This glossary of terms provided below can assist you when talking about "technology". This can be also very useful if you need to contact your IT department, helpdesk,or any type of technical support. TurnerTimesm wants to simplify technology so that every user is comfortable understanding explanations and asking questions about the tools you use ever day. Please feel free to contact us with any other definitions you would like to see in this glossary. Click here to visit our "Contact Us" page and click on the "Contact Support via e-mail" link to send us your suggestions. Answers to your technology/time management questions are ALWAYS COMPLIMENTARY, so please contact us, whether you are a customer or not.
Windows users: Use CTRL + F on your keyboard to search for specific terms.
Mac users: Use CMD + F on your keyboard to search for specific terms.
| Term: | Definition/Description: | Examples: | ||
| Computer Related Terms: | ||||
| Application | A program or group of programs designed for the end-user (Word, Excel, etc.) for your computer. A program is an organized list of instructions that cause the computer to behave in a certain manner. Without programs computers are useless. Remember "Program" and "Application" are often interchangeable. | Microsoft Word or Excel, Skype, Lotus Notes, etc. | ||
|
Browser (Internet Browser) |
A program designed to access the internet. | Internet Explorer, Mozilla Firefox (Firefox), Safari, etc. | ||
| Command | An instruction to the computer/program to perform a certain task. | Inside a program you may use the command "Bold", "Underline", etc. | ||
| Desktop | The main screen on your computer. The screen you see before opening your e-mail or any other program. What is displayed when no programs/applications are open. | |||
| Document | A type of file created by a program/application. | Word document, spreadsheet, picture. | ||
| File | An individual document, spreadsheet, picture, mp3, etc. that is saved on your computer is stored as a "File". | "taxes.xls" is an example of a file created by Excel. | ||
| Folder | A space that can contain multiple documents or files. Just like a folder would contain several pieces of paper in a file cabinet. | "Clients" is a folder I use to hold files relating to my clients. | ||
| Icon | A small picture that represents a program, application, folder, file, etc. These are the mini pictures on your desktop that you would click on to open a program/application such as Skype. | |||
| Internet Explorer | An internet browser created by Microsoft that allows you find information on the internet or “surf the web”. | |||
| Microsoft Office | A suite of programs that usually contains Word, Excel, PowerPoint, Outlook and other Microsoft programs. | |||
|
Microsoft XP (Windows XP) |
One type of Microsoft Operating System. | |||
| Operating System | The specific program that runs in the background to operate your computer. | Microsoft XP, Windows 7, Mac OX (Tiger, Leopard, Snow Leopard) | ||
| Program | An organized list of instructions that cause the computer to behave in a certain manner. Without programs computers are useless. Remember "Program" and "Application" are often interchangeable. | Microsoft Word or Excel, Skype, Lotus Notes, etc. | ||
| Ribbon | A type of menu that sits across the top of most Microsoft Office 2007 and 2010 programs. Contains commands used to create/edit documents. | You would refer to the Ribbon to find commands such as font type, font size, bold, italics, etc. | ||
| Quick Access Toolbar | A customizable toolbar new to Office 2007 programs. This allows you to put the commands YOU use most at your fingertips. | |||
| Vista (Windows Vista) | One type of Microsoft Operating System. | |||
| Windows 7 | One type of Microsoft Operating System. | |||
| Windows 98 | One type of Microsoft Operating System. This is one of the older versions of an operating system. | |||
| e-mail Terms: | ||||
| IMAP |
Internet Message Access Protocol. The advantage of using an IMAP mail server is that users can check their mail from multiple computers and always see the same messages. This is because the messages stay on the server until the user chooses to download them to his or her local drive. |
|||
| MAPI |
Messaging Application Program Interface. A Microsoft Windows program interface that provides you with full functionality of all the services Exchange has to offer using Outlook. |
|||
| POP (POP3) |
Post Office Protocol. A client/server protocol in which e-mail is received and held for you by your Internet server. Periodically, you (or your client e-mail receiver) check your mail-box on the server and download any mail, probably using POP3. |
|||
| Computer Storage Terms: | ||||
| bit | Short for binary digit, the smallest unit of information on a machine. More meaningful information is obtained by combining consecutive bits into larger units. | |||
| byte | Abbreviation for binary term, a unit of storage capable of holding a single character. On almost all modern computers, a byte is equal to 8 bits. | Holds one character. | ||
| kilobyte (kB) | In decimal systems, kilo stands for 1,000, but in binary systems, a kilo is 1,024 (2 to the 10th power). Technically, therefore, a kilobyte is 1,024 bytes, but it is often used loosely as a synonym for 1,000 bytes. | 1,000 bytes | ||
| megabyte (MB) | A megabyte is 2 to the 20th power (approximately 1 million). | 1,000,000 bytes, 1,000K | ||
| gigabyte (GB or GIG) | A gigabyte is 2 to the 30th power (approximately 1 billion). | 1,000,000K, 1,000 MB | ||
| terabyte (TB) | A terabyte is 2 to the 40th power (approximately 1 trillion). | 1,000,000 MB, 1,000 GB | ||
| petabyte (PB) | A petabyte is 2 to the 50th power (approximately 1 quadrillion). | 1,000,000 GB, 1,000 TB | ||
| exabyte (EB) | An exabyte is 2 to the 60th power (approximately 1 quintillion) | 1 Billion GB, 1,000 PB | ||
| zettabyte (ZB) | A zettabyte is 2 to the 70th power | 1,000 EB | ||
| yottabyte (YB) | A yottabyte is 2 to the 80th power | 1,000 ZB | ||
| Mobile (Cell Phones/Smart Phones) Terms: | ||||
| CDMA | Code Division Multiple Access is a major mobile network standard that is used mainly by US carriers. | Verizon, Sprint, Telstra | ||
| EDGE | Enhanced Data GSM Environment is an extension to GSM and GPRS for faster data speeds. The principle is the same as GPRS, except data speeds are faster. Speeds are typically in excess of 100 kilobits per second, and sometimes in excess of 250 kilobits per seconds under excellent conditions. | T-Mobile, Cingular, TIM, Telus | ||
| EV-DO | Evolution-Data Optimized is a wireless radio broadband data standard adopted by many CDMA mobile phone service providers. | Telus, Bell | ||
| GPRS | General Packet Radio Services is a standard for wireless communications which runs at speeds up to 115 kilobits per second, compared with current GSM systems' 9.6 kilobits. GPRS, which supports a wide range of bandwidths, is an efficient use of limited bandwidth and is particularly suited for sending and receiving small bursts of data, such as e-mail and Web browsing. | Orange, Vodafone, T-Mobile, Cingular, Roger | ||
| GSM | Global System for Mobile communication is a digital mobile phone standard that transmits voice digitally between phones and cellular antenna towers. Standard in Europe, GSM has the largest global footprint at the moment. | Cingular, T-Mobile, Vodafone, Cingular, TIM, Telstra, Airtel, Telus, Rogers | ||
| iDEN | Integrated Dispatch Enhanced Network is a newer network. iDEN phones are not interchangeable with GSM and CDMA phones. | Nextel | ||
| BPS |
Bits Per Second What is it? A standard measure of data transmission speeds for computer modem and transmission carriers. GBps, short for Gigabits per second, is also used to refer to larger transmissions (a gigabit equals 1,000,000,000 bits). |
|||
| ETP |
Email Transfer Protocol, What is it? A RIM proprietary email-based communication protocol. This protocol is what enables the Desktop Redirector feature of the BlackBerry Enterprise Server to redirect messages from the user’s environment to the BlackBerry infrastructure. |
Blackberry | ||
| IMEI code |
International Mobile Equipment Identity What is it? IMEI is a unique 15-digit code used to identify individual GSM mobile phones. The code is usually printed on your phone under the battery. |
|||
| MMS |
Multi-Media Messaging What is it? The ability to send and receive messages including photos, text, sounds, and images from media messaging capable mobile phones and the Internet to other media messaging capable mobile phones and e-mail accounts. |
|||
| SMS |
Short Message Service What is it? A short message, 160 characters of plain text ONLY. |
|||
| Internet Search Marketing Terms: | ||||
| Advertising Network | A service where ads are bought centrally through one company, and displayed on multiple websites that contract with that company for a share of revenue generated by ads served on their site. | |||
| Algorithm | The technology that a search engine uses to deliver results to a query. Search engines utilize several algorithms in tandem to deliver a page of search results or keyword-targeted search ads. | |||
| Anchor Text | The clickable text part of a hyperlink. The text usually gives visitors or search engines important information on what the page being linked to is about. | |||
| Click Through Rate (CTR) | The rate (expressed in a percentage) at which users click on an ad. This is calculated by dividing the number of ad impressions. CTR is an important metric for Internet marketers to measure the performance of an ad campaign. | |||
| Content Network | A group of websites that agree to show ads on their site, served by an ad network, in exchange for a share of the revenue generated by those ads. | Google AdSense, Yahoo Publisher Network | ||
| Contextual Advertising | Advertising that is targeted to a web page based on the page's content, keywords, or category. Ads in most content networks are targeted contextually. | |||
| Cost per Action (CPA) | A form of advertising where payment is dependent upon an action that a user performs as a result of the ad. The action could be making a purchase, signing up for a newsletter, or asking for a follow-up call. An advertiser pays a set fee to the publisher based on the number of visitors who take action. Many affiliate programs use the CPA model. | |||
| Cost per Click (CPC) | Also called pay-per-click (PPC). A performance-based advertising model where the advertiser pays a set fee for every click on an ad. The majority of text ads sold by search engines are billed under the CPC model. | |||
| Cost per Thousand (CPM) | An ad model that charges advertisers every time an ad is displayed to a user, whether the user clicks on the ad or not. The fee is based on every 1,000 ad impressions (M is the Roman numeral for 1,000). Most display ads, such as banner ads, are sold by CPM. | |||
| Geo-targeting |
Delivery of ads specific to the geographic location of the searcher. Geo-targeting allows the advertiser to specify where ads will or won't be shown based on the searcher's location, enabling more localized and personalized results. |
|||
| Googlebot | Google uses several user-agents to crawl and index content in the Google.com search engine. Googlebot describes all Google spiders. All Google bots begin with "Googlebot"; | Googlebot-Mobile: crawls pages for Google's mobile index; Googlebot-Image: crawls pages for Google's image index. | ||
| Inbound Link | A hyperlink to a particular web page from an outside site, bringing traffic to that web page. Inbound links are an important element that most search engine algorithms use to measure the popularity of a web page. | |||
| Invisible Web | A term that refers to the vast amount of information on the web that isn't indexed by search engines. Coined in 1994 by Dr. Jill Ellsworth. | |||
| Keyword | A word or phrase entered into a search engine to return matching and relevant results. Many websites offer advertising targeted by keywords, so an ad will only show when a specific keyword is entered. | |||
| Link Bait | Editorial content, often sensational in nature, posted on a web page and submitted to social media sites in hopes of building inbound links from other sites. Or, as Matt Cutts of Google says, "something interesting enough to catch people's attention". | |||
| Link Building | The process of getting quality websites to link to your websites, in order to improve search engine rankings. Link building techniques can include buying links, reciprocal linking, or entering barter arrangements. | |||
| Meta Tags | Information placed in the HTML header of a web page, providing information that is not visible to browsers, but can be used in varying degrees by search engines to index a page. | Title, Description, Keyword Tags | ||
| Pay Per Click (PPC) | See "Cost per click (CPC). | |||
| Quality Score | A score assigned by search engines that is calculated by measuring and ad's click-through rate, analyzing the relevance of the landing page, and considering other factors used to determine the quality of a site and reward those of higher quality with top placement and lower bid requirements. Some factors that make up a quality score are historical keyword performance, the quality of an ad's landing page, and other undisclosed attributes. All of the major search engines now use some form of quality score in their search ad algorithm. | |||
| Return on Investment (ROI) | The amount of money and advertiser earns from their ads compared to the amount of money the advertiser spends on their ads. | |||
| Search Advertising | Also called paid search. An advertiser bids for the chance to have their ad display when a user searches for a given keyword. These are usually text ads, which are displayed above or to the right of the algorithmic (organic) search results. Most search ads are sold by the PPC model, where the advertiser pays only when the user clicks on the ad or text link. | |||
| Search Engine Marketing | The process of building and marketing a site with the goal of improving its position in search engine results. SEM includes both search engine optimization (SEO) and search advertising, or paid search. | |||
| Search Engine Optimization (SEO) | The process of making a site and its content highly relevant for both search engines and searchers. SEO includes technical tasks to make it easier for search engines to find and index a site for appropriate keywords, as well as marketing-focused tasks to make a site more appealing to users. Successful search marketing helps a site gain top positioning for relevant words and phrases. | |||
| Search Engine Results Pages (SERPs) | The page searchers see after they've entered their query into the search box. This page lists several web pages related to the searcher's query, sorted by relevance. Increasingly, search engines are returning blended search results, which include images, videos, and results from specialty databases on their SERPs. | |||
| Social Media | A category of sites based on user participation and user-generated content. | LinkedIn, Facebook, Del, icio.us, Digg, Reddit | ||
| Spider | A search engine spider is a program that crawls the web, visiting web pages to collect information to add to or update a search engine's index. The major search engines on the web all have such a program. Which is also known as a "crawler" or a "bot". | |||
| Title Tag | An HTML meta tag with text describing a specific web page. The title tag should contain strategic keywords for the page, since many search engines pay special attention to the title text when indexing pages. The title tag should also make sense to humans, since it is usually the text link to the page displayed in search engine results. | |||
| Universal Search | Also known as blended, or federated search results, universal search pulls data from multiple databases to display on the same page. Results can include images, videos, and results from specialty databases like maps and local information, product information, or news stories. | |||
| Web 2.0 | A term that refers to a supposed second generation of Internet-based services. These usually include tools that let people collaborate and share information online, such as social networking sites, wikis, communication tools, and folsksonomies. | |||
| Malware and Computer Protection Terms (from Microsoft.com) | ||||
| Active X Control | ActiveX control is a control using Microsoft ActiveX technologies. An ActiveX control can be automatically downloaded and executed by a Web browser. ActiveX is not a programming language, but rather a set of rules for how applications should share information. | |||
| Adware | A program that displays advertisements. Some can be beneficial and others can display content without consent. | |||
| Alert Level | An alert level is assigned to malware based on calculations that take into account the potential for damage and the ability of the threat to spread. | |||
| Alias | An alternative name for a specific malware. An alias may be used to avoid detection by anti malware programs. | |||
| ASPI | Application Program Interface. A set of routines used to allow access to low level programming functions. | |||
| Authenticated User | Refers to someone logged in correctly with the appropriate creditentials (login and password). | |||
| Authentication bypass | A vunerability which allows malicious people to bypass authenification protocols without the proper credentials. | |||
| Backdoor Trojan | A type of trojan that allows attackers who have remote access to have unauthorized access to infected computers. | Bots and Botnets | ||
| Behavior | A type of signature often associated with malicious behaviors. | |||
| Bot | Short for robot, a computer program that runs automatically. | |||
| Botnet | A botnet refers to a type of bot running on an IRC network that has been created with a trojan. When an infected computer is on the Internet the bot can then start up an IRC client and connect to an IRC server. They can launch huge numbers of Denial of Service attacks against the IRC servers causing them to go down. | |||
| Browser Help Object | A "Browser Helper Object" is a DLL that allows developers to customize and control Internet Explorer. When Internet Explorer starts it reads the registry to locate any installed BHOs and then creates them. Created BHO's have access to all the events and properties of that browsing session. Every time a new browser window is opened, it creates a copy of the BHO and when that window is closed, it destroys its copy of the BHO. | |||
| Browser Modifier | A program that changes browser settings, such as the home page, without adequate consent. Also includes browser hijackers. | |||
| Brute Force | A type of attack in which the attacker attempts to gain access to a system by guessing a correct set of credentials; this is usually done in an automated fashion using an application or an algorithm. | |||
| Buffer overflow | An error in an application in which the data written into a buffer exceeds the current capacity of that buffer, thus overwriting adjacent memory. Because memory is overwritten, this may result in unreliable program behavior, and in certain cases, allow arbitrary code to run. | |||
| CAPTCHA | Stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". A CAPTCHA is a challenge meant to be easily solvable by humans, while remaining too hard to be economically solved by computers. An example of CAPTCHA seen widely on websites is a distorted image of letters and numbers. The user is required to interpret the image and type the response. | |||
| Cavity Infection | A cavity-infecting virus is a virus that infects files by inserting its code into space that does not appear to be used within the targeted host file. In this way, it is able to infect files without increasing the affected file's size, thus is less likely to be noticed by an affected user. By looking for space that appears to be unused within the targeted host file, and inserting its own code in to this space, the cavity infection (in comparison to other parasitic infections) minimizes modification to a host file structure (mainly the file's size), and thus may avoid suspicion. This method of file infection, as with parasitic infections in general, is less common in the wild today than it was the past. By inadvertently overwriting spaces which are in use, cavity infecting viruses, as with other parasitic file infectors, may irretrievably corrupt files when attempting to infect them. | |||
| Clean | To remove malware or potentially unwanted software from an infected computer. A single cleaning can involve multiple disinfections. | |||
| Clean File | A file that has been determined to be neither malicious, nor potentially unwanted. | |||
| Cookie | An attack technique wherein an attacker inserts malicious HTML and JavaScript into a vulnerable webpage, often in an effort to distribute malware or to steal sensitive information from the website or its visitors. Despite the name, cross-site scripting (XSS) does not necessarily involve multiple websites. Persistent cross-site scripting involves inserting malicious code into a database used by a web application, potentially causing the code to be displayed for large numbers of visitors. | |||
|
Cross-site Request Forgery (CSRF or XSRF) |
An attack technique wherein an attacker inserts malicious HTML and JavaScript into a vulnerable webpage, often in an effort to distribute malware or to steal sensitive information from the website or its visitors. Despite the name, cross-site scripting (XSS) does not necessarily involve multiple websites. Persistent cross-site scripting involves inserting malicious code into a database used by a web application, potentially causing the code to be displayed for large numbers of visitors. | |||
| Cryptor | A tool that may be used, legitimately, or illegitimately, to protect an application from being reverse-engineered, or otherwise analyzed. These tools use encryption to obfuscate the content of an application, often for the purposes of avoiding detection and hindering analysis. | |||
| Cybersquatting | The act of registering, trafficking in, or using a domain name with bad-faith intent to profit from the goodwill of a trademark belonging to someone else. Also known as "typosquatting". | |||
| DDoS | Stands for Distributed Denial of Service – see Denial of Service. Considerable resources may be required to exhaust a target computer and cause it to fail to respond. Often multiple computers are used to perform these types of malicious attack and increase the attack's chances of success. This can occur, for example, when a number of compromised computers, such as those that comprise a botnet, are commandeered and ordered to access a target network or server over and over again within a small period of time. | |||
| Definition | A set of signatures that can be used to identify malware using antivirus or antispyware products. Other vendors may refer to definitions as DAT files, pattern files, identity files, or antivirus databases. | |||
|
Dialer |
A program that makes unauthorized telephone calls. These calls may be charged at a premium rate and attract an unexpectedly high cost to the user. | |||
| Disinfect | To remove malware or potentially unwanted software from a computer, or to restore functionality to an infected program. Compare to Clean. | |||
| Domain authentication | An action by which the user is checked and verified to be a member of a specific domain that he is trying to access. | |||
| DoS | tands for Denial of Service. A condition that occurs when the resources of a target computer are deliberately exhausted, effectively overwhelming the computer and causing it to fail to respond or function for its intended users. There are a number of different types of attack that may be used to result in a denial of service condition, utilizing different types of flood, or malformed network traffic. | |||
| Double-free Condition | Occurs when a program frees up memory twice on the same address before that memory has been reused. This can lead to modifying certain memory locations, and thus unpredictable program behavior and in some instances may allow an attacker to gain control of the program. | |||
| Downloader | A type of trojan that downloads other files, which are usually detected as other malware, onto the computer. The Downloader needs to connect to a remote host to download files, compared to a Dropper, which already contains the files in its malware package. See Trojan Downloader/Dropper. | |||
|
Drive-by Download |
Refers to the unintentional download of certain programs from the Internet. This may be because of a lack of user understanding (such as agreeing to EULAs without reading through them), or an automated download of certain programs in accordance with the program developer's design. In the wild, malware has been observed to exploit certain browser vulnerabilities to perform drive-by downloading of arbitrary files. | |||
|
Dropper |
A type of trojan that drops other files, which are usually detected as other malware, onto the computer. The file to be dropped is included as part of the dropper package, compared to a Downloader, which needs to connect to the Internet to download files. See Trojan Downloader/Dropper. | |||
|
EICAR |
Acronym for "European Institute for Computer Antivirus Research". EICAR.COM is a test file that is used to see if antivirus software is installed and functioning properly. For additional information about EICAR, please visit the EICAR website. | |||
| Encryption | Encryption is the method of transforming readable data into unreadable data for the purposes of secrecy. Once encrypted, such data cannot be interpreted (either by humans or machines) until it is decrypted. Encryption is performed using an encryption algorithm and a secret value called a 'key'. Encrypted data generally cannot be decrypted without knowledge of the secret 'key' or substantial resources. Malware may use encryption to obfuscate its code (make its code unreadable), thus hoping to hinder its detection and removal from the affected computer. A common and simple encryption technique used by malware is XORing, in which the Exclusive Or (XOR) computational operation is applied to each bit according to a given key. Malware may use cryptors to encrypt their code. | |||
|
Exploit |
Malicious code that attempts to exploit vulnerabilities in applications or operating systems. | |||
| Firewall | A program or device that monitors and regulates traffic between two points, such as a single computer and the network server, or one server to another. | |||
| Form grabbing | Form grabbing is the hooking of web browser APIs to intercept webform data, with the intent to steal authentication information or alter web content presented to the user. | |||
| Generic | A type of signature capable of detecting a large variety of malware samples from a specific family, or of a specific type. | |||
| Heap overflow | A type of buffer overflow in which the overflow occurs in the heap data area. Memory in the heap is dynamically allocated; therefore successfully causing a heap overflow may overwrite internal structures, such as pointers. | |||
| Heuristics | A tool or technique that enhances the ability to identify certain, and potentially common, code patterns. This is useful for making, for example, generic detections for a malware family. | |||
| Hoax | An email that warns users about imaginary malware (that is, that does not exist in reality). Hoaxes tend to follow a fairly standard pattern - they are generally written in highly technical and emotive language and often describe highly destructive, irreversible payloads (that may be physically impossible). Hoaxes also often appear to quote industry experts to claim legitimacy and they generally ask users to forward the message to as many people as possible. | |||
|
Hosts file |
A Hosts file is a file that maps host names to IP addresses. It is used by a computer to resolve what IP address to go to when a user attempts to go to a certain URL. While this action can be done for legitimate purposes, such as blocking non-authorized websites in a corporate environment, the Hosts file can also be edited for malicious purposes. Certain malware edit the Hosts file so that when a user attempts to access a certain legitimate website, the browser is instead redirected to a malware site. | |||
|
IFrames |
Short for inline frame, an iFrame is an HTML document that is embedded in another HTML document. Because the iFrame links to another webpage, it can be used by cybercriminals to place malicious HTML content into non-malicious HTML pages, for example in the form of a JavaScript advertisement, which downloads and installs spyware, that is placed in a trusted website. | |||
| Improper authentication | Occurs when an application does not sufficiently validate that a user is who he says he is. | |||
|
Improper authorization |
Occurs when an application does not sufficiently validate the privileges or permissions of a user when he attempts to access a resource or perform a certain action. |
|||
| Improper error handling | Occurs when an application does not properly handle errors encountered in execution; this includes returning to the application failing, the application performing an unexpected action, disclosing information because of the error, and so on. | |||
| Improper input validation | Occurs when an input to a form is not properly validated or sanitized, or is in a form that the application is not fit to handle correctly; this is a potential vulnerability if the improper validation allows unintentional actions to occur. | |||
|
In-the-wild |
Malware that is currently detected in active computers connected to the Internet, as compared to those confined to internal test networks, malware research laboratories, or malware sample lists. | |||
| Incorrect Detection | A type of detection in which a legitimate program may have been mistakenly classified as malware or spyware. If you would like to report an incorrect detection, you can use the Incorrect Detection Report Form or you can submit a sample - be sure to indicate that you believe the submission should not be detected as malware by using the checkbox and adding a note in the comment box. | |||
| Infection | The act by a virus of inserting or adding its code to a file, thus enabling the file to spread virus code. | |||
| Information disclosure | A vulnerability in which information is made available, often inadvertently, by an application, either to users to whom the information should not be made available, or in a situation in which the information is not relevant. | |||
| Insufficient bounds | A condition which may lead to a buffer overflow; this occurs when the boundaries for a container are too small for the data being written into it. | |||
| Insufficient validation | A condition in which the type of data written into a container is not checked properly, thus possibly causing errors in the program. | |||
|
Integer overflow |
Occurs when an integer value is incremented by an application until it becomes a value too large to fit in the current representation; this may be a problem when the integer value is used to determine the next step in the application, stores data, or is used to compute for a certain location in memory. | |||
|
Joke Program |
A program that pretends to do something malicious but actually does nothing harmful (for example, pretending to delete files or format disks). | |||
| Kill bit | A specific value for the Compatibility Flags DWORD value for the ActiveX control in the registry that, when set, means that the control is no longer called by Internet Explorer at all unless the "Initialize and script ActiveX controls not marked as safe" option is enabled in Internet Explorer. | |||
| Least-privilege User Account (LUA) | A user account that normally runs with minimal privileges. See also: User Account Control. | |||
| Macro Virus | A type of virus written as a macro for an application (such as Microsoft Word or Excel). A macro virus infects a file by replicating itself as a macro for that file, ensuring that when the file is opened, the virus is run. | |||
| Malformed input | A type of input that is not well-formed; that is, it is not of the expected format or contains invalid data. | |||
| Malware | Malicious software or potentially unwanted software installed without adequate user consent. | |||
| Malware Creation Tool | A malware creation tool is a program that is used by attackers to generate malware. Such programs may be able to automatically produce malware files according to specifications provided by the attacker. | |||
| Man-in-the-middle (MITM) attack | A form of eavesdropping in which the attacker positions herself figuratively in the middle of two parties. These parties are under the assumption that they are communicating with each other when in fact the attacker is relaying messages from one party to another without their knowledge. This gives the attacker an opportunity to manipulate or gather the messages as she sees fit. | |||
| Memory Reallocation | A condition in which memory is reused and overwritten before the previous data written into it was used; if the new data is unexpected, this may cause errors in the program. | |||
| Memory Resident | A threat is termed as "memory resident" if it continues to run and the space it occupies in memory is not freed for use by another program. A memory-resident threat persists in memory and usually cannot be terminated unless the computer is restarted. | |||
| Monitoring Software | Commercially available software that monitors activity, usually by capturing keystrokes or screen images. It may also include network-sniffing software. | |||
| Mutex | Stands for Mutual Exclusion Object, a programming object that may be created by malware to signify that it is currently running in the computer. This can be used as an infection 'marker' in order to prevent multiple instances of the malware from running in the infected computer, thus possibly arousing suspicion. | |||
| Network Packet | A unit of data carried over a network; it typically has two parts – control and payload – the former which serves to identify the manner in which the latter is delivered. | |||
| Non-persistent XSS | A type of cross-site scripting in which the server does not properly sanitize the browser's rendering of certain characters based on a client's input, and renders it back in the HTTP response. | |||
| Packer | A program that allows a user to package or bundle a file. This may be used by malware authors to obfuscate the structure of a malware file and thus avoid detection, as packing a single file using different packers results in different packages. | |||
| Password Stealer | A password stealer (PWS) is malware that is specifically used to transmit personal information, such as user names and passwords. A PWS often works in conjunction with a keylogger, which sends key strokes and/or screenshots to an attacker. | |||
| Payload | The malware's purpose other than propagation (in the case of viruses and worms). The actions conducted by a piece of malware for which it was created. This can include, but is not limited to, downloading files, changing computer settings, displaying messages, logging keystrokes, and so on. | |||
| Persistent XSS | A type of cross-site scripting in which the malicious script is stored in a server and is rendered when the application is called or the webpage in which it is hosted is browsed to. | |||
| Phishing | A method of identity theft that tricks Internet users into revealing personal or financial information online. Phishers use phony websites or deceptive email messages that mimic trusted businesses and brands to steal personally identifiable information (PII), such as user names, passwords, credit card numbers, and identification numbers. | |||
| Pipe | A conceptual channel that facilitates the feeding of the input from one process into another. | |||
| Polymorphic | A polymorphic virus is a virus that can mutate its structure to avoid detection by antivirus programs. It can mutate usually by changing a variable or variables in its code without changing its overall algorithm. | |||
| Potentially Unwanted Software | A program with potentially unwanted behavior that is brought to the user's attention for review. This behavior may impact the user's privacy, security, or computing experience. | |||
| Privilege Elevation | A vulnerability in which a user is able to perform tasks beyond the scope of the credentials with which he is logged in with. | |||
| Proof-of-Concept Code | Proof-of-Code (PoC) is code that is developed to demonstrate the viability of a particular method of attack. This can include code that is created to illustrate how a particular software vulnerability can be exploited, or even malware created to illustrate how a particular platform can be utilized, or file format infected. | |||
| Proxy Server | A proxy server is a type of server that facilitates requests to other servers on behalf of the client. A proxy server can be configured to alter the client's request, or the server's response. Proxy servers can be used to filter content, store content in a cache for frequent requests, anonymize the client from which the request is coming from, and so on. | |||
| Reinfection | When a computer becomes infected after having previously been cleaned or disinfected. Reinfection typically occurs when a user repeats usage patterns without completely updating the computer's antimalware protection during the disinfection process. | |||
| Remote Code Execution (RCE) | A situation in which an attacker is able to execute arbitrary code without having physical access to the target system. | |||
| Remote Control Software | A program that provides access to a computer from a remote location. These programs are often installed by the computer owner or administrator, and are only a risk if unexpected. | |||
| Remote Procedure Call (RPC) | An interprocess communication mechanism that enables data exchange and invocation of functionality residing in a different process; that process can be on the same computer, on the local network, or on the Internet. | |||
| Resident | Malware is resident if it continuously runs in the computer. Malware may make itself, or a copy of itself, resident by making computer changes that automatically set it to run when the computer starts up. | |||
| Rogue Security Software | Software that appears to be beneficial from a security perspective but which provides limited or no security capabilities, generates a significant number of erroneous or misleading alerts, or which may attempt to socially engineer the user into participating in a fraudulent transaction. If you would like to confirm if a program is a rogue, you can submit a sample to the MMPC for analysis. | |||
| Rootkit | A program whose main purpose is to perform certain functions that cannot be easily detected or undone by a system administrator, such as hide itself or other malware. | |||
| Script (malware) | A type of malware that is written using a scripting language. Common forms of scripting language include JavaScript, HTML, and Visual Basic. | |||
| Security Bypass | A vulnerability in which a user is able to bypass security measures of an application. | |||
| Sender ID Framework | An Internet Engineering Task Force (IETF) protocol developed to authenticate email to detect spoofing and forged email with the typical tactic to drive users to phishing websites and to download malicious software. | |||
| Settings Modifier | A program that changes computer settings with or without the user's knowledge. | |||
| Shell | The command interpreter that is used to pass commands to the operating system. | |||
| Shellcode | Code used as the payload when a software vulnerability is exploited. Exploitation may result in the attacker starting a command shell, from which he or she can control the compromised computer, hence the term "shellcode". | |||
| Signature | A signature is a set of characteristics that can identify a malware. Signatures are used by antivirus and antispyware products to determine if a file is malicious or not. | |||
| Social Engineering | A technique that defeats security precautions in place by exploiting human vulnerabilities. Social engineering scams can be both online (such as receiving email messages that ask you to click on the attachment, which is actually malware) and offline (such as receiving a phone call from someone posing as a representative from your credit card company. Regardless of the method selected, the purpose of a social engineering attack remains the same - to get the targeted user to perform an action of the attacker's choice. | |||
| Software Bundler | A program that installs other potentially unwanted software, such as adware or spyware. The license agreement of the bundling program may require these other components to function. | |||
| Spam | Bulk unsolicited email. Malware authors may use spam to distribute malware, either by attaching the malware to the message, or by sending a message containing a link to the malware. Malware may also harvest email addresses for spamming from compromised computers, or may use compromised computers to send spam from. | |||
| Spam Run | A spam run is the term for a round of released spam. It may be used to refer to a single course of spam, for example, from the same servers, or spam that revolve around a common periodic theme, for example, Valentine's Day spam. | |||
| Spammer | A spammer is a trojan that sends large volumes of unsolicited email. It may also pertain to the person or entity responsible for sending out the unsolicited email messages. | |||
| Spoof | A type of attack where the source of a message (say, in an email message or on a webpage) is falsified to appear to come from a trusted third party. For example, malware authors often distribute malware via email that appears to come from a legitimate and trusted source. | |||
| Spoofer | A spoofer is a trojan that attempts to create fake email headers and other protocols that can be spoofed. | |||
| Spoofing | A vulnerability in which a user is able to mimic another user or system; for websites, this term pertains to when a website copies the same look and feel of another in order to trick users into mistaking one for the other. | |||
| Spyware | A Spyware detection describes a program that collects information, such as the websites a user visits, without adequate consent. Installation may be without prominent notice or without the user's knowledge. A TrojanSpy detection describes a trojan that has spyware capabilities. | |||
| SQL Injection | A technique in which an attacker enters a specially crafted Structured Query Language (SQL) statement into an ordinary web form. If form input is not filtered and validated before being submitted to a database, the malicious SQL statement may be executed, which could cause significant damage or data loss. | |||
|
Stack-based buffer overflow |
The more common type of buffer overflow in which the overflow occurs when a program writes to memory addresses outside of the buffer, usually fixed in size. As a result, data adjacent to the stack is overwritten, and may be exploited to allow arbitrary code to be executed. | |||
| Stealth | A method of hiding the presence of a threat, file or process. One form of stealth involves redirecting requests or attempts to view malicious files or code to an otherwise innocent location in a file or process. | |||
| Tool | A Tool detection is used for software that may have a legitimate purpose, but which may be abused by malware authors or attackers. A Hacktool detection is used for tools that have been designed more explicitly with malware authors or attackers in mind. A Virtool detection is used mostly for malware components, or tools that perform malware-related actions, such as rootkits. | |||
| Trojan | A malicious application that is unable to spread of its own accord. Historically, the term has been used to refer to applications that appear legitimate and useful, but perform malicious and illicit activity on an affected computer. | |||
| Trojan Clicker | A trojan clicker is a type of trojan that clicks. This could include trojans that initiate the installation of another program by clicking through dialog boxes in an installer program, however, it is more often applied to trojans that may be used to generate revenue by clicking on online advertisements or to increase web traffic to targeted sites. Trojan clickers can also be used to skew online polls (for any number of different reasons) and to add the appearance of legitimacy to sites that host potentially unwanted software, by making the applications they push appear to be more popular than they actually are. | |||
| Trojan Downloader/Dropper | A form of trojan that installs other malicious files to the infected computer either by downloading them from a remote computer or by dropping them directly from a copy contained in its own code. | |||
| Trojan Proxy | A trojan proxy is a type of trojan that installs a proxy server on a computer. A proxy server installed by a trojan can be configured so that all Internet requests made by the infected computer are routed via the proxy server to an attacker-controlled server. | |||
| Typosquatting | A form of cybersquatting where someone registers a domain name of a highly visited website, except with typographical errors (for example, microsooft.com). Also known as cybersquatting. | |||
| Unchecked Buffer | A condition in which the data written into a buffer is not validated; this may cause errors in the program when the data in the buffer is read. | |||
| Uninitialized Memory | Memory space that contains uninitialized value, which may leave the memory space in an unexpected state with it is accessed or used. | |||
| Uninitialized Pointer | A pointer that contains an uninitialized value, which might not point to a valid memory location and result in the application trying to read or write from this invalid location. | |||
| Uninitialized Variable | A variable that has not been initialized, which may lead to unexpected results if an application calls that variable at that time. | |||
| Unrestricted upload of a file with a dangerous type | A type of vulnerability in which the software allows an attacker to upload files of a dangerous type, in which "dangerous" means that the file is automatically processed and executed. | |||
| Use After Free | A situation in which memory is referenced after it has been freed, or expunged of its previous values; this can cause the application to fail, behave unexpectedly. | |||
| User Account Control | With User Account Control (or UAC, formerly known as "Least-privilege User Account," or LUA) enabled, interactive administrators normally run with least user privileges, but they can self-elevate to perform administrative tasks by giving explicit consent with the Consent UI. Such administrative tasks include installing software and drivers, changing system-wide settings, viewing or changing other user accounts, and running administrative tools. | |||
| User elevation | A process in which a user acquires higher privileges than those assigned by default. | |||
|
Virtual Machine |
A computer within a computer, implemented in software. A virtual machine emulates a complete hardware system, from processor to network card, in a self-contained, isolated software environment, enabling the simultaneous operation of otherwise incompatible operating systems. Each operating system runs in its own isolated software partition. | |||
| Virus | Malware that replicates, commonly by infecting other files in the computer, thus allowing the execution of the malware code and its propagation when those files are activated. Other forms of viruses include boot sector viruses and replicating worms. | |||
| Vunerability | A flaw, error, or poor coding technique in a program that may allow an attacker to exploit it for a malicious purpose. | |||
| WildList | A list of malware that is used for testing antimalware products. | |||
| Worm |
A worm is a self-propagating program that can automatically distribute itself from one computer to another. Worms may propagate themselves using one or more of the following methods: |
|||
|
Email programs |
||||
|
Instant Messaging programs |
||||
|
File-sharing programs |
||||
|
Social networking sites |
||||
|
Network shares |
||||
|
Removable drives with Autorun enabled |
||||
|
Software vulnerabilities |
||||
| XML Injection | A type of vulnerability in which the application does not properly neutralize special XML elements, which may allow an attacker to change the XML file. | |||
| XSS | See cross-site scripting. | |||
| HTML | One of the three most poplular programming languages for websites. These languages use short commands to tell the webite what and how to display the information. | |||
| HTML 5 | One of the three most poplular programming languages for websites. These languages use short commands to tell the webite what and how to display the information. | |||
| XML | One of the three most poplular programming languages for websites. These languages use short commands to tell the webite what and how to display the information. | |||
| CSS & CSS3 | Short for Cascading Style Sheets. This determines the layout of more than one web page at once. | |||
| Javascript | A more complex programming language that can also be used on HTML websites. | |||
| Static Web Content | This content usually remains the same all the time. | About Us pages on your website. | ||
| Dynamic Web Content | This is content that usually changes in real time. | Linkedin, Blogs, Facebook, Twitter | ||
| SaaS | Software as a service, this can be an application installed anywhere other than your computer and is accessed via the web. | Google Apps | ||
| Organic Search | A search who's results are returned based on the relevance to the term that was searched, NOT advertised search results. | |||
| Paid Search | A search who's results are deteremined by companies that paid for their advertisements to come up when you search a certain word. Companies bid on words and use the advertisements to draw customers to their website. | |||
| Like and Follow | These terms relate directly to Facebook and Twitter (respectively) for now. Some businesses create a following on these web sites and try to get customers to "Like" and "Follow" them on Facebook and Twitter. | |||
| Payment Gateways | Online versions of a point of sale terminal. Used to accept payments such as credit cards, debit cards, etc. | |||
| Point of Sale | A generic term used to refer to "checkout". Ths can be a cash register in a store or online payment processing. | |||
