Container
Before we get into what a container is, we need you to understand the difference between today’s term ‘Container’ and the previous term CyberHoot published ‘Hypervisor‘. Knowing the difference between …
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) is an attack vector where hackers inject malicious code into a vulnerable web application. XSS differs from other web attack vectors in that it does not directly …
Hypervisor
A Hypervisor, also known as a Virtual Machine Monitor or VMM, is software that creates and manages virtual machines (VMs). A hypervisor allows a computer to maintain many guest VMs …
Cross-Site Request Forgery (CSRF)
Cross-Site Request Forgery (CSRF), also known as XSRF, is an attack method that fools a web browser into performing unwanted actions in a user application. Similar to Phishing Attacks, CSRFs …
PCI-DSS
PCI-DSS (Payment Card Industry-Data Security Standard) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information manage it safely and in …
Internet Engineering Task Force (IETF)
The IETF (Internet Engineering Task Force) is the organization that defines standard Internet operating protocols such as TCP/IP. The IETF is a community of network designers, operators, vendors, and researchers concerned with …
Read-Only Memory (ROM)
Read-Only Memory (ROM) is storage technology that permanently stores data in a chip built into computers and other electronic devices. ROM includes the most basic programming needed to start a …
Domain Name System (DNS)
A Domain Name System (DNS) is essentially the ‘phonebook’ of the Internet. DNS is an elaborate, fault-tolerant way of connecting people to resources online. While it is quite complex, this …
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is an anti-spam tool where email domains of the senders can be authenticated. SPF works hand-in-hand with DKIM and DMARC to help authenticate email messages to …
DKIM
DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. …
DMARC
DMARC which stands for Domain-based Message Authentication, Reporting, and Conformance is an email security protocol. When enabled, your email domain is protected from spoofing by hackers. DMARC sets up an …
Non-Public Personal Information (NPPI)
Non-Public Personal Information (NPPI) is personal and private information that’s provided by a consumer to some entity for their use. This information includes the following examples: Name, address, income, social …
Anti-Censorship
Anti-Censorship are methods to combat censorship – for example, preventing search results from being blocked or interfered with. The growth of online platforms (Facebook, Instagram, Twitter, etc.) raises important questions …
Graphical User Interface (GUI)
A Graphical User Interface (GUI), often pronounced ‘gooey’, is a user interface that includes graphical elements, such as windows, icons, and buttons. The term was created in the 1970s to distinguish graphical interfaces from text-based …
Solid State Drive (SSD)
A Solid State Drive (SSD) is a type of storage device that supports reading and writing data and stores the data in a permanent state even without a power source …
Hard Disk Drive (HDD)
A Hard Disk Drive (HDD), also known as a hard drive, is a computer storage device holding magnetic disks or platters spinning at high speeds. It’s the only long-term storage …
RAM Disk
A RAM Disk is Random Access Memory (RAM) that has been adjusted to simulate a disk drive. You can access data on a RAM disk as you’d access data on a ‘hard disk’ (hard drive). RAM …
Polymorphic Virus
A Polymorphic Virus is a type of ‘shape-shifting’ virus, producing malicious code that is able to replicate itself with new signatures but identical payloads over and over again. These viruses …
Apple Wireless Direct Link (AWDL)
Apple Wireless Direct Link (AWDL) is a low latency/high-speed Wi-Fi peer-to peer-connection Apple uses everywhere you’d expect them to: AirDrop, GameKit (which also uses Bluetooth), AirPlay, and conceivably with future …
Clickbait
Clickbait is Internet content that uses overemphasized or misleading headlines to lure a person into clicking a link. Once the link is clicked, it brings the user to another website …
Biometrics
Biometrics identification refers to computer-based data that identifies a person based on unique physical characteristics and traits, including your face, fingerprints, voice, and even retinas (eye scans). Biometric identifiers (something …
Parasitic Virus
A Parasitic Virus, also known as a file virus, is spread by attaching itself to executable programs. When a program infected with a parasitic virus is opened, the virus code …
Boot Sector Virus
A Boot Sector Virus is a virus that infects the ‘boot sector’ of floppy disks or the ‘Master Boot Record’ (MBR) of hard disks (some infect the boot sector of …
Macro Virus
A Macro Virus is a virus that adds its code to the macros embedded within documents, spreadsheets, and other data files. The first macro virus appeared in July of 1995 infecting …
Memory-Resident Virus
A Memory-Resident Virus is a virus that is located in the memory of a computer, even after the ‘host’ application or program has stopped running (been terminated). Non-Memory-Resident Viruses are …
Random Access Memory (RAM)
Random Access Memory (RAM) is a machine’s short-term memory. RAM is fundamental to computer processing, being a super-fast and temporary data storage space that a computer needs to access right …
Learning Management System (LMS)
A Learning Management System (LMS) is a solution used by organizations to deploy and track online training initiatives. Typically assets, such as Training Assignments, Policies, or Surveys are uploaded to …
Linux
Linux is an open-source operating system (OS) that manages a system’s hardware resources including memory and storage. The OS rests between applications and hardware making connections between all of your …
Lateral Movement
Lateral Movement is the technique that hackers use after gaining initial access to machines or networks. Hackers use this strategy to move deeper into a network in search of sensitive …
Reconnaissance
Reconnaissance in cybersecurity refers to the preliminary step of a cyberattack, where a hacker is ‘scouting’ the target system. The terminology comes from military language, referring to a mission into …
Secure Web Gateway (SWG)
A Secure Web Gateway (SWG) is a tool that shields users from web-based threats as well as applying and enforcing business use policies. Instead of connecting directly to a website, …
Single Sign-On (SSO)
Single Sign-On (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. SSO works based on relationships …
vCISO
A vCISO (virtual Chief Information Security Officer), provides cybersecurity leadership to businesses virtually at a fraction of the cost if hiring them full-time. By hiring a third-party provider to manage …
PDF (Portable Document Format)
A PDF (Portable Document Format) is a file format designed to present documents consistently across multiple devices and platforms. Since developed by Adobe 1992, it’s become one of the most …
Malicious URL
A Malicious URL is a link created with the purpose of promoting scams, attacks, and fraud. By clicking on an infected URL, you may download malware or a trojan that …
SSAE Compliance
SSAE Compliance, also known as Statement on Standards for Attestation Engagements and Compliance, is a collection of auditing standards and guidance using standards published by the Auditing Standards Board (ASB) …
All-Source Analysis
All-Source Analysis is the analysis of threat information from multiple sources, disciplines, and agencies across the Intelligence Community. Analysts use this strategy to synthesize and group intelligence data gathered to …
Wi-Fi 6E
Wi-Fi 6E is a new extension to the Wi-Fi 6 standard ratified unanimously by the FCC in April of 2020 which opens up unused spectrum in the 6 GHz band. …
SOC 3
SOC 3 isn’t an of upgrade over the SOC 2 report. It may have some of the components of SOC 2; still, it is entirely a different ball game. SOC …
SOC 1
Systems and Organizational Controls (SOC) is an auditing standard that has its roots in financial systems and auditing. SOC audits come in three (3) flavors with SOC Type 1 being …
SOC 2
SOC 2 is the most commonly achieved audit report of the three SOC audit types. SOC 2 audits are quite common when working with service providers. It’s common for people …
Cyber Insurance
Cyber Insurance is a form of insurance for businesses and individuals against Internet-based threats. Many high profile data breaches have prompted insurance companies to offer cyber insurance policies to protect …
Digital Content Management (DCM)
Digital Content Management (DCM) is the process for collection, delivery, retrieval, governance and overall management of information in any digital format. The term is generally used in reference to administration …
Cyberwarfare
Nation states have taken heavily to cyberwarfare over the past 20 years. Some flex their muscles openly such as when Russia invaded Georgia a few years back and took out their critical infrastructure through Cyberwarfare before they rolled their tanks in. Others do so more stealthily with false flags and more. The only certainty is you must protect yourself, because no-one else will or can. Learn how at CyberHoot.
Application Programming Interface (API)
An Application Programming Interface (API) is a set of definitions and protocols for building and integrating application software. APIs let your product communicate with other products and services without having …
Tor Browser
The Tor Browser is a web browser designed for anonymous web browsing and protection against traffic capture, providing some level of privacy protection for individuals who us it. The Tor …
Digital Rights Management (DRM)
Digital Rights Management (DRM) are measures taken to protect digital media copyrights. DRM tries to prevent unauthorized redistribution of digital media and places restrictions on the ways consumers can copy …
Data Spill
A Data Spill, or Data Leak, is the accidental or deliberate exposure of information into an unauthorized environment. Data spillage is often the result of hackers breaking into company networks …
Paste
A Paste is information that has been “pasted” to a public facing website designed to share content such as Pastebin. These public forums are frequently used by hackers for their …
Quality of Service (QoS)
Quality of Service (QoS) is a technology that manages and prioritizes certain types of data traffic on a network with the goal of reducing packet loss, latency and jitters for …
