Cybersecurity Glossary – Cyber Security News Aggregator

Today’s attackers are taking advantage of changing business dynamics to target people everywhere they work. Staying current on the latest cybersecurity attack vectors and threats is an essential part of securing the enterprise against breaches and compromised data.

https://www.proofpoint.com/us/threat-reference

Account Takeover Fraud

Account takeover fraud, also known as account compromise, occurs when a cyber attacker gains control of a legitimate account.

Active Directory

Active Directory is a directory service developed by Microsoft for Windows domain networks.

Advanced Persistent Threat

An Advanced Persistent Threat (APT) is a complex cyber-attack in which an unauthorized user gains access to a network and remains undetected for an extended period.

Adversary-in-the-Middle Attack

An adversary-in-the-middle attack (AiTM) is a form of data eavesdropping and theft where an attacker intercepts data from a sender to the recipient, and then from the recipient back to the sender.

Alert Fatigue

Alert fatigue, also known as alarm fatigue or notification fatigue, is a prevalent issue common across many fields, including healthcare, construction and mining, information technology, and cybersecurity.

Artificial Intelligence

Artificial intelligence, commonly abbreviated AI, refers to the simulation of human intelligence demonstrated by machines or computer systems, in contrast to the intelligence of humans.

AWS DLP

When corporations store data in Amazon Web Services (AWS), they need a way to ensure that sensitive data is safe from theft, disclosure, and corruption.

Bad Rabbit

Bad Rabbit is a strain of ransomware that first appeared in 2017 and is a suspected variant of Petya.

Botnet

A botnet is a group of computers or devices under the control of an attacker used to perform malicious activity against a targeted victim.

Browser Isolation

Browser isolation is a virtualized browser strategy that is far more secure than traditional methods.

Brute-Force Attack

A brute-force attack is a password cracking method cyber-criminals use to determine account credentials, particularly passwords.

Business Email Compromise (BEC)

Business email compromise (BEC) is a type of email cyber crime scam in which an attacker targets a business to defraud the company.

BYOD

A bring-your-own-device (BYOD) policy allows employees and other staff to bring their personal laptops and smartphones to work and connect them to the corporate network.

CASB

A CASB is an intermediary between users and cloud platforms that protect data in the cloud while addressing authorization and visibility concerns of corporations leveraging cloud services.

Catfishing

In cybersecurity, catfishing refers to the fabrication of a false online identity by a cybercriminal for the purposes of deception, fraud, or exploitation.

CCPA Compliance

The California Consumer Privacy Act (CCPA) was enacted in 2018 to combat the numerous incidents of data breaches in Big Tech from poorly defined access controls and management of privacy.

CEO Fraud

CEO fraud falls under the umbrella of phishing, but instead of an attacker spoofing a popular website, they spoof the CEO (or another high-level executive) for the targeted corporation.

Cerber Ransomware

Cerber ransomware was discovered in March 2016. As a ransomware-as-a-service (RaaS) malware, it can be deployed by anyone without any hacking or coding skills.

ChatGPT

ChatGPT, also known as Generative Pretrained Transformer 3 (GPT-3), is a cutting-edge AI chatbot developed by OpenAI.

Chief Information Security Officer (CISO)

A Chief Information Security Officer (CISO) is responsible for designing cybersecurity strategies used to protect corporate data and assess risk across the organization to improve on its cyber-defenses.

Clone Phishing

Clone phishing is a newer type of email-based threat where attackers clone a real email message with attachments and resend it pretending to be the original sender.

Cloud Archive

A cloud-based archiving solution stores data offsite on cloud servers where administrators can provision the necessary resources to ensure they can create thorough backups with sufficient storage capacity.

Cloud Compliance

When you store sensitive data on a third-party cloud server, it’s imperative that this third-party host is compliant with all data privacy and protection regulatory standards.

Cloud DLP (Data Loss Prevention)

What Is Cloud DLP? Cloud data loss prevention (DLP) helps keep an organization’s sensitive or critical information safe from cyber attacks, insider threats and accidental exposure.

Cloud Security

Cloud computing—a broad term that describes the move to the cloud and a mobile workforce—has brought new security and compliance risks.

Cloud Security Posture Management

CSPM is a critical component in cloud security, designed to safeguard cloud environments from potential threats.

Compliance Management

Compliance management refers to organizational procedures and policies to ensure compliance with all legal and regulatory standards pertinent to their information security practices.

Compliance Monitoring

Compliance monitoring is the process that ensures organizations meet the policies and procedures to identify compliance risk issues in their day-to-day operations and functions.

Compliance Risk

Compliance risk is an organization’s legal, financial and criminal exposure if it does not follow industry laws and regulations.

Compromised Account

Whether it’s from social engineering, phishing or other cyber-attacks, an account is compromised when a threat actor gains access to credentials and/or other means to perform actions on behalf of the targeted user.

Computer Virus

A computer virus is an ill-natured software application or authored code that can attach itself to other programs, self-replicate, and spread itself onto other devices.

Credential Stuffing

Credential stuffing is a cyber threat that accesses online user accounts using stolen usernames and passwords.

Cross-Site Scripting (XSS)

Cross-site scripting (XSS) is a security vulnerability found in various types of web applications where attackers inject malicious scripts into content from otherwise trusted websites.

Cryptojacking

Cryptojacking is the process of tricking users into using their computers and mobile devices to generate cryptocurrency for an attacker.

CryptoLocker

CryptoLocker is a form of ransomware that restricts access to infected computers by encrypting its contents. Once infected, victims are expected to pay a “ransom” to decrypt and recover their files.

Cryptowall Ransomware

CryptoWall is a ransomware malware that works by encrypting files on an infected computer and requires users to pay ransom to receive a decryption key.

Cyber Attack

Cyber attack is a general term given to any ongoing threat on a system.

Cyber Crime

Cyber crime is a general term describing the myriad of criminal activities carried out using a computer, network, or another set of digital devices.

Cyber Extortion

Cyber extortion is a nefarious cybercrime where threat actors exploit security vulnerabilities to breach digital security systems and gain unauthorized access to valuable assets.

Cyber Hygiene

Cyber hygiene, or cybersecurity hygiene, refers to the practices and procedures that individuals and organizations use to maintain the health and security resilience of their systems, devices, networks, and data.

Cyber Insurance

Cyber insurance (also known as cyber-liability insurance) minimizes the costs of a cybersecurity event such as ransomware, data breach or network compromise so that businesses do not suffer from severe financial strain.

Cyber Kill Chain

The Cyber Kill Chain is a concept developed by Lockheed Martin to outline the stages of a cyber-attack from its inception to its ultimate goal, which typically centers on data exfiltration or system compromise.

Cybersecurity / Network Security

Cybersecurity encompasses the technology, services, strategies, practices, policies designed to secure people, data and infrastructure from a wide range of cyber attacks.

Cybersecurity Analytics

An organization needs cybersecurity analytics to determine the cause of an incident and collect data for future investigations.

Cybersecurity Litigation

Cybersecurity litigation usually follows a severe data breach when victims of identity theft or future financial loss are your organization’s customers who seek compensation for the event.

Data Archiving

Secure data archiving is the process of collecting older data and moving it to a protected location so that it can be retrieved if needed in a data forensics investigation.

Data Breach

A data breach is a cybersecurity incident where sensitive, confidential, or protected information is accessed, viewed, taken, altered or used by anyone not authorized to do so.

Data Center

A data center is a specialized facility designed to house and manage a vast array of computer systems, servers, networking equipment, and storage infrastructure.

Data Center Security

When enterprise infrastructure is housed in a data center, it’s essential to ensure that the third-party location is physically and virtually secure. Data center security involves the physical and virtual cybersecurity that protects corporate data from attackers.

Data Classification

Data classification is a method for defining and categorizing files and other critical business information.

Data Exfiltration

Data exfiltration is defined as the unauthorized copying, transfer, or retrieval of data from either a server or an individual’s computer.

Data Governance

Data governance entails the strategies and rules created to maintain corporate data and its security.

Data Labeling

Data labeling, also called data tagging, is the process of assigning various data points with information so that machine learning (ML) algorithms can better understand its meaning.

Data Leak

A data leak unintentionally exposes sensitive, protected, or confidential information outside its intended environment.

Data Loss Prevention (DLP)

Data loss prevention (DLP) makes sure that users do not send sensitive or critical information outside the corporate network.

Data Privacy

Data privacy aims to protect customer data from unethical use and distribution to third parties. Learn what data privacy is and what you need to know.

Data Protection

Every day, attackers aim to steal valuable and sensitive data from businesses, so data/information protection strategies focus on building infrastructure and policies to stop them.

Data Retention Policy

Every solid backup plan has a data retention policy, which specifies how long your organization stores backup data before either archiving it, overwriting it, or destroying (deleting) it.

Data Security

Data security involves the practices, strategies, procedures, and mitigation techniques used to protect sensitive information from attackers.

Data Theft

Data theft is the unauthorized acquisition of digital data from an entity, often driven by motives of financial profit or to disrupt business activities.

DDoS

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt normal traffic on a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

Digital Risk

Types of Digital Risk Digital Risk Protection How to Manage Digital Risk How Proofpoint Can Help

Digital Signature

A digital signature is a mathematical protocol that uses cryptographic techniques to verify the authenticity and integrity of digital messages or documents.

Disaster Recovery

Disaster recovery is broadly defined as an organization’s ability to respond to and recover from a catastrophic event that negatively affects its operations or infrastructure.

DKIM

DKIM (DomainKeys Identified Mail) is a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify.

DMARC

DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, is an open email authentication protocol that provides domain-level protection of the email channel.

DNS

DNS or Domain Name System is a method by which an IP address is converted into a readable domain.

DNS Spoofing

DNS (Domain Name Service) spoofing is the process of poisoning entries on a DNS server to redirect a targeted user to a malicious website under attacker control.

Doxing

Doxing, also known as “doxxing” or “d0xing,” is a cyber-attack tactic involving the collection and dissemination of personal information with malicious intent.

E-Discovery

E-discovery is a form of digital investigation that attempts to find evidence in email, business communications and other data that could be used in litigation or criminal proceedings.

Electronic Communication

The transfer of knowledge, ideas, data, or messages via digital means is referred to as electronic communication or digital communication.

Email Account Compromise (EAC)

Email Account Compromise (EAC) is a highly sophisticated attack in which attackers use various tactics. Read on to learn the definition, how it works, and more.

Email Archiving

Email archiving is a system for preserving email communications in a format that can be digitally stored, indexed, searched and retrieved.

Email Filtering

Email filtering services filtering an organization’s inbound and outbound email traffic.

Email Gateway

An email gateway is a type of email server that protects an organizations or users internal email servers.

Email Protection

Email Protection is a combination of security technology deployment and the training of employees, associates, customers and others in how to guard against cyber-attacks that infiltrate your network through email.

Email Scams

Email is one of the most beneficial ways to communicate with anyone. But it is also a primary tool used by attackers to steal money, account credentials, and sensitive information.

Email Security

Email security involves the strategic set of measures and techniques used to protect email-based communications, effectively preserving the confidentiality, integrity, and availability of email messages.

Email Spoofing

Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust.

Encryption

In cryptography, encryption is the process of encoding a message or information in a way that only authorized parties can access it and those who are not authorized cannot.

End User Monitoring

End user monitoring in a web application tracks the way users interact with a site and uses this logged information to display analytics.

Endpoint Detection and Response (EDR)

Endpoint Detection and Response (EDR) is a type of cybersecurity solution designed to monitor, detect, and respond to malicious activities on an organization’s endpoints.

Endpoint Security

Endpoint security involves the strategies, software, and hardware used to protect all devices and access points on a corporate network.

Endpoint-Delivered Threats

Endpoint-delivered threats usually enter an organization through: (a) A user-infected device introduced into the corporate network which then delivers malware that can spread laterally, (b) An infected portable device, or (c) Users who are tricked into downloading and installing malicious software by claims that they are antivirus, disk cleanup or other utility software.

Enterprise Security

Enterprise security consists of the overall strategies and procedures used to defend an organization from bad actors.

FERPA Compliance

The Family Educational Rights and Privacy Act (FERPA) was enacted to help protect the personal information of students. Learn the meaning, laws, regulations, and more.

Firewall

A firewall is a type of network security system that analyzes incoming and outgoing network traffic, effectively serving as a barrier that blocks viruses and attackers based on predetermined security rules.

GameOver Zeus (GOZ)

Zeus is a family of malware first discovered in 2005. In addition to the original Zeus financial account-stealing component, GameOver Zeus is an advanced variant with a ransomware component.

GDPR

The European Union General Data Protection Regulation (GDPR) is ruling set to protect the data of all EU citizens.

Graymail

Graymail is bulk email that does not fit the definition of spam because it is solicited, comes from a legitimate source, and has varying value to different recipients.

Hacking

Hacking is broadly defined as exploiting vulnerabilities in an organization’s computer systems and networks to gain unauthorized access or control of digital assets.

Hacktivism

The term “hacktivism” is a combination of the words “hack” and “activism.” It’s a word to describe the intent of specific attackers.

HIPAA Compliance

Compliance with the U.S. Health Insurance Portability and Accountability Act (HIPAA) requires companies that work with protected health information (PHI) to implement and follow physical, network, and process security measures.

Honeypot

A cybersecurity honeypot is a decoy security mechanism designed to attract cyber attackers so that security researchers can see how they operate and what they might be after.

Identity and Access Management (IAM)

Identity and access management (IAM) is a framework of policies, processes, and technologies that enable organizations to manage digital identities and control user access to data, systems, and resources within a computer network.

Identity Theft

Identity theft is when someone steals your personal information, such as your name, Social Security number, bank account numbers, or credit card data, to commit fraud or other criminal activities.

Identity Threat Detection & Response (ITDR)

ITDR is short for identity threat detection and response, a new class of cybersecurity solutions that focuses on protecting identity-based systems from cyber threats.

Immutable Backups

Immutable backups are a data protection strategy that creates unchangeable backup copies.

Incident Response

Incident response contains and eradicates threats when an attacker exploits a vulnerability within an organization. Learn what incident response is and steps for it.

Indicators of Compromise

During a cybersecurity incident, indicators of compromise (IoC) are clues and evidence of a data breach.

Information Seeking Scams

Scammers want information, and they try to extract it by tricking recipients of emails.

Insider Threat

An insider threat can happen when someone close to an organization with authorized access misuses that access to negatively impact the organization’s critical information or systems.

Intellectual Property Theft

Intellectual property (IP) theft is the unauthorized use, exploitation, or outright theft of creative works, ideas, trade secrets, and proprietary information otherwise protected under intellectual property laws.

Intrusion Detection System (IDS)

An IDS is a sophisticated device or software application that meticulously monitors network traffic or system activities for any signs of potential violations, unauthorized access, or malicious activities.

Intrusion Prevention System (IPS)

An Intrusion Prevention System (IPS) is a security technology designed to detect and actively block or mitigate unauthorized access, malicious activities, and potential threats within a computer network or system.

IoT (Internet of Things)

The Internet of Things (IoT) refers to devices around the world that automatically connect to the cloud and function by storing data or running commands from an online server.

IoT Security

Internet of Things (IoT) security is the safeguards and protections for cloud-connected devices such as home automation, SCADA machines, security cameras, and any other technology that connects directly to the cloud.

IP Address

An IP (Internet Protocol) address is a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.

IT Compliance

When we talk about compliance in IT, we’re referring to certain guidelines an organization must follow to ensure its processes are secure.

Keyloggers

Keyloggers are programs that run as a background process on a computer or other device and collect keystrokes as a user types on their keyboard.

Lateral Movement

Lateral movement refers to the steps and techniques cybercriminals use to navigate through a network after gaining initial access.

Longlining

Longlining attacks are mass customized phishing messages that are typically engineered to look like they are only arriving in small quantities, mimicking targeted attacks.

Machine Learning

Machine learning is a core subset of artificial intelligence that trains computer systems to learn from data inputs and improve autonomously without being explicitly programmed.

Malicious Email Attachments

Malicious email attachments are designed to launch an attack on a users computer. The attachments within these malicious emails can be disguised as documents, PDFs, e-files, and voicemails.

Malware

Malware is a common cyber-attack and an umbrella term for various malicious programs delivered and installed on end-user systems and servers.

Managed Security Service Provider (MSSP)

An MSSP is a third-party provider that manages a company’s day-to-day security operations.

MITRE ATT&CK Framework

The MITRE ATT&CK Framework (Adversarial Tactics, Techniques, and Common Knowledge) is a comprehensive intelligence repository of curated tactics and techniques leveraged by cyber adversaries to breach the security systems of organizations.

Mobile Security

Mobile security is the strategy, infrastructure, and software used to protect any device that travels with users, including smartphones, tablets, and laptops.

Multicloud

Multicloud environments let businesses use solutions across cloud platforms, reducing downtime and failure rates.

Multifactor Authentication

To increase the security of user accounts, multifactor authentication (MFA) adds a layer of protection from hackers.

National Cybersecurity Awareness Month

Since 2004, a group of government and private organizations gather to help bring more awareness to cybersecurity and data privacy.

Network-Delivered Threats

Network-delivered threats are typically of two basic types: (1) Passive Network Threats: Activities such as wiretapping and idle scans that are designed to intercept traffic traveling through the network and (2) Active Network Threats: Activities such as Denial of Service (DoS) attacks and SQL injection attacks where the attacker is attempting to execute commands to disrupt the network’s normal operation.