cybersecurity - Concepts
Explore concepts tagged with "cybersecurity"
Total concepts: 29
Concepts
- Malware - Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems
- Computer Virus - Self-replicating malware that spreads by inserting copies of itself into other programs or files
- Smishing - SMS phishing - using text messages to trick victims into clicking malicious links or revealing sensitive information.
- Botnet - A network of compromised computers controlled remotely to perform coordinated malicious activities
- Brute Force Attack - An attack method that systematically tries all possible combinations to crack passwords or encryption
- Software Supply Chain Security - The practices, tools, and policies that protect every stage of how software is built, distributed, and consumed
- Phishing - Fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity in electronic communications.
- Watering Hole Attack - An attack that compromises websites frequently visited by a target group to infect their systems.
- Whaling - Phishing attacks specifically targeting high-profile executives, senior management, and other 'big fish' in organizations.
- Slopsquatting - A supply chain attack where attackers register package names that AI models tend to hallucinate, then wait for developers to install them
- DDoS Attack - An attack that overwhelms systems with traffic from multiple sources to make services unavailable
- Spear Phishing - Targeted phishing attacks directed at specific individuals or organizations using personalized information.
- Trojan Horse - Malware disguised as legitimate software that performs malicious actions once installed
- Ransomware - Malware that encrypts victim's data and demands payment for the decryption key
- Remote Access Trojan - Malware that gives an attacker unauthorized remote control over a victim's computer, operating covertly without the user's knowledge
- Package Registry Security - How package registries like npm, PyPI, and crates.io handle trust, identity verification, and defense against malicious packages
- Software Composition Analysis - The automated process of identifying all open-source and third-party components in a codebase and mapping their vulnerabilities, licenses, and security risks
- Man-in-the-Middle Attack - An attack where the attacker secretly intercepts and potentially alters communication between two parties
- Quishing - QR code phishing - using malicious QR codes to redirect victims to phishing websites or trigger harmful actions.
- Zero-Day Vulnerability - A software vulnerability unknown to the vendor, exploitable before a patch is available
- Namesquatting - The practice of registering names in shared namespaces like package registries with intent to exploit trust or confusion
- Starjacking - A supply chain attack where a malicious package links to a popular GitHub repository to inherit its star count and perceived legitimacy
- Advanced Persistent Threat - A prolonged, targeted cyberattack where intruders gain access and remain undetected for extended periods.
- Computer Worm - Self-replicating malware that spreads across networks without requiring user action or host programs
- Dependency Confusion - A supply chain attack where a malicious public package with the same name as an internal package tricks build systems into installing the attacker's version
- Supply Chain Attack - An attack that targets less-secure elements in the supply chain to compromise the final product or service
- Vishing - Voice phishing - using phone calls to deceive victims into revealing sensitive information or taking harmful actions.
- Social Engineering - Psychological manipulation of people into performing actions or divulging confidential information.
- Pretexting - Creating a fabricated scenario or false identity to manipulate victims into providing information or access.
← Back to all concepts