The Glossary contains several hundred definitions of terms that you might come across in our articles and blogs, or on other information security sites. Unlike the in-depth articles in the Knowledge Base, every definition in the Glossary is succinct, while remaining highly informative.
(This section is currently under construction)
In the Knowledge Base, you will find various articles about common threats, a general classification of malware and unwanted messages, and a brief historical overview of the evolution of these and many other threats.
The Knowledge Base now has three main sections:
– The Detectable Objects section gives detailed information about malicious and potentially dangerous programs that we protect users against every single day all around the world, as well as advice on what to do in case of infection.
– In the Spam and Phishing section, you will learn about phishing and spam mailings, how their creators earn money from them, and how this type of threat has evolved since the 1990s to the present day.
– The articles in the Vulnerabilities and Hackers section is devoted to the topic of software vulnerabilities and how cybercriminals exploit them, as well as legislation and hackers in the broad sense of the word.
A cache is used to store data temporarily, typically recently accessed files (cache memory, disk cache or web browser cache, for example). Since accessing the cache is quicker than accessing regular Random Access Memory (RAM) or disk, files stored in… Read Full Article
A data transfer protocol used to network heterogeneous devices and ensure reliable communication between them. Most often it takes the form of a bus that supports the transfer of data packets able to be received by all connected nodes. CAN… Read Full Article
A computer test to distinguish human from machine input. There are various methods, such as a distorted image that a computer cannot recognize, analysis of user behavior, logical questions, etc. CAPTCHAs are used by websites as an anti-spam and automatic… Read Full Article
Unlawful transactions performed without a bank card. CNP transactions include online purchases and phone orders — that is, transactions in which the seller cannot verify whether the buyer has a card and must rely on the information they provide. Payment… Read Full Article
A fraudulent transaction using bank card details carried out without the owner’s knowledge. Attackers use card details stolen from the servers of payment systems, credit institutions, and retail stores. One way to get hold of card details is to create… Read Full Article
An organization that guarantees the authenticity of an SSL certificate (a public encryption key issued to a client). The reputation of CAs is generally considered to be beyond doubt, and data verified by them is taken as genuine. CAs came… Read Full Article
A verification method for checking a computer system’s components to ensure its security and integrity. The chain of trust works on the principle that if element A considers elements B and C to be reliable, the latter likewise consider each… Read Full Article
A value that is the result of applying cryptographic hash function to a piece of data, usually a single file. Comparing the generated checksum with the one provided by the source of the file, helps ensure that a copy of… Read Full Article
An algorithm that describes rules for converting the source text of a message into a set of symbols incomprehensible to an outside observer. It prescribes a series of clearly defined actions that must be performed to encrypt/decrypt a message. The… Read Full Article
The inflation of clicks on advertising links for the purpose of draining the advertiser’s budget. Click fraud can be perpetrated either by an advertising agency to demonstrate the effectiveness of a posted ad, or by the owner of the website… Read Full Article
A method for tricking website users by placing a transparent layer with active elements over the main content of a page. Thinking they are clicking a button or link on a legitimate site, the user can inadvertently run a malicious… Read Full Article
Closed-source software (proprietary software) is software whose author owns all rights to use, modify, and copy it. Software products that do not meet the requirements for open-source software are generally categorized as closed-source software. Restrictions of closed-source software Creators of… Read Full Article
Cloud computing is a network-based computing that provides shared processing resources and data to computers and other devices on demand. It is a model for enabling on-demand access to a shared pool of configurable computing resources (e.g., networks, servers, storage,… Read Full Article
Code injection refers to the activity of manipulating a vulnerable program in order to execute arbitrary code – the malicious code is injected into the running process of the vulnerable program. This is possible when a program allows unsafe user-supplied… Read Full Article
An executable file in DOS and Windows operating systems. COM-type objects have a simple structure and store data, stack contents, and code in one segment. COM files have largely given way to the improved EXE format.
A text interface for issuing commands to a computer or other device. Unlike graphical user interfaces, a command line implies a set of keyboard-driven operators and their arguments. In most modern operating systems, the command line is accessed via a… Read Full Article
A utility for converting the source code of a program into commands for execution by the processor. Compilers create an executable file from an algorithm described by means of a programming language. Compiled programs cannot be changed; only the source… Read Full Article
A network of servers providing high availability and quick delivery of web page content to users. Every <abbr title="Content Delivery Network“>CDN network node stores and regularly updates a copy of the source site. When accessing a resource, users receive data… Read Full Article
Content Security Policy (CSP) is a security standard that allows web developers to define acceptable sources of content for a website to protect it against malicious code injection. Read Full Article
A cookie is a small piece of data that’s temporarily placed in the browser as an ‘aide memoir’, allowing a web site to remember, as the visitor navigates from page to page, what they have done. This might include their… Read Full Article
A malicious program designed to hack into a software security system. A crack can modify executable files and an application’s libraries or settings, generate and substitute license keys, or perform other actions to bypass the key verification algorithm and enable… Read Full Article
A standalone program that “bypasses” Internet resources to update a search engine database. Search robots (or “spiders”) index information about websites. They follow links, reaching out to more and more new pages. Spiders can be limited to search, so as… Read Full Article
A type of brute-force dictionary attack used to hack computer systems and online services. In credential stuffing, instead of common username/password combinations, cybercriminals use real credentials stolen from a third-party resource. The cybercriminals count on the fact that many people… Read Full Article
A type of attack when cybercriminals use limitations of the HTTP protocol. As a user opens the page, the malicious code is activated and makes the victim’s browser send a certain request to the forgers’ web-service (i.e. under the guise… Read Full Article
A type of attack when cybercriminals inject a malicious code into a webpage. As a user opens the page, the code starts running on their computer and connects to the web-server of the fraudster who gains control over the system… Read Full Article
Type of ransomware that encrypts user’s files, and demands ransom. Sophisticated crypto-ransomware uses advanced encryption methods so files could not be decrypted without unique key. Read Full Article
Digital currency based on public key encryption. Monetary units of cryptocurrency are intangible and take the form of a chain of data blocks (blockchain) linked together. Blockchain integrity is ensured by including in each block encrypted information about the previous… Read Full Article
An online platform that provides storage services for a digital blockchain currency. Such services are used for buying and selling cryptocurrency, swap transactions, and payment for goods and services. Cryptocurrency wallets can be supported by issuers of digital money or… Read Full Article
A set of rules that is used for encoding some information in such a way that only authorized parties can read it. They allow to generate a ciphertext that can only be read if decrypted.
The practice and study of techniques for secure communication in the presence of third parties. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects in information security… Read Full Article
Using a compromised device to generate cryptocurrency without the owner’s knowledge. Mining can be performed either by installing a malicious program on the target computer or by means of fileless malware. Sometimes attackers take over part of the computer’s processing… Read Full Article
A cryptor is a tool designed to obfuscate the code in a malware sample so that it cannot easily be detected using a signature-based scanner. Also sometimes, this term is used as a synonym to Cryptomalware. Related products Kaspersky Premium… Read Full Article
A set of technical methods and organizational measures for identifying the perpetrators of a cyber attack or malicious campaign. Attribution usually entails expert analysis of cybercrime traces, as well as investigative actions by police on the basis of the analysts’… Read Full Article
This term is borrowed from physical squatting, where someone occupies a property without the consent of the owner. Cyber-squatters reserve domain names that they think others may want, often related to existing trademarks. Scammers sometimes buy domain names that resemble… Read Full Article