A derogatory term for somebody who uses published exploits (also known as commodity attacks) rather than having the skill to develop their own.
Search Engine Optimisation - SEO
Manipulating the unpaid results of a web search engine's results in order to increase the visibility of a certain result. Fraudulent SEO will attempt to direct users to malicious sites by making them appear to be more legitimate.
Secure Shell - SSH
Secure Shell, also known as SSH, is a cryptographic network protocol used to securely run network services over insecure connections, typically using TCP port 22. The following IETF RFCs relate to SSH:
Secure Sockets Layer - SSL
A protocol for transmitting private information across the internet. SSL uses an encryption system that uses two keys to encrypt data − a public key and a private (secret) key known only to the recipient of the message. SSL 1.0, 2.0 and 3.0 have been implemented. SSL has been superseded by TLS. The term SSL is however commonly used to refer to both SSL and TLS collectively.
A security incident that results in unauthorised access to data, applications, services, networks and/or devices by bypassing underlying security mechanisms.
A security breach could affect confidentiality, integrity or availability.
A security event is a change in the everyday operations of a network, service or device indicating that a security policy may have been violated or a security safeguard may have failed.
Security Information and Event Management - SIEM
In the field of information security, SIEM is used to provide real-time analysis of security events and alerts generated by network hardware, operating system and applications.
SIEM solutions are generally used to consolidate logs from multiple ICT assets and syslog servers into one system. Anomalies and security events/alerts can be detected across an ICT estate in real time, which can then be investigated and responded to by security analysts.
Server Message Block - SMB
Server Message Block (SMB, also known as Common Internet File System, CIFS) is an application-layer networking protocol used for sharing access to files, devices or other miscellaneous communications between nodes on a network over TCP ports 139 and 445. It is primarily used by the Windows operating system, with several open-source implementations such as Samba available for other operating systems.
Shodan search engine
Shodan is a search engine used to find publicly accessible internet-connected devices, including servers, IoT devices, security systems and home computers. Searches can be run that target specific device groups, with more detailed results being returned if a user has an API key.
Primarily a penetration testing tool, Shodan can easily be used by an attacker to find vulnerable devices for further exploitation.
Any attack that leverages information gained from a system's operation, such as power consumption, sound, computation timings or electromagnetic leaks, instead of from vulnerabilities in the system itself.
Simple Network Management Protocol - SNMP
SNMP allows devices connected to a network to share information about their current state for network monitoring purposes and also provides a channel through which an administrator can modify pre-defined values.
To provide a degree of security, SNMP Community strings that work in a similar way to a password are transmitted to a device with any command string to authenticate its execution.
Simple Object Access Protocol - SOAP
Originally known as Simple Object Access Protocol, SOAP is a messaging-layer protocol used to provide access to web services. SOAP uses other application-layer protocol such as HTTPS for transmission.
A DNS sinkhole, also known as a sinkhole server, internet sinkhole, or blackhole DNS is a DNS server that gives out false information to prevent the use of a domain name.
Small Office Home Office - SOHO
Term typically used to define offices of up to 20 employees.
A type of phishing attack that uses SMS messages (or other types instead of mobile messaging such as MMS or IM services) instead of email messages.
An attack method that tricks people into breaking normal security procedures by masquerading as a reputable entity or person in email, IM or other communication channels.
Social engineers try to trick victims into disclosing sensitive information or by allowing or doing something which compromises security, such as allowing physical access to a secure area or a user executing a malicious executable at the social engineers request.
Socket Secure - SOCKS
Socket Secure (SOCKS) is an internet protocol that exchanges network packets between a client and server through a proxy server.
Unwanted and unsolicited bulk email. The email messages may be commercial by nature but can also contain disguised links that appear to be for familiar websites but lead to phishing websites or sites that are hosting malware.
Spam email may also include malware as scripts or other executable file attachments.
Spear phishing is a type of fraud whereby a phishing attempt is targeted against specific individuals or organisations. Attackers attempts to steal sensitive data such as passwords or credit card numbers, via social engineering. Attackers may gather personal information about their target to increase their probability of success. It is often used as part of reconnaissance activity by a hacker.
Spear phishing can be performed via email, phone calls, IM or other communication channels.
An attacker or program successfully masquerades as another by falsifying data for malicious reasons. Spoofing an email address to fool a recipients or an attacker spoofing their IP or hardware (mac) address in a man-in-the-middle attack are well known attack examples.
Software that gathers information about a person or organisation without their knowledge. The information may be sent to a remote destination and is usually used for malicious purposes.
SSH File Transfer Protocol - SFTP
SSH File Transfer Protocol (IETF RFC 4251), also known as Secure File Transfer Protocol or SFTP, is a network protocol for remote access, transferal and management of files. It is an extension to the SSH 2.0 protocol.
The practice of concealing a file, message, image, or video within another file, message, image, or video.
Subresource integrity is a feature that enables a web browser to verify that a fetched file corresponds to an expected hash value.