Cybersecurity glossary 

B

Brute Force Attack
A type of attack on computer systems where a hacker attempts to crack a password by testing all possible character combinations until the correct one is found. This is a time-consuming but often effective method.

Backdoor
A hidden access point in a computer system or software that allows unauthorized access, often left by attackers.

Backup
A backup copy of data stored securely to restore lost or damaged data in case of system failure, attack, or another crisis situation.

Where to store backups?

• External drives: Storing data on external hard drives or network servers.
• Cloud storage: Using cloud services such as Google Drive, Dropbox, or Amazon S3 to store backups online.
• NAS servers (Network-Attached Storage): Network storage used in companies and larger home networks.

Blockchain
A decentralized, distributed database (ledger) where transactions are recorded in blocks. Each block is linked to the previous one using a cryptographic hash, ensuring data integrity and immutability.

Bot
An autonomous computer program that performs tasks on the Internet, such as indexing web pages or sending spam. It can be part of a botnet used for DDoS attacks.

Botnet
A network of computers infected with malware and controlled by a single attacker (a "botmaster") to conduct organized attacks.

C

Captcha
Short for "Completely Automated Public Turing test to tell Computers and Humans Apart." A security mechanism requiring the user to confirm they are human, for example, by identifying images or entering text from an image. It protects against bots.

Cloud Computing
A service that enables data storage and processing over the Internet instead of on local devices. Popular cloud platforms allow file and application storage on remote servers accessible from anywhere in the world. Examples include OneDrive and Google Drive.

Cryptojacking
Unauthorized use of a victim's device to mine cryptocurrencies. Attackers deploy malware on a computer to exploit its processing power for cryptocurrency generation.

CSS (Cascading Style Sheets)
A language used to describe the appearance and formatting of web pages. CSS defines colors, fonts, and the layout of webpage elements.

CVE (Common Vulnerabilities and Exposures)
A unique identifier assigned to known software or hardware security vulnerabilities, allowing them to be tracked and analyzed.

Cybersecurity
A field focused on protecting computer systems, networks, and data from unauthorized access, exploitation, disclosure, disruption, destruction, modification, or forgery. In practice, this means securing devices, online accounts, and information from cyberattacks. Cybersecurity includes both technical and organizational security measures.

Cyberspace
A virtual environment created by interconnected computer networks and digital resources. Cyberspace encompasses the Internet, computer systems, networks, and data.

Cookies
Small text files stored on a user's device by websites they visit. Cookies are used to store session information, preferences, or activity data, helping personalize web experiences. They can also be used for tracking user behavior, raising privacy concerns.

Clean Desk Policy
A set of organizational rules requiring employees to store confidential documents and devices securely when not in use to prevent accidental data leaks.

CEO Fraud (Business Email Compromise - BEC)
A scam where the attacker impersonates a CEO or another high-ranking company employee, attempting to trick employees into transferring money or sharing confidential data.

CIA Triad (Confidentiality, Integrity, Availability)
A fundamental model in cybersecurity that defines three key aspects of data security:

• Confidentiality – Ensuring that only authorized individuals have access to data.
• Integrity – Ensuring that data remains accurate and has not been altered without authorization.
• Availability – Ensuring that data is accessible to authorized users at any time.

D

Data Breach
A security breach in which unauthorized individuals gain access to confidential data, such as personal information, credit card numbers, or passwords.

Deepfake
An advanced artificial intelligence-based technique that allows the creation of fake images, videos, or audio recordings that appear authentic. It can be used in cyberattacks or disinformation campaigns.

Disinformation
Deliberately spread false or misleading information intended to manipulate public opinion, create chaos, or harm individuals, organizations, or states. Disinformation is often part of cyber campaigns.

DNS (Domain Name System)
A system that translates human-readable domain names (e.g., www.example.com) into IP addresses understood by network devices. DNS acts as the Internet’s phone book.

Domain
A unique address identifying a website, such as www.example.com. A domain consists of a name and an extension, such as .com, .org, or .gov.

Data Availability
Ensuring that data and systems are accessible to authorized users when needed. Effective availability minimizes the risk of service disruptions that could lead to operational losses.

Data Integrity
A principle stating that data must be accurate, consistent, and unaltered in an unauthorized manner. Data integrity prevents accidental or intentional falsification of information.

Data Protection
The process of securing data from unauthorized access, modification, or deletion. It includes both technical and organizational measures such as encryption and security policies.

Data Confidentiality
A principle that ensures information is accessible only to authorized individuals and protected from unauthorized access. Data confidentiality is a key factor in preventing information leaks.

Data Breach
The unauthorized disclosure of confidential information, such as personal, financial, or medical data. A data breach can result from a hacking attack, human error, or security vulnerabilities.

Data Encryption
The process of converting information into an unreadable format for unauthorized users. Data can only be decrypted using the appropriate encryption key (e.g., a password).

Data Transmission
The process of transferring information between devices in a computer network. Data transmission should be properly secured, for example, through encryption, to protect it from interception by unauthorized entities.

DoS/DDoS Attack

• DoS (Denial of Service): An attack on a computer system aimed at overwhelming resources and disabling a service or server.
• DDoS (Distributed Denial of Service): A distributed DoS attack that uses multiple computers or devices, often hijacked by the attacker.

E

EDR (Endpoint Detection and Response)
A security tool that monitors endpoint devices (computers, servers) to detect and respond to threats. EDR records suspicious activities and enables their quick neutralization.

Extranet
A private computer network that provides secure access to an organization's internal resources for external partners, suppliers, or clients. The extranet is accessible via the internet, but access requires authorization.

Exploit
A software or technique that takes advantage of a security vulnerability in a system to gain unauthorized access or cause harm.

F

Fake News (False Information)
Fabricated or manipulated information presented as real news, spread to mislead audiences. Fake news can be used for political, financial, or social manipulation, especially on social media.

Firewall (Network Firewall)
A device or software that monitors and controls network traffic to block unauthorized access to a system.

H

Hashing
A process that converts input data (e.g., a password) into a unique, fixed-length string known as a hash value. This value cannot be reversed to obtain the original data, increasing the security of stored passwords.

Help Desk
A team or technical support system that assists users in solving IT-related issues, such as software, hardware, system access, or security problems.

Hyperlink
A text or graphic element on a webpage that, when clicked, leads to another page or resource on the internet. Hyperlinks are a fundamental part of web navigation.

Honeypot
A computer system intentionally set up to attract hacker attacks in order to monitor and analyze their techniques and activities.

Hosting
A service that provides server resources (computing power, storage space, internet connectivity) for hosting and sharing websites or applications online. Hosting companies provide the technical infrastructure necessary for a website to function.

Human Firewall
The conscious behavior and procedures followed by employees to protect an organization from cyber threats. A human firewall includes cybersecurity education, such as recognizing phishing attempts and using strong passwords.

I

IAM (Identity and Access Management)
A set of tools and policies used to manage user identities and control their access to digital resources within an organization.

IT Infrastructure
A collection of technological resources such as servers, network devices, software, and data centers used to store, process, and transmit data within an organization.

Interface
A connection point between a user and a computer system or between two IT systems. It can be a graphical user interface (GUI) that allows users to interact with applications or an application programming interface (API) that enables communication between different systems.

Intranet
An internal computer network accessible only to an organization's employees. It is used for information exchange, collaboration, and sharing internal resources such as documents, applications, and databases.

Identity Theft
A crime in which a person's personal data is stolen to impersonate them and gain financial benefits, such as opening bank accounts, taking out loans, or committing fraud.

Information Security
A set of practices, tools, and policies aimed at protecting information from unauthorized access, integrity breaches, leaks, or loss. This includes encryption, authentication, access control, and monitoring.

IP Address
A unique number assigned to every device connected to the Internet, enabling identification and location of the device within the network. IP addresses are used both in local networks and on the Internet, allowing communication between different devices such as computers, smartphones, routers, etc.
IP addresses come in two main versions:

• IPv4: An address consisting of four numbers separated by dots (e.g., 192.168.0.1). Each number ranges from 0 to 255.
• IPv6: A newer version that allows significantly more unique addresses. It is longer and looks like a series of numbers and letters separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).

ISO 27001 Standard
An international information security management standard that defines requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS). This standard helps organizations protect data according to best practices.

J

JavaScript Injection
A type of attack in which malicious JavaScript code is injected into a website. The goal is to manipulate the site or steal user data. It is one form of an Injection attack.

K

Keylogger
A type of malicious software or hardware that records every keystroke made on a victim’s keyboard to steal sensitive information such as passwords or credit card numbers.

L

Logs
A record of actions and operations in a computer system or network. Logs are used to monitor activity, identify issues, and track potential unauthorized access attempts.

M

Malicious Link
A hyperlink that leads to a malicious website, often designed to spread viruses, steal personal data (phishing), or install malware on a user's device. Clicking on a malicious link can result in system infection or data theft.

Malware
A general term for any malicious software, including viruses, trojans, ransomware, spyware, and other programs designed to damage, steal data, or spy on users.

Machine Learning
A subfield of artificial intelligence (AI) in which computers learn from data and experience to make decisions without needing explicit programming for each step. In cybersecurity, machine learning can be used to detect threats, analyze attacks, and automate protection measures.

Multi-Factor Authentication (MFA)
An authentication process that requires two or more independent factors to verify a user's identity. These factors may include something the user knows (password), something they possess (e.g., a mobile phone), or something they are (e.g., a fingerprint).

MitM (Man-in-the-Middle)
An attack in which an attacker intercepts and can modify communication between two parties who believe they are communicating directly with each other. The goal is to steal data or inject malicious code.

O

One-Time Password (OTP)
A unique code that can only be used once to log in to a system or authorize a transaction. OTPs enhance security by preventing the reuse of the same password in the future by unauthorized individuals.

P

Password Generator
A tool that automatically creates strong, hard-to-crack passwords, usually consisting of random combinations of letters, numbers, and symbols. This helps users enhance the security of their accounts.

Password
A sequence of characters (letters, numbers, symbols) used to authenticate a user's identity and secure access to a system or account. A strong password should be difficult to guess but easy to remember.

Password Cracker
A tool or software used to recover passwords by attempting to break them. Password crackers use various methods, such as brute-force attacks, dictionary attacks, or analysing previous data breaches. They are used both by security professionals for password strength testing and by cybercriminals to gain unauthorized access to user accounts.

Password Manager
Software or an application that securely stores user passwords, generates strong passwords, and automatically fills in login forms, reducing the need to remember multiple passwords. It allows secure password storage in one place.

Penetration Testing (Pentesting)
Controlled, simulated security tests of a computer system or network aimed at detecting vulnerabilities. Testers attempt to break into the system to identify potential threats.

Phishing
A social engineering attack where attackers impersonate a trusted person or organization to steal confidential information such as login credentials or credit card details.

Password Policy
A set of rules and requirements for creating and managing passwords in an organization to enhance user account security. It may include password length, complexity, and change frequency.

Q

QRishing
An attack using fake QR codes that, when scanned, redirect users to malicious websites to steal data or install malware.

R

Ransomware
A type of malicious software that encrypts files on an infected device and demands ransom for restoring access.

RAT (Remote Access Trojan)
A type of Trojan that gives an attacker full control over an infected computer. RATs are used for spying on users, stealing data, or installing additional malware.

Rootkit
Malicious software that allows an attacker to hide their presence in a computer system, providing hidden access and remote control over the system.

Risk Management
The process of identifying, assessing, and controlling threats to an organization's assets. Risk management includes preventive measures, incident response planning, and minimizing the impact of security breaches.

S

Social Media Bot
An automated program operating on social media platforms, mimicking human activity. It can be used to spread spam, propaganda, misinformation, or conduct attacks.

SSL/TLS Certificate
A mechanism that secures data transmission on the Internet by encrypting the connection between the user's browser and the server. SSL/TLS certificates ensure data confidentiality and integrity.

Security Incident
An event that violates the security policies of a computer system, network, or data. Security incidents include hacking attacks, data breaches, viruses, and unauthorized access attempts.

System Infection
A situation where a computer system is infected with malicious software such as viruses, trojans, or ransomware. Infection can lead to system damage, data loss, or information theft.

Security Culture
The awareness and commitment of an organization’s employees to following security principles and practices that protect data and systems from threats. A strong security culture is essential for effective risk management.

Security Vulnerabilities
Weaknesses in a computer system, software, or network that cybercriminals can exploit to carry out an attack. These vulnerabilities may result from coding errors, misconfigurations, or failure to apply security updates.

Security/Privacy Breach
An event in which unauthorized access, disclosure, modification, or destruction of data occurs. This can lead to the leakage of personal or other confidential information.

Software
A set of instructions and data that enable computers and devices to perform specific tasks. Software is divided into system software (e.g., operating systems) and application software (e.g., user programs). It can be vulnerable to attacks, so regular updates and patches are crucial for security.

Social Media Fraud
Activities aimed at stealing personal data, money, or trust through fake accounts, messages, or offers on social media. Examples include fake contests, phishing, and impersonating individuals or companies.

Session
The period of user activity in a system, application, or website from login to logout. Sessions can be managed and secured using session tokens to protect against session hijacking by attackers.

SIEM (Security Information and Event Management)
A security information and event management system that collects, analyzes, and monitors data from various sources to identify security threats.

SMishing
A type of phishing attack in which attackers attempt to obtain sensitive information by sending fraudulent SMS messages. Users are encouraged to click on malicious links or provide personal data. The messages often appear to come from legitimate banks or companies. Cybercriminals use this method to steal sensitive information, such as credit card numbers.

SOC (Security Operations Center)
A team or center responsible for monitoring and responding to security incidents within an organization.

SOC 2
A security standard that defines data management and access control principles for companies, focusing on security, availability, processing integrity, and confidentiality.

Social Engineering
Psychological manipulation techniques used by attackers to trick victims into providing confidential information or performing certain actions, such as opening a malicious attachment. Cybercriminals exploit this technique to manipulate people and steal their information. They may impersonate someone you know or send fraudulent emails.

Spear Phishing
A targeted form of phishing in which attackers personalize messages to deceive a specific person or organization, often by impersonating a trusted source within the organization.

Spoofing
A technique where an attacker impersonates another user, system, or service to gain access to data or deceive a victim. Examples include email spoofing, IP spoofing, and phone number spoofing.

Spyware
Malicious software that secretly monitors a user's activity on a computer or network, collecting data such as passwords, browsing history, and login credentials.

Subdomain
A part of a main domain that adds an additional level of addressing. It is a key element of an address, as it helps determine the legitimate owner of a service and differentiate a real website from a fraudulent one. The format is: DOMAIN_NAME.EXTENSION, for example, company.com.

SQL Injection
An attack on a web application in which the attacker injects malicious SQL queries into a database through security vulnerabilities in forms or URLs, gaining access to confidential data or modifying information.

T

Trojan
A type of malicious software that disguises itself as legitimate software or files but, once executed on a user's computer, performs harmful actions such as stealing data, installing other malicious programs, or creating backdoors.

Token
An electronic authentication element used to verify a user's identity in a system. Tokens can be physical (such as access cards) or digital (such as one-time codes in mobile applications).

Two-Factor Authentication (2FA)
A verification process that requires two independent authentication factors to confirm a user's identity, such as a password and a one-time code sent to a phone or generated by an application.

U

URL Protocol
The first part of a web address that defines how communication between a web browser and a server occurs. The protocol field ends with "://". Most websites use the HTTPS protocol (e.g., https://), meaning the connection is encrypted.

URL Path
A part of a URL that indicates the exact location of a resource on a server, for example, www.company.com/sites/news. The path appears in the address right after the domain and starts with the "/" symbol.

U2F Key (Universal 2nd Factor)
A physical device used as a second authentication factor to enhance security when logging into online services. U2F is an open authentication standard that allows users to log in using a hardware key, typically connected via USB, NFC, or Bluetooth.

Unauthorized Access
Access to a system, network, or data without the owner's permission. It can lead to security breaches and data leaks.

V

Vishing
A type of phishing attack in which attackers use phone calls to trick victims into revealing confidential information, such as personal data or payment card details, by impersonating trusted institutions.

VPN (Virtual Private Network)
A technology that enables a secure and encrypted connection to a public network (e.g., the Internet), allowing users to protect their privacy and data from unauthorized access.

W

Wi-Fi Router
A network device that connects local devices (LAN) to the internet via wireless transmission (Wi-Fi). A Wi-Fi router directs internet traffic and acts as a firewall to secure the network.

Worm
A type of malicious software that can replicate and spread itself to other computers without user intervention. Worms can cause damage or introduce other malware into infected systems.

X

XSS (Cross-Site Scripting)
A type of attack on web applications in which an attacker injects malicious JavaScript code into web pages to steal user data or perform other harmful actions.

Z

Zero Trust
An IT security model in which no person or device is automatically trusted, even if they are inside the organization's network. Every access request must be verified and monitored.

Zero-Day
A term referring to a security vulnerability discovered by an attacker before the software vendor has had a chance to fix it. Zero-day exploits are particularly dangerous because no patch or security update is available yet.