An attempt to gain unauthorized access or to make unauthorized use of a system by exploiting the system's vulnerable point. It may result in a change in the system's logic, causing the system to perform actions as controlled by the attacker. Malware such as botnet, trojan and virus may also be used in carrying out an attack.
A type of attack that typically targets authentication mechanisms such as passwords. It is an exhaustive, trial-and-error attempt that involves rapidly cycling through a comprehensive list of possible passwords or decryption keys, until the correct one is entered.
A vulnerability stemming from a program's management of memory resources. Normally, a program will allocate specific 'areas' of memory to hold any temporary information it needs. But under certain circumstances, an attacker may use excessive amount of data, forcing the program to write data in unexpected locations in the memory. This results in the data 'overflowing' the boundaries set up by the program, hence the name.
A programming error in an application's code, a bug usually results in undesirable effects which range from barely detectable quirks in the application's performance to completely crippling it. Most known bugs are those that afflict legitimate programs and impact user's ability to use the program. If the bug is particularly severe (e.g., it causes an application to crash or introduces security risks), it may be considered a vulnerability.
A type of online attack that involves misappropriating a user's actions on a website to perform unauthorized and unintended actions. This attack generally involves an attacker embedding malicious code or script on a website, often by exploiting an iframe vulnerability. The code is then triggered by certain actions performed by an unsuspecting, who believes he/she is performing actions on the actual website.
Common Vulnerabilities and Exposures (CVE)
A reference system maintained by MITRE Corporation that provides an identifier for a publicly known vulnerability.
A situation that resulted when there is a possibility that an attack would be successful in exploiting a vulnerability.
A mechanism, configuration or action that can prevent or mitigate a threat. For example, a firewall rule that denies traffic to the affected service, a signature to catch datagrams known to be involved in a successful attack, etc. A countermeasure can protect against many compromises.
Denial of Service (DoS)
A type of Internet-based attack that denies user access to a service (e.g., website, network) by overloading the relevant computer resource or network device. A typical attack involves a host machine sending a massive amount of requests to the target. When this target reaches its maximum capacity of handling such requests, it is unable to process any more new requests until the old pending ones are resolved - hence, denial of service.
An object (program, section of code, string of characters) that takes advantage of a vulnerability in a program or operating system to perform various actions. Upon successful usage, exploits could allow an attacker to perform a wide range of possible actions, from viewing data on a restricted database to taking control of a compromised system.
The 'central core' of most operating systems, the kernel is a component directly responsible for communications between the software and hardware components of a computer. Its main task is to efficiently manage the computer's physical resources (CPU, RAM, etc.) so that a user can execute an application (a document editor, a game, etc.). Given the critical importance of the kernel, most security experts will strongly recommend users to keep their computer system updated with the latest patches issued by the operating system vendors.
A small program or code issued by a vendor in order to fix the issues and problems discovered in its program or operating system. Patches are usually released to fix bugs, vulnerabilities or usability issues.
The act of falsifying characteristics or data, ususally in order to conduct a malicious activity. For example, if a spam e-mail's header is replaced with a false sender address in order to hide the actual source of the spam, the e-mail header is said to be 'spoofed.'
An attack also involve elements of spoofing, as it prevents or complicates the process of identifying the correct source of the attack. There are many kinds of such 'spoofing attacks' such as e-mail spoofing, Internet Protocol spoofing, URL spoofing and so on.
A flaw or security loophole that may allow other users, applications or attackers to affect a program or system without the user's authorization or knowledge. A vulnerability can be a flaw in a program's fundamental design, a bug in its code that allow improper usage of the program, or simply weak security practices that allow attackers to access the program without directly affecting its code.
A type of attack that exploits a recently publicized vulnerability or security loophole, before the program vendor or the security community is able to develop a patch. The period between the public announcement of the vulnerability and the first release of a patch is also sometimes referred to as "zero hour."
For a more extensive list of terms and definitions, please refer to the Terminology section.