A cache is used to store data temporarily, typically recently accessed files (cache memory, disk cache or web browser cache, for example). Since accessing the cache is quicker than accessing regular Random Access Memory (RAM) or disk, files stored in the cache can be accessed without the need for the processor to carry out the more intensive work of reading data from regular memory or disk.


A value that is the result of applying cryptographic hash function to a piece of data, usually a single file. Comparing the generated checksum with the one provided by the source of the file, helps ensure that a copy of the file is genuine and error free.


Clickjacking (also known as ‘UI redressing’ and ‘IFRAME overlay’) involves tricking someone into clicking on one object on a web page while they think they are clicking on another. The attacker loads a transparent page over the legitimate content on the web page, so that the victim thinks they are clicking on a legitimate item when they are really clicking on something on the attacker’s invisible page. In this way, the attacker is able to hijack the victim’s click for… Read Full Article


Cloud computing is a network-based computing that provides shared processing resources and data to computers and other devices on demand. It is a model for enabling on-demand access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services), which can be rapidly provisioned and released with minimal management effort.

Code injection

Code injection refers to the activity of manipulating a vulnerable program in order to execute arbitrary code – the malicious code is injected into the running process of the vulnerable program. This is possible when a program allows unsafe user-supplied data (for example, due to lack of boundary checks) to become part of the code of being executed, this often leading to the execution of a system shell: note that the malicious code is executed with the same privileges as… Read Full Article

Command and Control server (C&C)

A server that helps a fraudster to control a botnet and sends malicious commands to its members, regulate spyware, send payload, etc.


A cookie is a small piece of data that’s temporarily placed in the browser as an ‘aide memoir’, allowing a web site to remember, as the visitor navigates from page to page, what they have done. This might include their login data, the buttons they click on and items they have placed in a shopping basket.

Cross-Site Request Forgery, CSRF/XSRF

A type of attack when cybercriminals use limitations of the HTTP protocol. As a user opens the page, the malicious code is activated and makes the victim’s browser send a certain request to the forgers’ web-service (i.e. under the guise of uploading an image), so that the forgers can use it on their purpose.

Cross-site scripting (XSS)

A type of attack when cybercriminals inject a malicious code into a webpage. As a user opens the page, the code starts running on their computer and connects to the web-server of the fraudster who gains control over the system this way. There are two major types of XSS vulnerabilities: persistent and reflected (non-persistent). In case of the persistent vulnerability, the code is saved by the server, so all the website visitors become victims. In case of the reflected vulnerability,… Read Full Article

Cryptographic algorithm

A set of rules that is used for encoding some information in such a way that only authorized parties can read it. They allow to generate a ciphertext that can only be read if decrypted.

Cryptographic Key

A secret sequence of characters used by a cryptographic algorithm to transform plain text into cipher text or vice versa.


The practice and study of techniques for secure communication in the presence of third parties. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic… Read Full Article


Type of ransomware that encrypts user’s files, and demands ransom. Sophisticated cryptomalware uses advanced encryption methods so files could not be decrypted without unique key.


A cryptor is a tool designed to obfuscate the code in a malware sample so that it cannot easily be detected using a signature-based scanner. Also sometimes, this term is used as a synonym to Cryptomalware.


This term is borrowed from physical squatting, where someone occupies a property without the consent of the owner. Cyber-squatters reserve domain names that they think others may want, often related to existing trademarks. Scammers sometimes buy domain names that resemble those of legitimate organisations, to use in phishing campaigns.


Cybercrime is the term used for any illegal activity carried out using a computer.


Malware used on a national or international level for receiving valuable data and reaching military and political goals.