27 October 2022SafeAeon Inc.
One of the common concepts used in cyber security is Authentication. It is the process of establishing an individual’s identification and confirming its validity or authenticity of it. It can be done either by a PIN/password, retina scan, biometric scan, or sometimes a combination of these methods.
2. Data Breach
It is one of the basic cybersecurity terms. When a hacker successfully attacks a company, organization, or individual and takes over their network system, server, or database, they expose their data, which is typically personal information like credit card numbers, bank account numbers, usernames and passwords, social security numbers, and many more. This is known as a data breach.
It stands for Distributed Denial of Service. The CIA triad's availability is destroyed by this attack. This malicious attack employs numerous sources to produce much traffic to disrupt the usual traffic of a server, network, or service that is being targeted. The target's infrastructure or the volume of Internet traffic locks up the system, making it temporarily unavailable.
It is a combination of the two words “robot” and “network,”. A network of gadgets (computers, routers, etc.) that have been infected with malicious malware and may be continually controlled to produce hostile security operations. Some kinds of attacks are click fraud, Bitcoin mining, sending spam emails, DoS/DDoS attacks, and many more.
It is the security method of encoding data from plaintext to ciphertext, which the user only can decrypt with the encryption key.
It is a piece of code or software created to locate and take advantage of a loophole or weakness in a network, computer system, or application. Generally, this is done for nefarious ends like spreading malware.
It can be either software or hardware. It monitors, and filters inbound and outbound network traffic based on an organization's created security policies.
It is the short form for “malicious software”, which refers to a wide range of harmful software or pieces of code that are used to corrupt and harm a system. For instance, malware like worms Ransomware, viruses, and trojans can be transferred in the form of Images, pdf, documents, or multimedia and through spam emails and SMS.
9. Man in the Middle Attack
Man in the middle (MITM) attack is a general term for when an adversary positions himself in a conversation happening between a user and an application or even between a computer and router and listens to all the data transmitted between them and, in most cases, attackers are also able to crack the encryption.
Phishing is a social engineering attack often used to steal user data, including login credentials and credit card numbers. It happens when an attacker, masquerading as a trusted entity, deceives a victim into clicking on an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can install malware, freeze the system as part of a ransomware attack, or reveal sensitive information.
This term is used in cyber security to represent a kind of malware. It is a type of malware that is designed to restrict access to the files on your system by encrypting the files. It stays restricted until you pay the ransom (money).
Spoofing is when someone or something pretends to be something else to gain a victim's trust, get access to a system, steal data, or spread malware.
13. Zero-day Exploit
Zero-day Exploit is used to define exploit code written to take advantage of a vulnerability before the vendor knows about the vulnerability and can release a patch for it.
It is also one type of malware designed for a specific purpose to spy on you and your computer activities. If any device, including a mobile device or computer. With an infected device, an adversary can access your text messages, read the file system, redirect your phone calls, access your webcam, and even track down where you are with your geographical location.
A computer virus is a class of malicious software, or malware, that circulates between computers and causes damage to data and software. Computer viruses strive to disrupt systems, cause significant functional issues, and result in data loss and leakage. In some circumstances, a virus can cause physical damage.
16. Social Engineering
This technique includes psychologically manipulating human minds and breaking standard security procedures and best practices to gain unauthorized access to systems, networks, and physical locations or for financial gain.
17. Operating systems:
These are usually abbreviated ‘OS’ and manage all of your soft- and hardware. From storage to CPU, your OS keeps your computer data straight for easy use.
18. BYOD (Bring Your Own Device)
Bring your device (BYOD) refers to the trend of employees utilizing personal devices to connect to their organization's networks and access work-related servers and sensitive or confidential data. Personal devices could include computers, smartphones, tablets, or USB drives.
19. Endpoint Detection and Response (EDR)
Endpoint Detection and Response (EDR), also known as endpoint threat detection and response (ETDR), are tools for protecting computer endpoints from potential threats. EDR platforms incorporate software and networking instruments for detecting suspicious endpoint activities, usually via constant monitoring.
20. Insider Threat
An Insider Threat is when an authorized internal user, usually an employee or contractor, poses a danger to an organization because they have authorized access to inside information and bypass the most perimeter-based guard.
21. Security Operations Center (SOC)
An Information Security Operations Center (ISOC or SOC) is a facility where enterprise information systems, including all essential assets, are monitored, assessed, and defended by SOC analysts
22. Threat Hunting
Cyber Threat Hunting is a dynamic cyber defense exercise where cybersecurity professionals search networks to detect and mitigate advanced threats that bypass existing security solutions.
A Patch delivers additional, revised, or updated code for an operating system or application. Excluding open-source software, most software vendors do not publicize their source code.
24. Advanced Persistent Threat (APT)
An advanced persistent threat (APT) is a general term used to express an attack movement in which an intruder, or team of intruders, establishes an illegal, long-term presence on a network to excavate overly sensitive data. APTs are usually run by nation-state threat actors desiring to cause consequential disruption and damage to a nation's economic and political stability.
VPN is an acronym for Virtual Private Network. A VPN is a technique of connecting two or more computers and devices in a private encrypted network, with an individual user’s IP address replaced by the VPN’s IP address. VPN users obtain Internet anonymity through an encrypted connection and new IP address, making it difficult for hackers to compromise.