A cache is used to store data temporarily, typically recently accessed files (cache memory, disk cache or web browser cache, for example). Since accessing the cache is quicker than accessing regular Random Access Memory (RAM) or disk, files stored in… Read Full Article

A data transfer protocol used to network heterogeneous devices and ensure reliable communication between them. Most often it takes the form of a bus that supports the transfer of data packets able to be received by all connected nodes. CAN… Read Full Article

A computer test to distinguish human from machine input. There are various methods, such as a distorted image that a computer cannot recognize, analysis of user behavior, logical questions, etc. CAPTCHAs are used by websites as an anti-spam and automatic… Read Full Article

Unlawful transactions performed without a bank card. CNP transactions include online purchases and phone orders — that is, transactions in which the seller cannot verify whether the buyer has a card and must rely on the information they provide. Payment… Read Full Article

A fraudulent transaction using bank card details carried out without the owner’s knowledge. Attackers use card details stolen from the servers of payment systems, credit institutions, and retail stores. One way to get hold of card details is to create… Read Full Article

An organization that guarantees the authenticity of an SSL certificate (a public encryption key issued to a client). The reputation of CAs is generally considered to be beyond doubt, and data verified by them is taken as genuine. CAs came… Read Full Article

A verification method for checking a computer system’s components to ensure its security and integrity. The chain of trust works on the principle that if element A considers elements B and C to be reliable, the latter likewise consider each… Read Full Article

A value that is the result of applying cryptographic hash function to a piece of data, usually a single file. Comparing the generated checksum with the one provided by the source of the file, helps ensure that a copy of… Read Full Article

An algorithm that describes rules for converting the source text of a message into a set of symbols incomprehensible to an outside observer. It prescribes a series of clearly defined actions that must be performed to encrypt/decrypt a message. The… Read Full Article

The inflation of clicks on advertising links for the purpose of draining the advertiser’s budget. Click fraud can be perpetrated either by an advertising agency to demonstrate the effectiveness of a posted ad, or by the owner of the website… Read Full Article

A method for tricking website users by placing a transparent layer with active elements over the main content of a page. Thinking they are clicking a button or link on a legitimate site, the user can inadvertently run a malicious… Read Full Article

Closed-source software (proprietary software) is software whose author owns all rights to use, modify, and copy it. Software products that do not meet the requirements for open-source software are generally categorized as closed-source software. Restrictions of closed-source software Creators of… Read Full Article

Cloud computing is a network-based computing that provides shared processing resources and data to computers and other devices on demand. It is a model for enabling on-demand access to a shared pool of configurable computing resources (e.g., networks, servers, storage,… Read Full Article

Code injection refers to the activity of manipulating a vulnerable program in order to execute arbitrary code – the malicious code is injected into the running process of the vulnerable program. This is possible when a program allows unsafe user-supplied… Read Full Article

An executable file in DOS and Windows operating systems. COM-type objects have a simple structure and store data, stack contents, and code in one segment. COM files have largely given way to the improved EXE format.

A server that helps a fraudster to control a botnet and sends malicious commands to its members, regulate spyware, send payload, etc.

A text interface for issuing commands to a computer or other device. Unlike graphical user interfaces, a command line implies a set of keyboard-driven operators and their arguments. In most modern operating systems, the command line is accessed via a… Read Full Article

A utility for converting the source code of a program into commands for execution by the processor. Compilers create an executable file from an algorithm described by means of a programming language. Compiled programs cannot be changed; only the source… Read Full Article

A network of servers providing high availability and quick delivery of web page content to users. Every <abbr title="Content Delivery Network“>CDN network node stores and regularly updates a copy of the source site. When accessing a resource, users receive data… Read Full Article

Content Security Policy (CSP) is a security standard that allows web developers to define acceptable sources of content for a website to protect it against malicious code injection. Read Full Article

A cookie is a small piece of data that’s temporarily placed in the browser as an ‘aide memoir’, allowing a web site to remember, as the visitor navigates from page to page, what they have done. This might include their… Read Full Article

A malicious program designed to hack into a software security system. A crack can modify executable files and an application’s libraries or settings, generate and substitute license keys, or perform other actions to bypass the key verification algorithm and enable… Read Full Article

A standalone program that “bypasses” Internet resources to update a search engine database. Search robots (or “spiders”) index information about websites. They follow links, reaching out to more and more new pages. Spiders can be limited to search, so as… Read Full Article

A type of brute-force dictionary attack used to hack computer systems and online services. In credential stuffing, instead of common username/password combinations, cybercriminals use real credentials stolen from a third-party resource. The cybercriminals count on the fact that many people… Read Full Article

A type of attack when cybercriminals use limitations of the HTTP protocol. As a user opens the page, the malicious code is activated and makes the victim’s browser send a certain request to the forgers’ web-service (i.e. under the guise… Read Full Article

A type of attack when cybercriminals inject a malicious code into a webpage. As a user opens the page, the code starts running on their computer and connects to the web-server of the fraudster who gains control over the system… Read Full Article

Type of ransomware that encrypts user’s files, and demands ransom. Sophisticated crypto-ransomware uses advanced encryption methods so files could not be decrypted without unique key. Read Full Article

Digital currency based on public key encryption. Monetary units of cryptocurrency are intangible and take the form of a chain of data blocks (blockchain) linked together. Blockchain integrity is ensured by including in each block encrypted information about the previous… Read Full Article

An online platform that provides storage services for a digital blockchain currency. Such services are used for buying and selling cryptocurrency, swap transactions, and payment for goods and services. Cryptocurrency wallets can be supported by issuers of digital money or… Read Full Article

A set of rules that is used for encoding some information in such a way that only authorized parties can read it. They allow to generate a ciphertext that can only be read if decrypted.

A secret sequence of characters used by a cryptographic algorithm to transform plain text into cipher text or vice versa.

The practice and study of techniques for secure communication in the presence of third parties. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects in information security… Read Full Article

Using a compromised device to generate cryptocurrency without the owner’s knowledge. Mining can be performed either by installing a malicious program on the target computer or by means of fileless malware. Sometimes attackers take over part of the computer’s processing… Read Full Article

A cryptor is a tool designed to obfuscate the code in a malware sample so that it cannot easily be detected using a signature-based scanner. Also sometimes, this term is used as a synonym to Cryptomalware.

CVSS (Common Vulnerability Scoring System) is an open standard for assessing the severity of vulnerabilities. Read Full Article

A set of technical methods and organizational measures for identifying the perpetrators of a cyber attack or malicious campaign. Attribution usually entails expert analysis of cybercrime traces, as well as investigative actions by police on the basis of the analysts’… Read Full Article

This term is borrowed from physical squatting, where someone occupies a property without the consent of the owner. Cyber-squatters reserve domain names that they think others may want, often related to existing trademarks. Scammers sometimes buy domain names that resemble… Read Full Article

Cybercrime is the term used for any illegal activity carried out using a computer.

Cyberstalking is the use of the Internet or other electronic means to stalk or harass a victim. Read Full Article

Malware used on a national or international level for receiving valuable data and reaching military and political goals.