Synonym for 419 Scam
Programs designed to launch advertisements on infected computers and/or to re-direct search engine results to promotional web sites. Adware programs are often built into freeware or shareware programs, where the adware forms an indirect ‘price’ for using the free program. Sometimes a Trojan silently downloads an adware program from a web site and installs it onto someone’s machine. Alternatively, hacker tools, often referred to as Browser Hijackers, download the adware program using a web browser vulnerability. Typically, adware programs do… Read Full Article
AES (Advanced Encryption Standard) is a specification for the encryption of data established by US National Institute of Standards and Technology (NIST) in 2002 as a replacement for the older DES (Data Encryption Standard), which was felt to be susceptible to brute-force attacks. AES is now a worldwide standard. AES is based on the Rijndael cipher (the name is based on the names of its developers, Joan Daemen and Vincent Rijmen). Rijndael was chosen during a selection process that included… Read Full Article
An anonymiser, or anonymous proxy, masks a person’s activity on the Internet. Typically, this is done using a proxy server. The proxy server acts as a go-between – accessing the Internet on behalf of the client computer, while shielding the client’s personal information (e.g. disabling cookies, hiding the client IP address). Growing concerns about online privacy have led to an increased use of anonymisers (e.g. the Tor browser).
Anti-virus databases hold the data needed for a signature-based scanner to find and remove malicious code. The databases contain a series of virus signatures (or definitions), unique sequences of bytes specific to each piece of malicious code. Today, signature analysis is no longer the primary protection method used to block malware.
The engine, the core of any antivirus product, is a software module that is purpose-built to find and remove malicious code. The engine is developed independently of any specific product implementation. So it ‘plugs-in’ equally well into personal products (such as personal scanners or real-time monitors), or solutions for servers, mail scanners, file servers, firewalls and proxy-servers. These products may be developed by the engine developer, or they may be developed by third parties who integrate the engine into their… Read Full Article
Originally, this term has meant software that counteracted viruses, but now when saying antivirus we mean signature-based system that detects various types of malware. It is a basic component of the majority of modern anti-malware solutions. Sometimes this term is misused to describe any internet security solutions.
An API defines the way that a piece of software communicates with other programs, allowing these programs to make use of its functionality. The API provides a series of commonly-used functions that third party developers might need. For example, an operating system vendor provides an API that allows developers to write applications that are consistent with the operating system. Typically, the API comes with a set of routines, modules and protocols that can be used to access the program’s functionality,… Read Full Article
Technology, that allows to monitor and control the installation and launch of software applications. This proactive layer of protection is also useful for blocking out executable malware, including malicious apps that are yet unknown to the developer.
This term is applied to concerted, stealthy, ongoing attacks against specific organisations — in contrast to speculative, isolated, opportunistic incidents that make up the bulk of cybercriminal activity. Typically, APT-attacks are government based. Such attacks make use of highly sophisticated malware to breach an organization’s security defenses. APT is a particular case of the Targeted Attack.
Cryptographic algorithm that uses two different, but mathematically linked, keys — one public and one private. The public key — which can be shared with anyone — is used to encrypt data. The private key — which must be kept secret — is required to decrypt data. The security of the algorithm lies in the difficulty of factoring large integers that are the product of two large prime numbers. While it’s easy to multiply them, the time required to determine… Read Full Article
A file containing a data sequence used to identify an attack on the network, typically using an operating system or application vulnerability. Such signatures are used by an Intrusion Detection System (IDS) or firewall to flag malicious activity directed at the system.
Authentication is the process of determining if someone (or something) is what they claim to be. In the context of computing, the credentials provided by the person requesting access to a resource are compared to those held by the provider of that resource. If the credentials match, the person is given access to the resource. Someone is authenticated based on what they know (e.g. a password), what they have (e.g. a security token) or what they are (e.g. a fingerprint).… Read Full Article
Code injection refers to the activity of manipulating a vulnerable program in order to execute arbitrary code – the malicious code is injected into the running process of the vulnerable program. This is possible when a program allows unsafe user-supplied data (for example, due to lack of boundary checks) to become part of the code of being executed, this often leading to the execution of a system shell: note that the malicious code is executed with the same privileges as… Read Full Article