A zero-day vulnerability in a disclosed, but not yet fixed system or device is a vulnerability. A zero-day exploit is considered an exploit that exploits a zeros-day vulnerability.
An attacker with advanced know-how and considerable resources, which enables him to create opportunities for his purposes by using multiple attack vectors, which are usually to establish and extend the foundation of an IT infrastructure of organisations, in order to continually exfiltrate information or to damage it or prevent it.
ASM is the process of discovering, listing, classifying, analyzing, prioritizing, and monitoring all information that can be collected on the internet and informing your organization about sensitive data by searching external digital assets.
Remote access through a compromised system.
BEC is a sort of fraud targeting firms with wires transferring and providing international suppliers. Executives' email or high-level workers' accounts connected to finance or wire transfer payments, whether openly or publicly visible, are either faked or compromised by keylogging or fraudulent transfers by phishing assaults which result in losses of hundreds of thousands of dollars.
Illegal trafficking or trading in items publicly regulated or scarce.
Network of infected devices.
Using stolen credit cards.
Websites with no entrance barrier.
The Continuous Security Monitoring (CSM) methodology automates the monitoring of security records, vulnerabilities, and other cyber risks, with the objective of supporting corporate decisions on risk management.
Credential Stuffing is a technique that involves an automatic injection attack to access online services with stolen credentials. In an attack on the login data, fraudsters use it to access consumer accounts to make fraudulent purchases, carry out phishing attacks, and steal information and money.
Malware-infected bitcoin mining software.
CVE is a reference-method for publicly known information-security vulnerabilities and exposures.
CVSS is a method of capturing the key vulnerability features and producing a numerical score that reflects its severity.
The Common Weakness Enumeration is a category system for software weaknesses and vulnerabilities.
Dark net is an Internet overlay network that may only be accessed with particular software, settings, or authorization and frequently employs a unique customized communication protocol.
The dark web is a part of the internet that isn't indexed by search engines.
Data breach is an occurrence involving the stealing or removal of information from the system without the knowledge or permission of the system owner.
A threat actor who sells dataset and/or information.
A technique of denial of service used to conduct the attack on several hosts.
Any asset which is purely digital or which represents a physical asset on a digital basis.
A hash that identifies data in a unique way. The modification of a single bit in the data stream for the digest message produces a different digest of the message.
Information on a certain individual who exists through their online activities on the Internet.
To deny authorized access to resources or to postpone crucial time activities.
When an individual's private information gets made public.
Malicious code was unintentionally downloaded.
The process of listing all of a system's characteristics.
A toolkit that exploits various vulnerabilities in order to distribute malware.
Use of a flaw to gain an advantage.
A threat actor who sells their initial network foothold.
An IOA provides a unique construction into a dynamic, situational representation which directs the reaction of unknown attributes, IOCs and contextual information (including organizational intelligence and risk).
IoCs are the evidence that prove a cyber-attack has taken place.
Malware distribution system.
Threat actors who target Magento based online shopping cart systems.
A threat intelligence platform for collecting, distributing, storing, and correlating Indicators of Compromise from targeted assaults, threat intelligence, financial fraud information, vulnerability information, and even counter-terrorism information.
Time elapsed between the publication of a software patch and its application by suppliers.
A method used to try to collect sensitive information, such as a bank account, using a fake email request or a website in which the criminal disguises himself as a respectable company or a trustworthy individual.
Any information representation that allows the identification of the individual to whom the information relates to be properly inferred through direct or indirect means.
Ransomware is a malicious software that uses encryption to ransom victims. Critical information of a person or organization is encrypted so that files, databases or apps are not accessible.
Describes a form of attack that an attacker can use on a target system to execute arbitrary instructions or code. It allows attackers to run malicious programs to control the increased privileges of vulnerable devices.
Shadow IT, by definition, includes software, applications, and services used by different departments without the company’s IT department’s knowledge and control. Today, many staff can use different software and tools, thinking that they can carry out their work faster and easier without notifying the IT department.
Command and script interpreter deployed on a compromised system.
SIEM combines security information management with security event management in software products and services. They analyze security alarms issued by apps and network devices in real time.
A script that collects form data from a website.
Phishing via SMS.
Threat and vulnerability management, security incident response, and security operations automation are the three software capabilities described by the term.
SOC is the centralized role of a person, process and technology organization to continually monitor and enhance the security position of a business while avoiding, detecting, analyzing and responding to cyber security incidents.
A colloquial concept used to characterize any phishing attempt that is extremely focused.
Financially supported or authorized by a sovereign state.
Data that assist you safeguard your organization from cyber threats are strategic threat intelligence. Data is collected, processed and analyzed to offer you actionable intelligence to improve your security.
Attacks which let the attacker use implants or other vulnerabilities implanted before the installation to infill or modify the hardware, software, operating systems, peripherals or services of information technology at any time during the life time cycle.
The risk of sabotage, malicious introduction of undesirable functions, or other subvertments of the design, integrity, manufacturing, manufacturing, distributing, installing, operating or maintaining a supply item or systems in order to control, deny or disrupt the function, use or operations of a system or otherwise degrade it.
Tactical threat intelligence provides information about the tactics, techniques, and procedures (TTPs) used by threat actors to achieve their goals.
A take-down service, also known as a notice and take down request, is a method of requesting that an Internet Service Provider (ISP) or search engine delete or block access to unlawful, irrelevant, or obsolete content.
A participant (individual or group) in an activity or process defined by malice or harm using computers, devices, systems or networks.
A prose document describing TTPs, actors, systems and information types being targeted and associated threats.
TI is information on present or upcoming risks that might jeopardize an organization's security.
TLP is a collection of designations for the sharing of sensitive information with the relevant public.
It explains the analysis methodology of the functioning of an APT or can be used to profile a specific actor of threat.
It is a social engineering technique a hacker who sells their initial network foothold. that targets online users who mistakenly enter a URL in their browser rather than search engines.
YARA rules are used to categorize and identify samples of malware using textual or binary patterns to provide descriptions of malware families.
Advanced Persistent Threats
Business Email Compromise
Big Game Hunting
Computer Network Operators
Cyber Threat Intelligence
Common Vulnerabilities and Exploits
Common Weaknesses Enumeration
Fear, Uncertainty, Doubt
Indicators of Attack
Indicator of Compromise
The Invisible Internet Project
Malware Information Sharing Platform
Personally Identifiable Information
Priority Intelligence Requirements
Request for Information
Social Media Intelligence
Standard Operating Procedure
Security Orchestration, Automation, and Response
Threat Intelligence Portal
Traffic Light Protocol
The Onion Router
Tactics, Techniques, and Procedures
It is a model for identification and prevention of cyber intrusions activity.
It is an approach to conducting intelligence on network intrusion events.
The framework reflects the many phases of an adversary's attack life cycle and platforms known to be targeted. Curated information base and model for cyber adversaries conduct.
It is a model that expresses what good threat hunting is all about.