Professional Cyber Security Services
Terminology
Popular terms
Remote Desktop Software
Remote Desktop software, also known as remote access software, allows a user to seamlessly connect to and interact with a computer in another location. Remote desktop software enables the user to see and control a connected PC or laptop as though they were sitting directly in front of it. Remote access solutions are helpful for collaborative work, technical support and demonstrations
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) is a combined security solution containing software products and services that allow real-time monitoring of various rule-based cybersecurity logs directed to data from multiple variety of IT systems and integrated into incidents that can be correlated and handled.
Security Operation Center – SOC
Security Operation Center – SOC is a centralized function within an organization that employs processes and technology to continuously monitor and improve an organization's security posture while preventing, detecting, analyzing and responding to cybersecurity incidents. This is where the information from the various information security software comes in, with the main purpose of allowing security teams to detect and prioritise threats on client computers.
Session
“Session” is the term used to refer to a visitor’s time browsing a web site. It’s meant to represent the time between a visitor’s first arrival at a page on the site and the time they stop using the site. A "web session" is a series of contiguous actions by a visitor on an individual website within a given time frame. This could include your search engine searches, filling out a form to receive content, scrolling on a website page, adding items to a shopping cart, researching airfare, or which pages you viewed on a single website. Any interaction that you have with a single website is recorded as a web session to that website property.
Cookies
HTTP Cookies are essential to the modern Internet but a vulnerability to your privacy. Cookies are built specifically for Internet web browsers to track, personalize and save information about each user's session. A "session" just refers to the time you spend on a site. Cookies let websites remember you, your website logins, shopping carts and more.
SQL injection
SQL Injection is one of the most common ways to compromise websites and web applications that work with databases. In practice, it is the embedding of SQL code into a query that is generally executable for the application or site itself. The most commonly exploited vulnerabilities are in the program code that are allowed by the programmers during the implementation of the applications or sites.
Cross Site Scripting (XSS)
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site.
Malicious Software (Malware)
Malware, short for “malicious software,” refers to any intrusive software developed by cybercriminals (often called “hackers”) to steal data and damage or destroy computers and computer systems. Examples of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware. Recent malware attacks have exfiltrated data in mass amounts.
Virus
Viruses are a subgroup of malware. A virus is malicious software attached to a document or file that supports macros to execute its code and spread from host to host. Once downloaded, the virus will lay dormant until the file is opened and in use. Viruses are designed to disrupt a system’s ability to operate. As a result, viruses can cause significant operational issues and data loss.
AdWare
Adware is malicious software used to collect data on your computer usage and provide appropriate advertisements to you. While adware is not always dangerous, in some cases adware can cause issues for your system. Adware can redirect your browser to unsafe sites, and it can even contain Trojan horses and spyware. Additionally, significant levels of adware can slow down your system noticeably.
Spyware
Spyware is malicious software that runs secretly on a computer and reports back to a remote user. Rather than simply disrupting a device’s operations, spyware targets sensitive information and can grant remote access to predators. Spyware is often used to steal financial or personal information. A specific type of spyware is a keylogger, which records your keystrokes to reveal passwords and personal information.
Keylogger
A keylogger is an insidious form of spyware. Keyloggers are activity-monitoring software programs that give hackers access to your personal data. The passwords and credit card numbers you type, the webpages you visit – all by logging your keyboard strokes. The software is installed on your computer, and records everything you type. Then it sends this log file to a server, where cybercriminals wait to make use of all this sensitive information.
Backdoor
Backdoor is a software that is installed and offers a third party the ability to control a program or an entire computer. Backdoors are not always malicious and there are cases where they are used for legitimate purposes by authorized system administrators. In most cases, especially when a home computer is involved, backdoors are malicious. They are usually installed by worms or Trojans. A backdoor consists of two components: a server and a client. The server is the component that is installed on the computer that will need to be controlled, and the client is the component that is used by the malicious individual. Some of you may make an association with remote access programs such as TeamViewer, RealVNC, UltraVNC, TightVNC, Remote Administrator, and others. The associations are quite accurate because the back door may be more or less similar to these types of programs. The main difference is that the programs are installed with the user's knowledge, while backdoors are secretive.
Dangerous scripts
Pieces of program code that, in a particular situation, could cause malware to be downloaded and/or give unauthorized access to a customer's computer.
Spam
Spam is any kind of unwanted, unsolicited digital communication that gets sent out in bulk. Often spam is sent via email, but it can also be distributed via text messages, phone calls, or social media.
Cloud service
It is a technology service produced by a network of multiple servers and computers (a cluster), rather than by separate, stand-alone physical instances. These servers and computers pool their computing resources into a single system (Cloud). The services provided through this type of technology are intended to provide the logical and computing power to ensure the speed and continuity of processes.
Phishing
Represents a malicious attempt to obtain sensitive information such as username, password, and credit card details by the perpetrator assuming someone else's identity in electronic communications. It most often starts with creating a duplicate of an existing web page of a major e-commerce store, institution, bank, or credit company. Cybercriminals then send emails to trick recipients into going to the fake website. The goal is for the customer, as an insufficiently enlightened user, to provide the hacker with their login details - usernames and passwords and/or personal and/or credit card details - which can then be used to act against the user.
DNS Web Filtering
DNS filtering is the process of using the "Domain Name System" to block malicious websites and filter out harmful or inappropriate content. This ensures that company data remains secure and allows companies to have control over what their employees can access on company-managed networks. DNS filtering is often part of a larger access control strategy.
AD - Active Directory
A Microsoft product that consists of services for managing permissions and access to network resources. Active Directory stores data as objects. Each object represents a single item, such as a user, a group of users, an application, or a hardware device. Objects are usually defined as resources (printers or computers) or security principles (users or user groups). The goal is to be able to administer and define group rules and policies for multiple users and devices.
Sniffing (Tapping a network)
Monitoring and recording network traffic.
Denial of service - DoS/DDoS
DoS stands for Denial of Service. The difference between DoS and DDoS attacks is whether one computer is used in the attack, or the attack is sent from multiple sources. Sources can include traditional computers and also Internet-connected devices that have been taken over as part of a botnet.
DDoS, or Distributed Denial of Service, which is a malicious network attack that involves hackers forcing numerous Internet-connected devices to send network communication requests to one specific service or website with the intention of overwhelming it with false traffic or requests. This has the effect of tying up all available resources to deal with these requests, and crashing the web server or distracting it enough that normal users cannot create a connection between their systems and the server.
