APTs                                                      : [A]utomatically [P]rogrammed [T]ool, a computer language designed for prgramming numerically controlled tool

Bots                                                       : The artificial intelligence that automatically do the task programmed

Botnets                                                                : criminals distribute malicious software (also known as malware) that can turn your computer into a bot (also known as a zombie)

BYOD                                                    : Bring your own devices

DoS / DDoS Attacks                         : distributed denial of service: the spamming of pinging a web, distributed denial of service: many botnet infected doing DOS on a website.

Firewalls                                             : system that controls the incoming and outgoing network traffic based on applied rule set. It establishes a barrier between a trusted, secure internal network and another network that is not assumed to be secure and trusted

IDS                                                         : interusion detection system is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station.

IM                                                          : instant messaging

IPS                                                          : Intrusion prevention systems, also known as intrusion detection and prevention system (IDPS). Network security appliances that monitor network and/or system activities for malicious activity

Malware                                              : malicious software is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

Man-in-the-middle: a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances.

Packet-filtering: the process of passing or blocking packets at a network interface based on source and destination addresses, ports, or protocols.

Proxy Server: a server that acts as an intermediary between an endpoint device and the internet so that the enterprise can ensure security, administrative control, and caching service.

Script Kiddies: a derogative term, originated by the more sophisticated crackers of computer security systems, for the more immature, but unfortunately often just as dangerous exploiter of security lapses on the internet.

SIEM: (Security Information and Event Management) – an approach to security management that seeks to provide a holistic view of organization’s information technology security.

Smurf Attacks: an exploitation of the Internet Protocol (IP) broadcast addressing to create a denial of service.

Spam: unsolicited e-mail on the Internet

SSL: Secure Sockets Layer is a commonly-used protocol for managing the security of a message transmission on the Internet; it uses a program layer located between the Internet’s HTTP and TCP program layers.

Stack-based buffer overflow: occurs when a program writes to a memory address on the program’s call stack outside of the intended data strcture; usually a fixed length buffer.

SYN flood: Aka half open attack. An attack vector for conducting a denial-of-service attack on a computer server. The attack involves having a client repeatedly send SYN (synchronization) packets to every port on a server, using fake IP addresses.

Threat landscape: The threat landscape in information security is in a constant state of flux, with new threats emerging and existing threats becoming ever more sophisticated.

Toolkits: Software designed to perform a specific function, especially to solve a problem.

TLS: Transport layer security. A security protocol.

Vulnerability: Is a weakness which allows an attacker to reduce a system’s information assurance.

Whitelisting: A firewall whitelist consists of people, sites, or networks you allow access to your computer or want your computer to access.

Worm: Computer worm is a standalone malware computer program that can replicate itself in order to spread to other computers.

Zero-day attack/vulnerability: An attack that exploits a previously unknown vulnerability in a computer application, one that developers have not had time to address and patch.

Zombies/zombie computers: A zombie is a computer connected to the internet that has been compromised by a hacker, computer virus, or trojan horse and can be used to perform malicious tasks of one sort or another under remote direction.


Tags: , , ,