Zombie
A zombie is the term for a computer that is infected and being used remotely by a bot. A bot, short for “robot”, is a type of software application or …
Secure Shell (SSH)
Secure Shell (SSH) is a cryptographic network communications protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network …
Password Cracking
Password Cracking refers to the various methods hackers use to learn exactly what password you use to protect one of your computer accounts. This can be accomplished by recovering passwords …
Reverse Engineering
Reverse Engineering occurs when you take a finished product and work backward to determine how it was constructed or engineered. By breaking a product or piece of software down into …
Melissa Virus
The Melissa Virus is malware that was was deployed in late March of 1999. A programmer by the name of David Lee Smith took over an America Online (AOL) account …
Reverse Intent
Reverse Intent the name given to a common hacker technique of flip-flopping a piece of security knowledge to identify a potential weakness. For example, identifying the version of Bind running …
Separation of Duties
Separation of Duties involves dividing roles and responsibilities to minimize the risk of a single individual subverting a system or critical process without detection. The classic example used in Separation of …
General (Public) Information
General Information, also known as Public information, is data that is commonly found in marketing campaigns, emails, and print media and generally requires less protection of its confidentiality and availability …
Intellectual Property
Intellectual Property (IP) refers to the ownership of a specific idea, design, manuscript, etc. by the person or company who created it. Intellectual property may give the person or company …
Swatting
Secure your business with CyberHoot Today!!! Sign Up Now Swatting refers to a harassment technique most often perpetrated by members of the online gaming community. Swatting entails generating an emergency …
ILOVEYOU Virus
The ILOVEYOU Virus, also known as, the Love Bug, is a computer worm that infected over 10 million Windows computers in May of 2000. The virus was an email that …
Mandatory Access Controls (MAC)
Mandatory Controls, also known as Mandatory Access Controls (MAC), are a type of access control that restricts the user’s ability to access certain restricted data or to perform restricted actions. …
Discretionary Access Controls (DAC)
Discretionary Access Controls, also known as DAC, are types of cybersecurity measures that allow or restrict access based upon the discretion of the employee as opposed to the file or …
Sensitive (Restricted) Information
Sensitive (or restricted) Information is data from a company or organization that is generally not regulated but that requires very important protections of its confidentiality, integrity and availability. Examples of sensitive …
Critical (Confidential) Information
Secure your business with CyberHoot Today!!! Sign Up Now Critical (or Confidential) Information in a Small to Medium-sized Business (SMB) is most easily understood to be regulated data such as …
Facial Recognition
Facial Recognition is an increasingly effective and popular technology capable of identifying a person’s identity from a digital image or video frame. Facial Recognition works by matching facial features from …
User Datagram Protocol (UDP)
User Datagram Protocol (UDP) is an alternative communications protocol to Transmission Control Protocol (TCP), used primarily for starting low-latency and loss-tolerating connections between applications and the internet. UDP is also …
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP) is a special type of packet used for inter-device communication, carrying everything from redirect instructions to timestamps for synchronization between devices. ICMP is an error-reporting protocol …
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a standard that defines how to establish and maintain a network conversation through which programs can exchange information or data. TCP works with the Internet Protocol …
DNS Reflection and Amplification Attacks
A DNS Reflection Attack, also known as a DNS Amplification Attack, is a form of a Distributed Denial of Service (DDoS) attack. In this attack, hackers use open DNS servers …
Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) is software commonly used by customer support representatives to remotely take over full control of a customer’s desktop and fix the issues on their computer. Issues …
False Flag
A False Flag is the pretending to be one hacking entity when you are in fact another. False flag operations make investigations significantly more difficult. They are commonly used by …
SIM Swapping
SIM Swapping is a term used when hackers steal a victims phone number and port or switch that number to a different SIM card in a different cell phone in …
Attribution
Attribution in the cybersecurity world refers to the process of tracking, identifying and placing blame on the hacker (perpetrator) or organization behind an attack. Following an attack, an organization should …
3-2-1 Backup Method
The 3-2-1 Backup Method refers to the “3-2-1 Rule” when backing up information from your computer. This is how security professionals recommend you backup your data: 3 copies of our …
Off Boarding Process
An Off Boarding Process refers to the process an organization follows to deprovision access from a departing employee. Most companies have a process they follow when an employee leaves the …
Two-Factor Authentication
Two-Factor Authentication (2FA) is the use of two of the following three identification factors: Something you know – Most often a password for your account. Something you have – Such …
Root Cause Analysis
A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.
Identification
Identification refers to the first step in the incident response process where an organization determines whether they have been breached or not. Security professionals will seek indicators of compromise while …
Remote Access Trojan (RAT)
A Remote Access Trojan (RAT) is malware that includes a backdoor for administrative control over the target computer. These trojans are typically installed in the background, invisibly, with a user-requested …
Countermeasure
A countermeasure in the cybersecurity world, is an action, procedure, or technique that decreases the likelihood of an attack by minimizing either the harm it can cause or the likelihood …
Exploit Chain
An Exploit Chain is an attack that involves multiple exploits or attacks that are chained together to fully compromise a device. In these attacks, Hackers cannot use a single exploit to …
RADIUS Authentication
RADIUS Authentication, also known as Remote Authentication Dial-In User Service (RADIUS), is a server protocol and software that allows remote access servers to be able to communicate with a central …
Demilitarized Zone (DMZ)
The Demilitarized Zone (DMZ) is sometimes referred to as a “perimeter network”, its primary purpose is to add an additional layer of security for the organization’s LAN (Local Area Network). …
Guest Wi-Fi Network
A Guest Wi-Fi Network is a separate network that gives users access to your router. A Guest Wi-Fi Network is essentially a separate access point to your router from the …
Trusted Wi-Fi Network
Trusted Wi-Fi Network refers to a network that is password protected and often is AD (active directory) authenticated via RADIUS. A network that is AD authenticated will have you enter …
VLAN (Virtual Local Area Network)
A Virtual Local Area Network (VLAN) is a logical grouping of devices in the same broadcast domain that can all talk over the network to one another. A VLAN in …
Kill Chain
A Kill Chain in cybersecurity reveals the phases of a cyber attack, from early reconnaissance to the goal of data exfiltration. Kill chains are also used as management tools for …
Business Continuity and Disaster Recovery Plan
A Business Continuity and Disaster Recovery (BCDR) Plan is a set of techniques and processes that are used by organizations to assist in recovering from a disaster and resuming everyday …
Revision
Revision refers to the final aspect of incident response, that of revising procedures and systems to ensure an incident doesn’t occur again. During this part of the process, organizations must …
Virtual Private Network (VPN)
A Virtual Private Network (VPN) is a way to create online privacy and anonymity by creating a private network from a public internet connection. A VPN will mask your internet …
Hacktivists
A Hacktivist is someone who uses technology systems or networks maliciously to promote a political agenda or social change. For example, a hacker might organize a Denial of Service attack …
Containment
Containment refers to the limiting and preventing of further damage to a computer system or network. Containment is a part of incident response, right before the eradication of the threat. …
Eradication
Eradication refers to what happens following containment of a cyber attack incident. After the threat has been contained, it is necessary to eradicate (remove) key components of the security incident. …
Passphrase
A Passphrase is a combination of words put together to make a phrase that is used as a password to secure accounts and sensitive information. For example, here are three …
Password Manager
A Password Manager is a software application that assists in generating and retrieving complex passwords and storing these passwords in an encrypted database. An example of a password manager would …
Bug Bounty Programs
A Bug Bounty Program is a deal that is offered by many websites, organizations, and software developers where individuals can receive recognition and monetary payment for reporting bugs or vulnerabilities …
Accidental Insider Threat
An Accidental Insider Threat occurs when an employees’ actions lead to damage to a system or network, the loss of critical or sensitive data, or even where a helpful employee …
Malicious Insider Threat
A Malicious Insider Threats occur when an insider uses their privileged access to a company’s resources and harms that organization’s data, systems, or IT infrastructure. Malicious insider events include stealing …
Vishing
Vishing is the fraudulent practice of making phone calls or leaving voice messages pretending to be from reputable companies in order to have individuals give out personal information, up to …