June 2007

  • Watchfire will help IBM build application security

    Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend.

  • Malware: Glossary

    This is a glossary of terms related to malware.

  • Malicious Computer Code: Glossary

    This is a glossary of terms related to malicious computer code.

  • buffer overflow

    A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold.

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data. The practice is similar to eavesdropping but is not necessarily limited to gaining access to data dur...

  • war dialer

    A war dialer is a computer program used to identify the phone numbers that can successfully make a connection with a computer modem.

  • snoop server

    A snoop server is a server that uses a packet sniffer program to capture network traffic for analysis.

  • white hat

    White hat describes a hacker (or, if you prefer, cracker) who identifies a security weakness in a computer system or network but, instead of taking malicious advantage of it, exposes the weakness i...

  • smurfing

    A smurf attack is an exploitation of the Internet Protocol (IP) broadcast addressing to create a denial of service.

  • pharming

    Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.

  • phreak

    A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.

  • Google hacking (Google scanning or Engine hacking)

    Google hacking is the use of a search engine, such as Google, to locate a security vulnerability on the Internet...

  • man in the middle attack (fire brigade attack)

    A bucket brigade attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting their own public key for the requested one, so that the two...

  • ethical hacker

    An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.

  • Echelon

    Echelon is an officially unacknowledged U.S.-led global spy network that operates an automated system for the interception and relay of electronic communications.

  • hacktivism

    Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

  • gray hat (or grey hat)

    Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners.

  • hijacking

    Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades...

  • packet monkey

    On the Internet, a packet monkey is someone (see cracker, hacker, and script kiddy) who intentionally inundates a Web site or network with data packets, resulting in a denial-of-service situation f...

  • Electrohippies Collective

    The Electrohippies Collective is an international group of hacktivists based in Oxfordshire, England, whose purpose is to express its displeasure with the use of the Internet "as a tool for corpora...