N
network
Two or more computers linked in order to share resources.
P
patching
– Applying updates to firmware or software to improve security and/or enhance functionality.
pentest
– Short for penetration test. An authorised test of a computer network or system designed to look for security weaknesses so that they can be fixed.
pharming
– An attack on network infrastructure that results in a user being redirected to an illegitimate website despite the user having entered the correct address.
phishing
– Untargeted, mass emails sent to many people asking for sensitive information (such as bank details) or encouraging them to visit a fake website.
platform
– The basic hardware (device) and software (operating system) on which applications can be run.
R
ransomware
– Malicious software that makes data or systems unusable until the victim makes a payment.
router
– A network device which sends data packets from one network to another based on the destination address. May also be called a gateway.
S
software as a service (SaaS)
– Describes a business model where consumers access centrally-hosted software applications over the Internet.
sanitisation
– Using electronic or physical destruction methods to securely erase or remove data from memory.
smishing
– Phishing via SMS: mass text messages sent to users asking for sensitive information (eg bank details) or encouraging them to visit a fake website.
social engineering
– Manipulating people into carrying out specific actions, or divulging information, that’s of use to an attacker.
spear-phishing
– A more targeted form of phishing, where the email is designed to look like it’s from a person the recipient knows and/or trusts.
T
trojan
– A type of malware or virus disguised as legitimate software, that is used to hack into the victim’s computer.
two-factor authentication (2FA)
– The use of two different components to verify a user’s claimed identity. Also known as multi-factor authentication.
V
virus
– Programs which can self-replicate and are designed to infect legitimate software programs or systems. A form of malware.
Virtual Private Network (VPN)
– An encrypted network often created to allow secure connections for remote users, for example in an organisation with offices in multiple locations.
vulnerability
– A weakness, or flaw, in software, a system or process. An attacker may seek to exploit a vulnerability to gain unauthorised access to a system.
W
water-holing (watering hole attack)
– Setting up a fake website (or compromising a real one) in order to exploit visiting users.
whaling
– Highly targeted phishing attacks (masquerading as a legitimate emails) that are aimed at senior executives.
whitelisting
– Authorising approved applications for use within organisations in order to protect systems from potentially harmful applications.
Z
– zero-day
Source: National Cyber Security Centre (a part of GCHQ)