Hacker's Mind Glossary

Advanced Persistent Threat (APTs)

Cybercrimes directed at business and political targets over an extended period of time and typically reaching beyond immediate financial gain.


Black Hat Hacker

A hacker who breaks into a computer system or network with malicious intent.


Cybercriminal

Someone who commits a crime that involves a computer and a network usually for financial gain.


The act or practice of obtaining secrets without the permission of the holder of the information (personal, sensitive, proprietary or of classified nature), from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using methods on the Internet, networks or individual computers through the use of cracking techniques and malicious software including Trojan horses and spyware.

Cyber Espionage


Denial-of-Service (DoS) Attack

AKA Distributed denial-of-service (DDos) attack. An attempt to make a machine or network resource unavailable to its intended users. One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable.


Collecting sensitive information from the trash that was not appropriately destroyed.

Dumpster Diving


Using publicly available information to help design a social engineering attack, crack a password login, or create a targeted phishing email.

Exploiting Public Info


An individual who gains unauthorized access to a computer system and carries out various disruptive actions as a means of achieving political or social goals.

Hacktivist


Installing Rogue Devices

Malicious wireless routers or USB thumb drives installed on premise to allow a hacker access to a secure network.


A software program or hardware device that records all keystrokes on a computer keyboard, used either overtly as a surveillance tool or covertly as spyware.

Keylogger


Short for malicious software. Software intended to damage a computer, mobile device, computer system, or computer network, or to take partial control over its operation.

Malware


To gain administrative or complete control over someone else's computer.

Owned (0wned)


Phishing

An Internet fraud scam that attempts to obtain financial or other confidential information from Internet users, typically by sending an email that appears to be from a legitimate organization, such as a financial institution, but contains a link to a fake Website that replicates the real one.


In the context of security, is understood to mean the art of manipulating people into performing actions or divulging confidential information.

Social Engineering


A well-research and targeted phishing attack that targets a specific organization or individual usually appearing to come from a trusted source.

Spearphishing


A faked or modified website or email presented to user as if it were legitimate.

Spoofing


A method of gaining unauthorized entry into a secured area. Typically, an intruder simply follows behind a legitimate badge holder as they pass through to the secured area or somehow convince that individual to hold the door open for them and knowingly give them access.

Tailgating


A hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it.

Zero Day Vulnerability