Biometric – Biometric vauthentication is a method by which someone can be uniquely identified by evaluating one or more distinguishing biological traits such as eyes or retina patterns or fingerprints.
Bluetooth– a standard for the short-range wireless interconnection of cellular phones, computers, and other electronic devices.
Bot – Short for robot; bots are one of the most sophisticated types of crimeware facing the Internet today. Bots are similar to worms and Trojans, but earn their unique name by performing a wide variety of automated tasks on behalf of their master (the cybercriminals) who are often safely located somewhere far across the Internet. Tasks that bots can perform run the gamut from sending spam to blasting Web sites off the Internet as part of a coordinated “denial-of-service” attack. Since a bot infected computer does the bidding of its master, many people refer to these victim machines as “zombies.”
Bots sneak onto a person’s computer in many ways. Bots oftentimes spread themselves across the Internet by searching for vulnerable, unprotected computers to infect. When they find an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are awoken by their master to perform a task. Bots are so quiet that sometimes the victims first learn of them when their Internet Service Provider tells them that their computer has been spamming other Internet users. Sometimes a bot will even clean up the infected machine to make sure it does not get bumped off of the victim’s computer by another cybercriminal’s bot. Other ways in which a bot infects a machine include being downloaded by a Trojan, installed by a malicious Web site or being emailed directly to a person from an already infected machine.
Bot Net – Botnets are created by attackers repeatedly infecting victim computers using one or several of the techniques mentioned above. Each one of the zombie machines is controlled by a master computer called the command and control server. From the command and control server, the cybercriminals manage their botnets and instructs the army of zombie computers to work on their behalf. A botnet is typically composed of large number victim machines that stretch across the globe, from the Far East to the United States. Some botnets might have a few hundred or a couple thousand computers, but others have tens and even hundreds of thousands of zombies at their disposal.
Browser- A program with a graphical user interface for displaying HTML files, used to navigate the World Wide Web. Example; Google Chrome, Micorsoft Internet Explorer, Firefox, Opera.
Browser Extension – A browser extension is a computer program that extends the functionality of a web browser in some way. Depending on the browser and the version, the term may be distinct from similar terms such as plug-in or add-on.
Brute Force Attack – A process where a computer is dedicated to using all possible combinations of words, numbers, symbols and phrases in order to break encryption code.
Cookie – Cookies are messages that web servers pass to your web browser when you visit Internet sites. The message contains information about your activity on the website. Your browser stores each message in a small file, called cookie.txt . When you request another page from the server, your browser sends the cookie back to the server.
Cybersquatting – the practice of registering names, esp. well-known company or brand names, as Internet domains, in the hope of reselling them at a profit.
Drive-by download– Drive by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window: by clicking on the window in the mistaken belief that, for instance, an error report from the computer’ operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the “supplier” may claim that the user “consented” to the download, although actually the user was unaware of having started an unwanted or malicious software download.
Defragment–defragmentation is a process that reduces the amount of fragmentation. It does this by physically organizing the contents of the hard disk used to store files into the smallest number of contiguous regions (fragments). It also attempts to create larger regions of free space using compaction to impede the return of fragmentation. Some defragmentation utilities try to keep smaller files within a single directory together, as they are often accessed in sequence.
Data Breach–A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.
Dox- Personal information about people on the Internet, often including real name, known aliases, address, phone number, SSN, credit card number, etc.
E-Commerce – Commercial transactions conducted electronically on the Internet.
Encryption- Encryption is a way to enhance the security of a message or file by scrambling the contents so that it can be read only by someone who has the right encryption key to unscramble it.
Firmware- Permanent software programmed into a read-only memory.
Hacktivist – Computer hacker whose activity is aimed at promoting a social or political cause.
Hidden Network- A hidden network is a wireless network that is set to not broadcast its name (or service set identifier (SSID)). Normally, wireless their name, and your computer “listens” for the name of the network that it wants to connect to.
Identity Theft – the fraudulent acquisition and use of a person’s private identity information, usually for financial gain.
IP Address – A unique string of numbers separated by periods that identifies each computer using the Internet Protocol to communicate over a network.
Man in the middle attack – The man-in-the-middle attack (often abbreviated MITM, MitM, MIM, MiM, MITMA) in cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).
MAC Address – A media access control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment.
Malware -Short for “malicious software,” malware refers to software programs designed to damage or do other unwanted actions on a computer system.Common examples of malware include viruses,worms, trojan horses, and spyware.
Multi-Factor Authentication – An approach to authentication which requires the presentation of two or more of the three independent authentication factors. 1)a knowledge factor or something only the user knows 2)A possession factor or something only the user has and 3) an inherence factor or something only the user is. After presentation, each factor must be validated by the other party for authentication to occur.
OS, Operating System– An operating system (OS) is software that manages computer hardware resources and provides common services for computer programs. Theoperating system is an essential component of the system software in acomputer system. Application programs usually require an operating system to function.
Piggybacking- Is the practice of establishing a wireless Internet connection by using another subscriber’s wireless Internet access service without the subscriber’s explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary by jurisdiction around the world. While completely outlawed or regulated in some places, it is permitted in others.
Pop Up– A window that suddenly appears (pops up) when you select an option with a mouse or press a special function key. Usually, the pop-up window contains a menu of commands and stays on the screen only until you select one of the commands. It then disappears.
Pop Up Ad- A type of window that appears on top of (over) the browser window of a Web site that a user has visited. In contrast to a pop-under ad, which appears behind (in back of) the browser window, a pop-up is more obtrusive as it covers other windows, particularly the window that the user is trying to read. Pop-ups ads are used extensively in advertising on the Web, though advertising is not the only application for pop-up windows.
Phishing – The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.
Password – A word used to gain access to a computer or other electronic device or service.
Passphrase – A phrase used to gain access to a computer or other electronic device or service.
Point of Sale (POS) – The computer card reader at the register where a customer slides or swipes his or her credit/debit card to complete a purchase. These devices sometimes requires a PIN. (see PIN)
PIN – Personal identification number used in concert with a credit or debit card when making a purchase.
Root kit- a set of software tools that enable an unauthorized user to gain control of a computer system without being detected.
Router- A wireless router is a device that performs the functions of a router but also includes the functions of a wireless access point. It is commonly used to provide access to the Internet or a computer network. It does not require a wired link, as the connection is made wirelessly, via radio waves.
Social Engineering – Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures. The social engineer will use charm, guile, bullying, confusion or false or mis-leading information or impersonation to convince a person to do something they are not supposed to do or would not normally do. A social engineer runs what used to be called a con game.
Spam – Any unwanted, unsolicited or undesirable email usually advertising. Spam is often sent out to millions of email addresses at a time.
Spammers – Individuals or companies that collect email addresses in order to send junk email or spam.
Spoofing– Imitate (something) while exaggerating its characteristic features. Spoofing is the act of impersonating a telephone number, email, text message or website. Usually done to deceive the receiver for the criminal or other malicious purpose.
Spyware- Software that “spies” on your computer. Spyware can capture information like Web browsing habits, e-mail messages, usernames and passwords, and credit card information. If left unchecked, the software can transmit this data to another person’s computer over the Internet.
SSID – Stands for Service Set Identifier, which is a 32-character sequence that uniquely identifies a wireless LAN (WLAN). In other words, the SSID is the name of the wireless network.
SSL – SSL is an acronym for Secure Sockets Layer. SSL provides a secure connection, allowing you to transmit private data online. Sites secured with SSL display a padlock in the browsers URL and possibly a green address bar if secured by an EV SSL certificate.
Trojan Horse – Trojan horses are software programs that masquerade as regular programs, such as games, disk utilities, and even antivirus programs.
Typosquatting, also called URL hijacking, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typographical errors made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to any URL (including an alternative website owned by a cybersquatter).
URL– URL stands for Uniform Resource Locator, and is used to specify addresses on the World Wide Web.
Virus- A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are man-made. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
Wardriver/Wardriving- Is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone or personal digital assistant (PDA).
Wi-Fi- WiFi hotspot is simply an area with an accessible wireless network. The term is most often used to refer to wireless networks in public areas like airports and coffee shops. Some are free and some require fees for use, but in either case they can be handy when you are on the go.
Worm – A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
WPA2 encryption – WPA2 has replaced WPA. WPA2, which requires testing and certification by the Wi-Fi Alliance, implements the mandatory elements of IEEE 802.11i. In particular, it introduces CCMP, a new AES-based encryption mode with strong security.
Zero Day Exploit– A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero day attack.
Zombie – Zombie computers are computers that have been taken over by a hacker without the knowledge of the owner.