Sunday, October 13, 2019

Cybersecurity Glossary

Most common used terms in CyberSecurity:

Advanced persistent threats (APTs) This threat results in very significant damage impacting an individual organisation or a country. Attackers are willing to invest a great deal of time, money and knowledge in the attack and generally have considera- ble resources at their disposal.
Backdoor "Backdoor" refers to a software feature that allows us- ers to circumvent the usual access control of a com- puter or of a protected function of a computer program.
Bitcoin Bitcoin is a decentralised payment system that can be used worldwide, as well as the name of a digital mone- tary unit.
Bot Comes from the Slavic word “robota” meaning work. Refers to a program that automatically carries out cer- tain actions upon receiving the command. Malicious bots can control compromised systems remotely and have them carry out arbitrary actions.
Brute force Brute force is a method for solving problems in the fields of computer science, cryptology, and game the- ory based on trying out all possible cases.
CEO-Fraud CEO fraud occurs when perpetrators instruct the ac- counting or finance department in the name of the CEO to make a payment to the (typically foreign) ac-count of the scammers. Generally, the instruction is sent from a spoofed email address.
Command & control server Most bots can be monitored by a botmaster and receive commands via a communication channel. This channel is called a command & control server.
CPU / processor The CPU (central processing unit) is another term for processor, the central unit in a computer, and contains the logical circuits to run a computer program.
Cryptomining Mining creates new blocks and then adds them to the block chain. The process requires considerable pro- cessing power and is therefore remunerated.
DDoS Distributed denial of service attack. A DoS, or denial of service, attack where the victim is simultaneously at- tacked by many different systems.
Defacement Unauthorised alteration of websites.
Domain name system With the help of DNS, the internet and its services can be utilised in a user-friendly way, because users can utilise names instead of IP addresses
Downloader A downloader is a program that downloads and installs one or more instances of malware.
DriveBy-Infection nfection of a computer with malware simply by visiting a website. Often the websites concerned contain repu- table offerings and have already been compromised beforehand for the purposes of spreading the malware. The infection occurs mostly by trying out exploits for vulnerabilities not yet patched by the visitor.
E-currency services A monetary value in the form of a receivable from the issuing authority. The value is saved on a data carrier, issued in return for a sum of money – the value of which is not less than the issued monetary value – and ac- cepted by companies other than the issuing authority as a means of payment.
Exploit-Kit Toolkits with which criminals can generate programs, script or lines of code to exploit vulnerabilities in com- puter systems.
Financial agent A financial agent works as a legal money broker and thus engages in financial transfers. Recently, this term has been used in connection with illegal financial trans- actions.
Global Positioning System (GPS) Global Positioning System (GPS), officially NAVSTAR GPS, is a global navigation satellite system for deter- mining position and measuring time.
Industrial control systems (ICSs) Control systems consist of one or more devices that control, regulate, and/or monitor the behaviour of other devices or systems. In industrial production, the term "industrial control system" (ICS) is often used.
JavaScript Is an object-based scripting language for developing applications. JavaScripts are program components in- tegrated in HTML code enabling specific functions in internet browsers. For example, while checking user in- put on an internet form, a JavaScript can verify that all the characters entered of a telephone number are ac- tually numbers. As is the case with ActiveX Controls, JavaScripts are run on the computer of the website visitor. Aside from useful features, unfortunately danger- ous functions can also be programmed. In contrast to ActiveX, JavaScript is supported by all browsers.
Malware Generic term for software which carries out harmful functions on a computer, e.g. viruses, worms, Trojan horses.
Metadata "Metadata" and "meta-information" refer to data containing information about other data.
MITM Man-in-the-middle attacks (MITM) Attacks in which the attacker infiltrates unnoticed the communication chan- nel between two partners and is thereby able to spy on or even modify their data exchanges.
mobileTAN mobileTAN is a way to incorporate text messages (SMSs) as a transmission channel. After online banking clients transmit their completed funds transfer requests on the internet, the bank sends them a text message on their mobile phone with a TAN that can be used only for that transaction.
P2P Peer to Peer Network architecture in which those sys- tems involved can carry out similar functions (in con- trast to client-server architecture). P2P is often used for exchanging data.
Patch Software that replaces the faulty part of a program with an error-free part, thereby eliminating a vulnerability, for example.
Phishing Fraudsters phish in order to gain confidential data from unsuspecting internet users. For example, this can be account information from online auctioneers (e.g. eBay) or access data for online banking. The fraudsters take advantage of their victims' good faith and helpful- ness by sending them emails with false sender ad- dresses.
PowerShell script PowerShell is a cross-platform framework by Microsoft for automating, configuring, and administering sys- tems, consisting of a command line interpreter and a scripting language.
Proxy A proxy is a communication interface in a network. It works as a mediator, receiving queries on the one side and making a connection on the other side via its own address.
Remote Administration Tool A remote administration tool is used for the remote ad- ministration of any number of computers or computing systems.
Router Computer network, telecommunication, or also internet devices used to link or separate several networks. Routers are used in home networks, for instance, es- tablishing the connection between the internal network and the internet.
Smartphone A smartphone is a mobile phone that offers more computer functionality and connectivity than a standard ad- vanced mobile phone.
SMS Short Message Service for sending text messages (160 characters maximum) to mobile phone users.
Social Engineering Social engineering attacks take advantage of people's helpfulness, credulity or lack of self confidence in order to gain access to confidential data or to prompt them to perform certain actions, for example.
Spam Spam refers to unsolicited and automatically sent mass advertising, into which category spam e-mails also fall. The person responsible for these messages is known as a spammer, whereas the actual sending itself is known as spamming.
Spearphishing emails Targeted phishing attack. For example, victims are tricked into believing that they are communicating with someone they know by email.
Supply chain attacks Attack in which an attempt is made to infect the actual target via the infection of a company in the supply chain.
Take-down Expression used when a provider takes down a site from the network due to its fraudulent content.
Top-Level-Domains Every name of a domain on the Internet consists of a sequence of character strings separated by periods. The term "top level domain" refers to the last name in this sequence, constituting the highest level of the name resolution. If the full domain name of a computer or website is, for instance, the right- most member of the sequence (com) is the top level domain of this name.
Transmission Control Protocol / Internet Protocol (TCP/IP) Transmission Control Protocol / Internet Protocol (TCP/IP) is a family of network protocols, also referred to as the Internet protocol family because of its great importance for the Internet.
Two-factor authentication For this, at least two of the following three authentica- tion factors are required: 1. Something you know (e.g. password, PIN, etc.) 2. Something you have (e.g. a cer- tificate, token, list of codes, etc.) 3. Something you are (e.g. finger print, retina scan, voice recognition, etc.)
UDP The User Datagram Protocol, short UDP, is a minimal, connectionless network protocol that belongs to the transport layer of the internet protocol family.
USB Universal Serial Bus (with a corresponding interface) which enables peripheral devices such as a keyboard, mouse, external data carrier, printer, etc. to be con- nected. The computer does not have to be switched off when a USB device is unplugged or plugged in. For the most part, new devices are automatically identified and configured (depending on the operating system).
Vulnerability A loophole or bug in hardware or software through which attackers can access a system.
Watering-hole attacks Targeted infection by malware via websites that tend to be visited only by a specific user group.
WLAN WLAN stands for Wireless Local Area Network.
Worm Unlike viruses, worms do not require a host program in order to propagate. Instead, they use vulnerabilities or configuration errors in operating systems or applications to spread by themselves from one computer to another.
Zero-Day An exploit which appears on the same day as the security holes are made public.
ZIP-File zip is an algorithm and file format for data compression, in order to reduce the storage space needed for the ar- chiving and transfer of files.