Glossary
|
| Chapter 2
|
| adware
| A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
| armored virus
| A virus that goes to great lengths in order to avoid detection.
| backdoor
| Software code that gives access to a program or a service that circumvents normal security protections.
| bot herder
| An attacker who controls a botnet.
| botnet
| A logical computer network of zombies under the control of an attacker.
| command and control (C&C or C2)
| The structure by which a bot herder gives instructions to zombies in a botnet.
| computer virus (virus)
| Malicious computer code that, like its biological counterpart, reproduces itself on the same computer.
| dumpster diving
| The act of digging through trash receptacles to find information that can be useful in an attack.
| hoax
| A false warning designed to trick users into changing security settings on their computer.
| impersonation
| A social engineering attack that involves masquerading as a real or fictitious character and then playing out the role of that person on a victim.
| keylogger
| Software or a hardware device that captures and stores each keystroke that a user types on the computer's keyboard.
| logic bomb
| Computer code that lies dormant until it is triggered by a specific logical event.
| macro
| A series of instructions that can be grouped together as a single command, often used to automate a complex set of tasks or a repeated series of tasks.
| macro virus
| A computer virus that is written in a script known as a macro.
| malware
| Software that enters a computer system without the user's knowledge or consent and then performs an unwanted and usually harmful action.
| metamorphic malware
| Malware that rewrites its own code and thus appears different each time it is executed.
| oligomorphic malware
| Malware that changes its internal code to one of a set number of predefined mutations whenever it is executed.
| pharming
| A phishing attack that automatically redirects the user to a fake site.
| phishing
| Sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information.
| polymorphic malware
| Malware code that completely changes from its original form whenever it is executed.
| program virus
| A computer virus that infects executable program files.
| ransomware
| Malware that prevents a user's device from properly operating until a fee is paid.
| rootkit
| A set of software tools used by an attacker to hide the actions or presence of other types of malicious software.
| shoulder surfing
| Watching an authorized user enter a security code on a keypad.
| social engineering
| A means of gathering information for an attack by relying on the weaknesses of individuals.
| spam
| Unsolicited email.
| spear phishing
| A phishing attack that targets only specific users.
| spim
| A variation of spam, which targets instant messaging users instead of email users.
| spyware
| A general term used to describe software that spies on users by gathering information without consent.
| tailgating
| When an unauthorized individual enters a restricted-access building by following an authorized user.
| Trojan horse (Trojan)
| An executable program that is advertised as performing one activity but which actually performs a malicious activity.
| typo squatting
| Redirecting a user to a fictitious website based on a misspelling of the URL. Also called URL hijacking.
| URL hijacking
| Redirecting a user to a fictitious website based on a misspelling of the URL. Also called typo squatting.
| vishing
| A phishing attack uses telephone calls instead of emails.
| watering hole attack
| A malicious attack that is directed toward a small group of specific individuals who visit the same website.
| whaling
| A phishing attack that targets only wealthy individuals.
| worm
| A malicious program designed to enter a computer via a network to take advantage of a vulnerability in an application or an operating system.
| zombie
| An infected computer that is under the remote control of an attacker.
|
|
|
What programs allow unauthorized access directly to a compromised computer?
A Trojan horse, or “Trojan”, enters your system disguised as a normal, harmless file or program designed to trick you into downloading and installing malware. As soon as you install a Trojan, you are giving cyber criminals access to your system.
What is a software program that secretly collects information and monitors your actions?
Spyware, also known as "adware," is software that sends information from your computer to a third party without your consent. Besides secretly monitoring a user's behavior, spyware collects personal information, which could lead to identity theft.
What is the name of program that contains another hidden and malicious program?
Trojan. A Trojan disguises itself as desirable code or software. Once downloaded by unsuspecting users, the Trojan can take control of victims' systems for malicious purposes.
What is a software that blocks threats to your computer called?
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware.