Category: Definition of Security Terms

What is Social Engineering?

Social engineering refers to the methods attackers use to deceive victims into performing an action. Typically, these actions are opening a malicious webpage or running an unwanted file attachment. Many social engineering efforts are focused on tricking users into disclosing usernames or passwords, allowing attackers to send messages as an internal user to further their […]

Read More »

What is a Rootkit?

A rootkit is a piece of software that hides programs or processes running on a computer. Malware frequently installs rootkits upon infection to hide its activity. A rootkit can hide keystroke loggers or password sniffers, which capture confidential information and send it to hackers via the Internet. It can also allow hackers to use the […]

Read More »

What are PUA’s or Potentially Unwanted Applications?

Potentially unwanted applications are programs that are not malicious but may be unsuitable for use in a business environment, and may create security concerns. Some applications are non-malicious and possibly useful in the right context, but are not suitable for company networks. Examples are adware, tools for administering PCs remotely and scanners that identify vulnerabilities […]

Read More »

What is the definition of Malware?

Malware is a general term for malicious software. Malware includes viruses, worms, Trojans and spyware. Many people use the terms malware and virus interchangeably. Antivirus software usually detects a wider range of threats than just viruses, and can be an effective defense against worms, Trojans and spyware.  

Read More »

What is an Application Exploit?

A application exploit is when hackers takes advantage of a vulnerability inside of an application order to access or infect a computer. Usually an exploit takes advantage of a specific vulnerability in an application and becomes ineffective when that vulnerability is patched. Zero-day exploits are those that are used or shared by hackers before the […]

Read More »

What is a Command and Control Center?

A command and control center (C&C or C2) is a computer that controls a botnet (a network of compromised computers). Some botnets use distributed command and control systems, making them more resilient. From the command and control center, hackers can instruct multiple computers to perform their desired activities. Command and control centers are often used […]

Read More »