There is a whole new vocabulary to learn when it comes to understanding all things online! Hopefully this will help. We have split the terms in to two categories: Threats and also Security Software and Hardware.
Adware is software that displays advertisements on your computer.
Anonymizing proxies allow the user to hide their web history browsing activity. They are often used to bypass web security filters- e.g., to access blocked sites from a work computer.
Advanced persistent threat (APT)
Advance persistent threats are a type of targeted attack. APTs are characterized by an attacker who has time and resources to plan an infiltration into a network.
Autorun worms are malicious programs that take advantage of the Windows AutoRun feature. They execute automatically when the device on which they are stored is plugged into a computer.
A backdoor Trojan allows someone to take control of a user’s computer via the internet without their permission.
Boot sector malware
Boot sector malware spreads by modifying the program that enables your computer to start up.
A botnet is a collection of infected computers that are remotely controlled by a hacker
Browser hijackers change the default homepage and search engine in your internet browser without your permission
Brute force attack
A brute force attack is one in which hackers try a large number of possible keywords or password combinations to gain unauthorized access to a system or file
A buffer overflow occurs when a program stores excess data by overwriting other parts of the computer’s memory, causing errors or crashes.
An electronic chain letter is an email that urges you to forward copies to other people.
Command and control centre
A command and control centre (C&C) is a computer that controls a botnet (i.e., a network of compromised or zombie computers). Some botnets use distributed command and control systems, making them more resilient.
Cookies are files placed on your computer that allow websites to remember details.
Data leakage is the unauthorized movement of information usually outside an organization. It can be deliberate (data theft) or accidental (data loss).
Data loss is the result of the accidental misplacement of data, rather than its deliberate theft.
Data theft is the deliberate theft of information, rather than its accidental loss.
A denial-of-service (DoS) attack prevents users from accessing a computer or website.
The Domain Name System (DNS) is the phone book of the internet. It allows computers to translate website names, like www.sophos.com, into IP address numbers so they can communicate with each other.
Document malware takes advantage of embedded script or macro content in document files.
A drive-by download is the infection of a computer with malware when a user visits a malicious website.
Email malware refers to malware that is distributed via email.
An exploit takes advantage of a vulnerability in order to access or infect a computer
Fake antivirus malware
Fake antivirus malware reports non-existent threats in order to scare the user into paying for unnecessary product registration and cleanup
Hacktivits typically hack for political purposes, attacking corporations, governments, organizations and individuals.
Hoaxes are reports of non-existent viruses or threats.
A honeypot is a trap security specialists use to detect hacking attacks or collect malware samples.
Worms are viruses that create copies of themselves across the internet or local networks.
In-the-cloud detection uses real-time online checking of data in order to detect threats.
Keylogging is when keystrokes are secretly recorded by an unauthorized third party
Malware is a general term for malicious software including viruses, worms, Trojans and spyware. Many people use the terms malware and viruses interchangeably.
Mobile phone malware
Mobile phone malware is malware intended to run on mobile devices, such as Smartphone’s or PDA’s
Non-compliance is the failure to comply with government or industry regulations regarding data privacy and security.
Parasitic viruses, also known as file viruses, spread by attaching themselves to programs.
Patches are software add-ons designed to fix software bugs, including security, in operating systems or applications.
Phishing refers to the process of tricking recipients into sharing sensitive information with an unknown third party.
Potentially unwanted application (PUA)
Potentially unwanted applications are programs that are malicious but may be unsuitable for use in a business environment.
Ransomware is software that denies you access to your files until you pay a ransom.