With the emergence of the internet, it became possible to retrieve information quickly with minimum human effort. As far as we know, it is the only medium that can advertise business in a very short time across the globe. The exponential growth of the internet also affected the global economy positively as it has faced a significant rise in web-related activities in the last three decades. The growth in the usage of the internet and networking has empowered individuals and posed new challenges to governments and cyberspace administration as well. Cyber security is now being considered a major concern across the world as it is being threatened by criminals, hackers, and terrorists to succeed in identity theft and financial fraud. Terrorists are using the internet as a weapon to carry out their activities and stealing information from different countries. The emergence of mobile phones also added more complexities to the cyber world. Moreover, complicated and malicious software damage more often computer systems and block the network as well. All these established cybersecurity as a global issue for the development of the economy and national security.
Let us now look at some of the important keywords that every budding cyber security professional used be aware of.
Antivirus: Antivirus software refers to any computer program used to prevent, detect, and remove malware.
Backdoor: A backdoor is a typically covert method of bypassing normal authentication or encryption in a computer, product, embedded device, or its embodiment. Backdoors are most often used for securing remote access to a computer or obtaining access to plaintext in cryptographic systems.
Catfishing: A Social Engineering attack occurs when a person uses a social network to create an account with a fake identity to deceive a target.
Clickjacking: It is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.
Credential Harvesting: Credential Harvesting (or Account Harvesting) is the use of MITM attacks, DNS poisoning, phishing, and other vectors to amass large numbers of credentials (username/password combinations) for reuse.
Cryptojacking: Cryptojacking malware is malware that infects computers to use them to mine cryptocurrencies usually without users' knowledge. It can lead to slowdowns and crashes due to straining of computational resources.
Cyber Espionage: This is the act of stealing secrets from one company or individual via the Internet with the intent of using them for personal, or more often, political or military, gain.
Deepfakes: Deepfakes are synthetic media in which a person in an existing image or video is replaced with someone else's likeness.
Data Loss Prevention (DLP): Data loss prevention software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting, and blocking sensitive data while in use, in motion, and at rest. The terms "data loss" and "data leak" are related and are often used interchangeably.
DevSecOps: DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle.
Hacktivism: Attackers who hack for a cause or belief rather than some form of personal gain. Hacktivism is often viewed by attackers as a form of protest or fighting for their perceived "right" or "justice." However, it is still an illegal activity in most cases when the victim's technology or data is abused, harmed, or destroyed.
Honeypot: A decoy computer security mechanism or network that serves to attract potential attackers.
Keylogger/Keystroke logging: Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program.
Password Sniffing: Password Sniffing is a hacking technique that uses a special software application that allows a hacker to steal usernames and passwords simply by observing and passively recording network traffic. This often happens on public WiFi networks where it is relatively easy to spy on weak or unencrypted traffic.
Phishing: Phishing is a type of social engineering where an attacker sends a fraudulent message designed to trick a human victim into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware.
RansomCloud: Since organizations run on email, archives, spreadsheets, and introductions, losing access to them would be devastating to your primary concern. Lamentably, the most recent advancement of ransomware takes steps to do only that. RansomCloud is a variation of ransomware.
Shadow IT: In big organizations, shadow IT refers to information technology systems deployed by departments other than the central IT department, to work around the shortcomings of the central information systems.
Social Engineering: In the context of information security, Social Engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information.
Whitelisting: A whitelist is a mechanism that explicitly allows some identified entities to access a particular privilege, service, mobility, or recognition i.e. it is a list of things allowed when everything is denied by default.
Zombie: A term related to the malicious concept of a botnet. The term zombie can be used to refer to the system that is host to the malware agent of the botnet or to the malware agent itself.
Hope this was helpful.