Tools
Terminology
Stealth Virus
A virus that hides its presence and/or actions from antivirus programs or system security process by using a variety of techniques.
Time Bomb
A destructive action, usually performed by a program that has been silently installed on a system or network, that is triggered when a specific time or date condition is met.
Toolbar
A type of browser plug-in, toolbars are applications which are 'added on' to web browser programs to provide additional functionality. Most toolbars are innocuous, but some toolbars are designed to secretly monitor a user's online browsing behavior.
Tracking Cookies
Cookies that monitor and record a user's browsing habits, collecting information about pages visited and advertisements seen during the browsing session.
Tracking cookies are typically used by advertisers wishing to analyze and manage advertising data, though they may be used for more malicious purposes.
Tracking cookies are far more limited in capability than most forms of tracking technology, as they are simply a text file on the user's computer. Some users with concerns about privacy invasion or information security may choose to disable all use of all cookies by the web browser, in order to prevent tracking cookies from monitoring their activities.
Trackware
Software that monitors user behavior or gathers information about the user. The information gathers can sometimes including personally identifiable details, passwords or other sensitive materials.
Variant
A program that bears sufficient similarity to a previously identified program to be categorized as a member of the same "family" of programs.
Vulnerability
A flaw or security loophole that may allow other users, applications or attackers to affect a program or system without the user's authorization or knowledge.
A vulnerability can be a flaw in a program's fundamental design, a bug in its code that allows improper usage of the program, or simply weak security practices that allow attackers to access the program without directly affecting its code.
Patching a vulnerability requires the program vendor to create a patch – or code to rectify the flaw or loophole – and distribute it to all users in order to protect the system from exploitation.
Zero-Day Exploit
A type of attack that exploits a recently publicized vulnerability or security loophole, in order to attack their targets before program vendors or the security community are able to develop a patch for the vulnerability. This type of attack can be very destructive.
The period between the public announcement of a vulnerability and the first release of a patch fixing the vulnerability is sometimes referred to as "zero hour" – even if the actual timespan is longer than an hour.
Zombie
A computer system or server that is connected to the Internet and has been infected with specialized malware that allows the attacker to use the machine's resources.
A bot-infected system will often be harnessed into a botnet, or a collection of similarly infected machines. The collective resources of the botnet can be used to perform a variety of malicious actions, including launching DDoS attacks or sending out spam.