Geekheads News

Cyber Security Glossary

If you don’t work in the cyber security industry, some terms may as well be part of another language, check out the below Cyber Security Glossary.


Adware is a type of software that delivers ads on your system. Usually, these pop-up ads appear while visiting sites, like annoying pop-up ads or banners. They come in “bundle” versions with other applications. Most types of adware are not dangerous, maybe a bit annoying since they deliver pop-up ads while visiting a website, but there is another dangerous form of adware that delivers spyware, which can track down your activity and retrieve sensitive information. For this reason, users must not download an application from unsafe websites and pay attention to software that comes bundled. Less serious issues caused by adware can be slow down problems or too many annoying pop-up ads that can fill your computer screen. Not to mention the stability issues which could affect your system. To remove malicious adware or spyware from the system, check online for specialized tools like Malwarebytes or Spybot.


A backdoor Trojan is a way to take control of a system without permission. Usually, a backdoor Trojan poses as a legitimate program spreading though phishing campaigns and fooling users into clicking a malicious link or accessing malware on a website. Once the system is infected, the Trojan can access sensitive files, send and receive data online and track the browsing history. To avoid this type of infection, you should keep the system up-to-date with the latest patches and have strong anti-malware protection.


Citadel is a form of financial malware which emerged in 2012, after the source code for the infamous ZeuS malware was leaked online. Because the code was open source, cyber criminals started improving it to get newer, more sophisticated and stealthier malware types. Just like ZeuS/Zbot, Citadel aims to retrieve confidential information, especially banking and financial information, from the victim. On top of financial fraud, Citadel can also run different types of malware, such as ransomware or scareware, which makes it advanced toolkit for cyber criminals.


The dark web refers to websites and online content that exists outside the reach of traditional search engines and browsers. This content is hidden by encryption methods (in most cases, these sites use the Tor encryption tool to hide their identity and location) and can only be accessed with specific software, configuration settings or pending approval from their admins. The dark web is known for being a hub for illegal activities (drug and crime transactions, dark hat hacking and so on).


Greyhat hackers have a more ambiguous mode of operation compared to blackhat and whitehat hackers. For instance, they may use illegal means to detect a vulnerability, but then disclose it to the targeted organization. Another perspective on greyhat hackers focuses on those that find exploits, and then sell the know-how to governments but only after receiving a payment. Greyhat hackers distinguish themselves from blackhat hackers on a single important criteria: they don’t use or sell the exploit for criminal gain.


Through keylogging, cyber criminals can use malicious software to record the keystrokes on a users’s keyboard, without the victim realizing it. This way, cyber criminals can collect information such as passwords, usernames, PIN codes and other confidential data.


Locky is a type of encrypting malware (also known as ransomware) distributed through Microsoft Office Macros and targeting Windows-running PCs. The name comes from the fact that, once the victim’s PC is infected, the ransomware will scramble and encrypt all the data on that PC, setting every file extension to .locky. Locky is spread through spam email campaigns, which make heavy use of spoofing, the same as the cyber criminals behind Dridex operate. In order to get the data decrypted, Locky creators ask for a ransom, which, if not paid, will leave the data useless if the victim doesn’t have a backup.


This is a type of software designed to monitor and record traffic on a network. It can be used for good, to run diagnostic tests and troubleshoot potential problems. But it can also be used for malicious purposes, to snoop in on your private data exchanges. This includes: your web browsing history, your downloads, the people you send emails to, etc.


Ransomware is a type of malware (malicious software) which encrypts all the data on a PC or mobile device, blocking the data owner’s access to it. After the infection happens, the victim receives a message that tells him/her that a certain amount of money must be paid (usually in Bitcoins) in order to get the decryption key. Usually, there is also a time-limit for the ransom to be paid. There is no guarantee that the, if the victim pays the ransom, he/she will get the decryption key. The most reliable solution is to back up your data in at least 3 different places (for redundancy) and keep those backups up to date, so you don’t lose important progress.


A Zero Day or Zero Hour attack are attacks that use vulnerabilities in computer software that cyber criminals have discovered and software makers have not patched (because they weren’t aware that those vulnerabilities exist). These are often exploited by cyber attackers before the software or security companies become aware of them. Sometimes, Zero Days are discovered by security vendors or researchers and kept private until the company patches the vulnerabilities.

Do you have any questions?
Call 020 3637 6095

Posted by