Do you know everything about the hacker universe? Maybe so, but these 43 terms need to be fixed in your mind. Check out the list!
Hackers and crackers are part of the cyber universe and often cause a lot of problems through attacks and malicious techniques to carry out intrusions. If you still have doubts or curiosities about this gigantic world, the following glossary can help you. See the full list and learn more about the subject.
Adware
Adware is unwanted software that downloads or displays advertisements on the computer screen without the user’s permission. In addition, programs loaded with advertisements that are only removed after purchasing a license are considered adware.
Air Gap
Computers or networks that are physically isolated from others, including internet networks, are considered to be “air-gapped”. In this way, the “air gap” corresponds to physical isolation, such as a possible security barrier.
Antivirus
Software used to block digital threats and ensure the security of computers, smartphones and other devices connected to networks. Despite the name, most antivirus products on the market today act as anti-malware, blocking other types of threats as well.
Application-Layer Attack
Application-layer attacks are attacks carried out on application communications. Infected computers can generate access permissions for crackers and cause damage. In this sense, applications that use online databases (such as Adobe Reader) can also be affected.
DNS attack
DNS attacks aim to misdirect the destination requested by the user, diverting traffic from legitimate servers and directing it to other domains. To do this, hackers use two main techniques: cache poisoning (DNS Poisoning) and server hijacking (DNS Hijacking).
Auditing
A complete examination of all digital activities carried out in a given network environment. The purpose of this practice carried out by security teams is to certify that the defenses installed have not been compromised and also to find out if the practices determined previously are still in full operation.
Backdoor
An intrusion through the “back door”, used to access a system, as well as copy or steal data, and even control it remotely. This route is usually not documented and is therefore more vulnerable to sneak attacks and difficult to detect before it causes problems.
Backup
Copies of the most important data (or all of it) that a company or person has on their systems.
Botnet
Botnets are “zombie computers”. Basically, they are devices invaded by a cracker, who turns them into a replicator of information. This makes it more difficult to trace the computers that generate spam and, as a result, the reach of illegal advertisements is greater.
Cipher
In cryptography, the term cipher corresponds to the act of altering an original message, changing the order, appearance, type of letters or phonemes, with the aim of making the content unintelligible to possible interceptors (hackers), preventing the reproduction of the original message and the recovery of deleted data.
Compromised-Key Attack
Compromised-key attacks are those in which the hacker has access to certain operating system registry keys. This allows them to generate logs decrypting encrypted passwords and hack into both accounts and registered services.
DDoS
A distributed denial of service attack is an overload of servers without any type of intrusion. It creates instability or temporarily takes down websites and services; it is activated by a huge number of access requests to a single point, artificially configured by the criminal.
DNS Poisoning
The DNS poisoning attack can cause serious problems, since when the attack occurs, the affected user is able to continue browsing the Internet normally, but all their data is sent to an invading computer.
Firewall
A layer of protection installed at the “edge” of internet networks. A firewall is responsible for preventing unauthorized IPs from accessing protected environments.
Hashing
Hashing is the process of generating a fixed-size output from a variable-size input. The whole process is done using mathematical formulas (hash functions), which allow the implementation of hashing algorithms, used in the composition of cryptocurrencies, for example.
IP Spoofing
IP address spoofing uses the transport of data packets in a masked way to attack servers and machines. It is usually associated with other attacks, such as DDoS. The use of spoofed sender addresses makes it difficult to detect this threat and identify the criminal.
Keylogging
A threat usually activated via software that operates hidden and records all the content that is typed on a computer keyboard. In this way, it records access data, such as logins and passwords, as well as messages and emails exchanged with other people, sending the content to an external server.
Malware
Malware is any application (program) that accesses system information or documents stored on the hard drive without the user’s authorization. Examples include viruses, trojans, worms, rootkits and other files.
Man in the middle
An interception of communication between two points, such as two people talking or a user accessing a website, with the attacker acting as an intermediary without being detected. This virtual crime can involve espionage, theft of data that should be private or modification of the original information.
Password-based Attacks
The password-based attack is generated by programs designed to try to use repeated passwords several times. This creates an instability in the verification of the logon referred to, and can generate duplicate passwords and even valid logons.
Phishing
An online scam that consists of tricking the victim with a fake page, a “lure” that imitates a real website in content and appearance, but with a different address (URL). It usually simulates bank and social network login screens in order to steal access data or financial information.
Pod Slurping
The term “pod slurping” is used to refer to the practice of stealing information using portable devices (such as USB sticks or iPods), which are already pre-configured for the activity. These attacks can be direct or simply open up the computer to attackers.
Port Scanning
Port scanning is the scanning of servers in order to find vulnerable ports that can be hacked. All this is done with the help of port scanners, which map TCP and UDP ports.
Ramsonware
This type of attack is on the rise among both ordinary users and large companies. In the attack, the machine is “hijacked” and the data and files are encrypted. The access key is only released by the criminals when a ransom is paid. If they refuse, the data can be leaked or deleted.
Red Team
Red teams are formed to carry out cyber-attack tests in order to assess the security of a network. To do this, penetration tests can be carried out on different systems and especially on security programs.
Rootkit
A rootkit is a set of computer software that is generally malicious. These components are designed to allow unauthorized access to a computer or a specific area of the software.
SQL Injection
The SQL Injection threat takes advantage of flaws in systems that interact with databases using SQL commands. The attacker can then insert an improper SQL statement into a query via forms or application URLs.
Sidejacking
The term “sidejacking” refers to a practice related to Session Hijacking (exploiting a computer session), but which usually involves the attacker and the victim logging on to the same network. This type of attack is common in Wi-Fi hotspots without security enabled.
Sniffer Attack
A “sniffer attack” is a type of attack carried out by software that captures packets of information exchanged on a network. This way, if the data is not encrypted, hackers can access conversations and other logs recorded on the PC.
Social Engineering
Social engineering is characterized by the manipulation of people in order to obtain confidential information. By obtaining information about possible security breaches or even access passwords, attackers can obtain important data and carry out attacks.
Spam
Spam is nothing more than messages sent en masse to a list of contacts acquired illegally. They usually carry advertisements about piracy, but can also contain shortcuts to suspicious pages that can steal contact lists, increasing the power of spammers.
Spoof
A spoof attack occurs when a cybercriminal masks information to avoid being traced. It is common for hackers to pretend to be other people or use a supposedly known network to gain access to sensitive data.
Spyware
A spy program that, after infecting a PC or mobile device, spies on a user’s activities and slows down browsing. The content monitored and collected includes browsing history, personal data and banking information, which can be used in future cybercrimes.
SSL
Secure connection certificate, which certifies to the user that the connection on which they are surfing allows data encryption. This means that there is less chance of the exchange being intercepted and decoded by other people.
TCP Syn/TCP ACk Attack
A SYN attack is carried out on the communication between server and client. More requests are then sent to the machines than they can handle and this can lead to computer crashes. The victim is knocked off the server and loses the connection.
TCP Sequence Number Attack
TCP Sequence Number Attack” type attacks use attempts to predict the numerical sequence used to identify data packets sent (and received) in a connection. In this way, they can emulate a fake server to receive all the information from the hacked computer.
TCP Hijacking
In a TCP Hijacking attack, the hacker intercepts and takes over a legitimately established TCP session between two machines. The aim is to interfere and capture the information exchanged between the user and a host.
Teardrop
Teardropping is a form of Denial of Service attack, which means that the attackers use invalid IPS to create fragments and overload their victims’ computers – older ones could crash easily with these attacks.
Trojan
A Trojan is a type of malware downloaded by the user without their knowledge. It is usually present in simple applications or programs, but they hide malicious features and alter the system to enable attacks.
Virus
Viruses are codes that force automatic duplication in order to increase their attack power and create more problems. They work in the following way: they attach themselves to computer files to be spread to other devices, infecting several at the same time and even causing problems with the hard disk.
Webfilter
It acts like a firewall, but internally. This type of solution determines and manages what each IP located on the protected network can and cannot access or modify.
Worm
A worm works in a similar way to a virus, the difference being that these files don’t need other hosts to be duplicated, as they can do this automatically and create loopholes in the hacked computers themselves. They are spread over unprotected networks.
Zombie
A computer infected by a botnet.
