based on the reality that it is almost impossible to make one security solution that can stop 100% of attacks. Providing layered protection requires the use of multiple technologies in security solutions. ONLINE SCAMS = PHISHING A type of social engineering attack in which fraudulent communications are used to trick the user into giving out sensitive information, such as passwords, account information, and other details. Phishing is a criminal activity in many jurisdictions. A phishing attack usually involves a fake communication, often supposedly from a trusted corporation or institution that requires some kind of response from the user. Usually, the subject matter is enticing or alarming, to motivate the user into complying. Victims are then directed to a specific (usually fraudulent) website in order to trick them into providing information to the attackers. Phishing attempts are most commonly done via email, but attempts made by instant messages, SMS messages, and even voicemail are also known. Malware may also drop phishing communications as part of their payload. Phishing can often be executed using spam emails, but targeted phishing attacks can also occur. The information stolen can have considerable value to a criminal, but its loss can be even more significant to the victim. Such information theft is rapidly becoming a major concern for law enforcement agencies and web service operators worldwide.O
  • 8. 8SWITCH ON FREEDOM P PATCHING Aprogramor pieceofcodeissuedbya program vendor tofix issuesina programor operating system.Patchesareusuallyissuedtofix bugs, vulnerabilitiesor usabilityissues.Agoodsecurity practiceistoinstallpatchesassoonaspossibleafter theyarereleased.Unfortunately,for manybusinesses andhomeusers,theremaybea significantdelay betweenthetimea patchisreleasedandwhen itisinstalledonanaffectedapplication or machine,leavingthemvulnerabletoattacks. RANSOMWARE Amaliciousapplicationthatstealsor encryptsa user’s dataorsystem,thendemandsa ransompaymentto restorethedataornormalsystemaccess.Ransomware programstypicallyencryptfilesona computer or device, thendisplaysamessagestatingthattheuser needsto payacertainsuminaspecifiedmanner.Thespecifics ofhowtheencryptionisdone,thekindofmessage displayed,andthepaymentmethodtobeusedusually differbasedontheransomwarefamilyinvolved.Thisform ofextortionworksontheassumptionthattheuser values thedataenoughtopayforitsrecovery.However,there isnoguaranteeofactualrecovery,evenafter a payment ismade.Asencryptionisusuallyextremelydifficultto break,thebestsafeguardagainstlosingaccesstocritical datathiswayistokeepup-to-datebackupsofyour files inaseparate,unconnectedlocationor device. Up-to-dateantivirusprotectionanduser cautionarealso keyinavoidingunintentional contactwithransomware.R REMOTE CODE EXECUTION In computer security, remote code execution means that an outside party being able to run arbitrary commands on a target machine or in a target process, almost always with malicious intent. Remote code execution is usually the goal of a system or program exploit, as it essentially means an attacker can take complete control of the compromised machine. REPUTATION Information about whether an application, URL or some object is malicious, known to be clean, or unknown. Reputation is the information that is used for whitelisting or blacklisting applications.
  • 9. 9SWITCH ON FREEDOM SANDBOXING An isolated, tightly controlled virtual environment that replicates a normal computer system. Sandboxes are usually virtual machines installed as a completely contained entity on a host, or ‘real’ machine. Security researchers often use sandboxes to run and examine suspect, untested or malicious code without risking damage to their actual systems. Modern antivirus programs also use sandboxes to run suspicious programs found on a device, which allows the program to be scanned in order to examine its behavior. If the suspect program performs a harmful routine within the sandbox, it can be identified as malicious without affecting the actual machine. As malware evolves constantly, some sophisticated threats are now ‘VM-aware’. They first check for the presence of a virtual machine or sandbox on the system. If found, the malware can refuse to run, or even uninstall itself as a precaution against detection. S SOCIAL ENGINEERING A general term used to describe attacks that leverage psychological or social pressures to dupe an unsuspecting victim into providing sensitive information such as passwords, account details and so on. Social engineering attacks can take place both online and offline. Online social engineering attacks usually take the form of phishing or pharming attempts, which present unsuspecting users with legitimate looking emails or websites in order to convince potential victims to part with important information or money. Another form of online social engineering involves convincing a user to download a file, usually in the guise of a security or application update, game or other desired program. However, once downloaded and run, the file turns out to be something entirely different, and almost always malicious. Social engineering attacks tend to be effective in spite of their simplicity, as they exploit natural human tendencies based on trust, desire and curiosity. SPEAR-PHISHING Phishing in which the attacker has studied the target and is able to personalize the attack to make it more credible. Spearphishing is also used for sending malicious documents with customized content, while conventional phishing attacks are used to describe attacks which rely for scams rather than malware or exploits.
  • 10. 10SWITCH ON FREEDOM SQL INJECTION A type of attack that exploits poor user-input filtering to inject and run executable commands in improperly configured Structured Query Language (SQL) databases. Technically, a few types of SQL injection attacks are possible, but the end result of all successful SQL injection attacks is that an attacker can manipulate or gain total control over the database. SQL databases are a common feature of many applications. Often, companies will use such databases for vital operations such as payrolls and customer records. The most commonly reported attacks are launched against databases that can be accessed via a website, simply because these databases are much easier for a hacker to reach. SQL databases are commonly used on websites with dynamic content, making them popular targets for hackers. SQL injection attacks only work against databases that don’t sanitize user input properly. Whenever a user interacts with a database, such as by trying to log into a “Members Only” section of a website, any input they provide should be ‘sanitized’, or checked to make sure it doesn’t contain invalid characters. Poor or improper checking of the data input may cause programming errors, which an alert or malicious user can then exploit. SPYWARE Aprogramdesignedtocompromisepersonalor confidential information.Spywarecanbe installedona systemwithouta user’s authorizationorknowledge.Spywarecanvarywidelyinthekinds ofactionstheyperform.Somecommonactionsincludedisplaying unsolicitedpop-ups,hijackinga browser’shomeor searchpages, redirectingbrowsingresults,andmonitoringuser activities.These actionsmayborderon,orbeoutrightconsidered,asmalicious. Spywareissometimesconsidereda grayarea intermsofethics andlegality.Dependingonthespecific action,contextofuseand applicablelaws,spywaremay belegalandacceptable,dubious butunlegislated,oroutrightillegalandunethical.Complicating theissueisthatsomespywareisnotintentionallydesignedas such.Instead,programmingerrorsmayresultinthemperforming actionsthatmakethembehavelikespyware.Oncetheflawsare corrected,theprogrammaythenbereclassified. S SPOOFING The act of falsifying characteristics or data. Spoofing is usually done in order to conduct malicious activities. For example, if a spam email’s header is replaced with a false sender address in order to hide the actual source of the spam, the email header is said to be ‘spoofed’. An attack can also involve elements of spoofing, as it prevents or complicates the process of identifying the correct source of the attack. There are many kinds of such ‘spoofing attacks’: email spoofing, Internet Protocol spoofing, URL spoofing, and so on.
  • 11. 11SWITCH ON FREEDOM TCP Transmission Control Protocol, the most commonly used networking protocol used to send packages through the Internet. UNWANTED SOFTWARE/APP Software that is not malware, but has annoying or intrusive features that make it something most people would prefer not to run. A typical example would be adware that focuses only on information gathering, and does not display advertisements by itself. T U TROJAN This is a deceptive program that performs additional actions without the user’s knowledge or permission. It does not replicate itself. Trojans were named after the Trojan Horse of Greek legend, and are sometimes referred to as Trojan Horse programs. Quite often, the Trojan will have, or pretend to have, a functionality that offers a useful service to the user - a screensaver, a utility program, a service pack or application update and so on - in order to encourage the user to run the file. While the legitimate action is executing, the Trojan silently performs its unauthorized routines in the background. The effects of a Trojan’s payload on a computer system can range from mildly annoying pranks (like changing desktop icon positions) to serious, user-inhibiting functions (like disabling the keyboard or mouse). They can even produce critically destructive actions (like erasing files or stealing data). Trojans can cause significant damage by stealing financially sensitive data such as bank account credentials, or personal information that can be used for identity theft. There are numerous types of Trojans, and they can be categorized based on the malicious action(s) they perform. TWO-FACTOR AUTHENTICATION User login method that requires information in addition to a username and password. A typical example of two-factor authentication would be verification through an SMS. VULNERABILITY A flaw or security loophole in a program, web service, network, or operating system that allows a user or attacker to perform unintended actions, or gain unauthorized access. A vulnerability can be a flaw in a program’s fundamental design, a bug in its code that allows improper usage of the program, or simply weak security practices that allow attackers to access the program without directly affecting its code. Fixing a vulnerability requires the program vendor to create a patch (adding or changing the source code to rectify the flaw or loophole) and distribute it to all users of the vulnerable product to protect them from possible exploitation. A publicly announced vulnerability is often targeted by attackers, who attempt to exploit it before the vendor can create and release a patch (known as a zero-day attack). Unfortunately, there is often a significant time gap between when a patch is released, and when it is installed on a vulnerable machine. During that time, the machine remains exposed to attacks targeting the vulnerability. V
  • 12. 12SWITCH ON FREEDOM ZOMBIE (IN CONNECTION TO BOTNETS) Acomputer,serverormobiledevicethathasbeeninfectedwithspecializedmalwareknown asabot,whichallowsanattacker tocontrolit.Azombiemachineisalsooftenknownasa bot. Zombieorbotmachinesareusuallyropedintoa network ofsimilarlyinfecteddevices,known asabotnet.Thiscollectivegroupofcontrolledmachinesisunder thecontroloftheattacker(s), whocanbereferredtoasthe botnetcontroller,operator or botherder.Instructionsfromthe botherdertoazombieinthebotnet- or toallofthem- areusuallysentvia a Commandand Control(CnC)server,whichrelaysthecommands.TheCnCserver couldbea server,a malicious orcompromisedwebsite,orevena hijackedsocialmedia account.Somebotnetsalsousea peer-to-peer(P2P)commandstructure,sothatinstructionsarerelayedbetweeninfected machines,makingitmuchharder totracetheattacker(s).Thecollectiveresourcesofallthe machinesinabotnetareoftenusedfor maliciousactivity,suchaslaunchingdistributeddenial ofservice(DDoS)attacks,sendingoutspam,andsoon.Often,thelegitimateowner or user ofazombiemachinehasnoidea thatthedevicehasbeenhijackedandputtonefarioususe. WORM A program that replicates by sending copies of itself from one infected system to other systems or devices accessible over a network. Though most worms only focus on self-propagating, some also include other malicious actions in their payload - for example, installing other malware, changing system settings, and so on. A worm is usually classified based on the type of network it uses to spread, such as the Internet, email, IRC chat channels, peer-to-peer networks, Bluetooth, SMS, or social media networks. A worm-infected machine can suffer from productivity and network issues if the malware’s propagation takes up too much of the system’s resources. If many machines in a network are simultaneously sending out worm copies, the entire network may be affected, causing significant disruption and inconvenience. WHALING Whaling is basically the same as spear-phishing, i.e. a type of social engineering attack in which fraudulent communications are used to trick the user into giving out sensitive information. The difference is, however, in the target. Whaling refers to specifically highly targeted attacks against the executives and other high profile targets. These targets hold business critical data, and are worth the extra effort of catching the “big phis”. ZERO-DAY Azero-dayvulnerabilityisa vulnerabilitythatisstillunknownto thevendor,andtherefore,unpatched.Attacksthatareperformed beforethevulnerabilityhasa publiclyavailablepatch,or even beforetheyareknowntothevendor arecalledzerodayattacks. Evenafter a patchbecomespubliclyavailable,thereisoftena timegapbeforemostcompaniesor homesuserscaninstallthe patchona vulnerablemachine,whichgivesattackersanadditional opportunitytoperforma successfulattack.Duetothehigh chanceofattackerstargetinga vulnerabilitythathasbeenrecently announced,manysecurityresearcherswillwork quietlywith vendorstocreateandreleasethepatchfor a vulnerabilitybefore publishingthenewstothegeneralpublic. W Z
  • 13. Copyright © 2014-2015 F-Secure – All rights reserved. Learn more about F-Secure Labs on our website. Business Security Insider by F-Secure Your information source for the latest news and insights into cyber security and IT security for businesses. WEBLOG - LATEST FROM THE LABS Updates on research done by F-Secure Labs, and views on the latest developments in information security and digital technology. GET SOLUTIONS & GET INFORMED Find a solution for a security concern with one of our free tools, or learn more about threats and products in our descriptions and advisories. REMOVAL TOOLS Use these free tools to scan and remove malicious programs. THREAT DESCRIPTIONS Details of threats identified by F-Secure Labs. SECURITY ADVISORIES Details and fixes of all the vulnerabilities affecting F-Secure products. 1 2 3