Get started

Bring yourself up to speed with our introductory content.

Get started

Bring yourself up to speed with our introductory content.

  • phlashing

    Phlashing is a permanent denial of service (PDoS) attack that exploits a vulnerability in network-based firmware updates. Such an attack is currently theoretical but if carried out could render the target device inoperable... (Continued) Continue Reading

  • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)

    Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol that forms part of the 802.11i standard for wireless local area networks (WLANs), particularly those using WiMax technology... (Continued) Continue Reading

  • password hardening

    Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process. Continue Reading

  • keystroke dynamics

    Keystroke dynamics are the patterns of rhythm and timing created when a person types...(Continued) Continue Reading

  • anti-money laundering software (AML)

    Anti-laundering software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions... (Continued) Continue Reading

  • DNS rebinding attack

    DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router. The attack works on widely-used routers such as D-Link and Linksys and could, in fact, target any device that uses a...Continue Reading

  • Kraken

    Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet." Single bots infected with Kraken malware have been recorded sending up to 500,000 spam ...Continue Reading

  • Open Source Hardening Project

    The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code. Because the infrastructure of the Internet, financial institutions and many other critcal...Continue Reading

  • finger vein ID

    Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data...(continued)Continue Reading

  • extrusion prevention

    Extrusion prevention, also called exfiltration prevention, is the practice of stopping data leaks by filtering outbound network traffic and preventing unauthorized packets from moving outside the network. In contrast, extrusion detection simply ...Continue Reading

  • role mining

    Role mining is the process of analyzing user-to-resource mapping data to determine or modify user permissions for role-based access control (RBAC) in an enterprise... (Continued)Continue Reading

  • screened subnet (triple-homed firewall)

    A screened subnet (also known as a 'triple-homed firewall') is a network architecture that uses a single firewall with three network interfaces... (Continued)Continue Reading

  • Securities and Exchange Commission (SEC)

    The Securities and Exchange Commission (SEC) is a U.S. government agency that oversees securities transactions, activities of financial professionals and mutual fund trading to prevent fraud and intentional deception... (Continued)Continue Reading

  • Secure Electronic Transaction (SET)

    Secure Electronic Transaction (SET) is a system for ensuring the security of financial transactions on the Internet.Continue Reading

  • mutual authentication

    Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other... (Continued)Continue Reading

  • PAN truncation (primary account number)

    PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers... (Continued)Continue Reading

  • PCI DSS Requirement 8: Assign unique user IDs to those with access

    To pass a PCI compliance audit, organizations need to be capable of verifying who is attempting access to an asset. They also must control what employees are permitted to see or modify, and do so based on their organizational role. In this PCI ...Continue Reading

  • PCI DSS Requirement 11: Regularly test security systems and processes

    Craig Norris explains why internal and external network scans are necessary to complete Requirement 11 of the PCI Data Security Standard, one that frequently baffles security professionals.Continue Reading

  • Rock Phish

    Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated group of hackers. While the authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit ...Continue Reading

  • authentication server

    An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued)Continue Reading

  • JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)Continue Reading

  • defense in depth

    Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued)Continue Reading

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data. The practice is similar to eavesdropping but is not necessarily limited to gaining access to data during its transmission. Snooping can include casual ...Continue Reading

  • phreak

    A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines.Continue Reading

  • cyberstalking

    Cyberstalking is a crime in which the attacker harasses a victim using electronic communication, such as e-mail or instant messaging (IM), or messages posted to a Web site or a discussion group.Continue Reading

  • cookie poisoning

    On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.Continue Reading

  • shadow password file

    In the Linux operating system, a shadow password file is a system file in which encryption user password are stored so that they aren't available to people who try to break into the system.Continue Reading

  • promiscuous mode

    In a network, promiscuous mode allows a network device to intercept and read each network packet that arrives in its entirety. This mode of operation is sometimes given to a network snoop server that captures and saves all packets for analysis (for...Continue Reading

  • salt

    In password protection, salt is a random string of data used to modify a password hash.Continue Reading

  • public key certificate

    A public key certificate is a digitally signed document that serves to validate the sender's authorization and name.Continue Reading

  • RADIUS (Remote Authentication Dial-In User Service)

    Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or ...Continue Reading

  • NCSA

    NCSA at the University of Illinois in Urbana, Illinois is the home of the first Web browser that had a graphical user interface.Continue Reading

  • script kiddy (or script kiddie)

    Script kiddy (sometimes spelled kiddie) is a derogative term, originated by the more sophisticated crackers of computer security systems, for the more immature, but unfortunately often just as dangerous exploiter of security lapses on the Internet.Continue Reading

  • mail bomb

    A mail bomb is the sending of a massive amount of e-mail to a specific person or system.Continue Reading

  • logon (or login)

    In general computer usage, logon is the procedure used to get access to an operating system or application, usually in a remote computer.Continue Reading

  • footprinting

    In the study of DNA, footprinting is the method used to identify the nucleic acid sequence that binds with proteins.Continue Reading

  • AAA server (authentication, authorization, and accounting)

    An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.Continue Reading

  • Automated Fingerprint Identification System (AFIS)

    The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.Continue Reading

  • Sender Policy Framework (SPF)

    Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as ...Continue Reading

  • Public-Key Cryptography Standards (PKCS)

    The Public-Key Cryptography Standards (PKCS) are a set of intervendor standard protocols for making possible secure information exchange on the Internet using a public key infrastructure (PKI).Continue Reading

  • security policy

    In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets.Continue Reading

  • OCSP (Online Certificate Status Protocol)

    OCSP (Online Certificate Status Protocol) is one of two common schemes for maintaining the security of a server and other network resources.Continue Reading

  • plaintext

    In cryptography, plaintext is ordinary readable text before being encrypted into ciphertext or after being decrypted.Continue Reading

  • honeynet

    A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.Continue Reading

  • data splitting

    Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.Continue Reading

  • Digital Signature Standard (DSS)

    Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authenticationof electronic documents.Continue Reading

  • Encrypting File System (EFS)

    The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.Continue Reading

  • anonymous email

    Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.Continue Reading

  • cloaking

    Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading

  • Rijndael

    Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES).Continue Reading

  • CISSP certification can serve as introduction to regulatory compliance

    The CISSP is widely considered a valuable baseline certification for information security professionals, but its coursework can also be a valuable introduction to the complex world of regulatory compliance. As certification expert Peter H. Gregory ...Continue Reading

  • Endpoint Security

    Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network.Continue Reading

  • directory traversal

    Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory... (Continued)Continue Reading

  • Cisco Certified Security Professional (CCSP)

    A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading

  • digest authentication

    Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading

  • click fraud (pay-per-click fraud)

    Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.Continue Reading

  • drive-by pharming

    Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)Continue Reading

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading

  • public key

    In cryptography, a public key is a value provided by some designated authority as an encryption key that, combined with a private key derived from the public key, can be used to effectively encrypt messages and digital signatures.Continue Reading

  • LUHN formula (modulus 10)

    The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.Continue Reading

  • spam filter

    A spam filter is a program that is used to detect unsolicited and unwanted email and prevent those messages from getting to a user's inbox.Continue Reading

  • biometric payment

    Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.Continue Reading

  • Information Security Governance Guide

    This guide provides an introduction to what information security governance and a security program are, and examines how to deploy security policies within any environment.Continue Reading

  • man in the browser

    Man in the browser refers to an emerging tactic used by hackers to commit financial fraud... (Continued)Continue Reading

  • Wired Equivalent Privacy (WEP)

    Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is ...Continue Reading

  • ILOVEYOU virus

    The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more ...Continue Reading

  • VLAN hopping (virtual local area network hopping)

    VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.Continue Reading

  • SOX Compliance for the Security Practitioner

    This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, ...Continue Reading

  • dictionary attack

    A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an ...Continue Reading

  • PUP (potentially unwanted program)

    A PUP (potentially unwanted program) is a program that may be unwanted, despite the possibility that users consented to download it.Continue Reading

  • shoulder surfing

    Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.Continue Reading

  • Elk Cloner

    Elk Cloner was the first computer virus known to have spread in the wild.Continue Reading

  • stealth virus

    In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.Continue Reading

  • blended threat

    A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.  Continue Reading

  • security token (authentication token)

    A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service.Continue Reading

  • trusted computing base (TCB)

    The trusted computing base (TCB) is everything in a computing system that provides a secure environment.Continue Reading

  • Klez

    Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.Continue Reading

  • Nimda

    First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the Internet, spreading through four different methods, infecting computers containing Microsoft's Web server, Internet Information ...Continue Reading

  • elliptical curve cryptography (ECC)

    Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.Continue Reading

  • CRAM (challenge-response authentication mechanism)

    CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).Continue Reading

  • cryptographic checksum

    A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.Continue Reading

  • MICR (magnetic ink character recognition)

    MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.Continue Reading

  • walled garden

    On the Internet, a walled garden is an environment that controls the user's access to Web content and services.Continue Reading

  • Chernobyl virus

    The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.Continue Reading

  • Electronic Code Book (ECB)

    Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa.Continue Reading

  • ciphertext feedback (CFB)

    Ciphertext feedback (CFB) is a mode of operation for a block cipher. In contrast to the cipher block chaining (CBC) mode, which encrypts a set number of bits of plaintext at a time, it is at times desirable to encrypt and transfer some plaintext ...Continue Reading

  • Electronic Signatures in Global and National Commerce Act (e-signature bill)

    The Electronic Signatures in Global and National Commerce Act (often referred to as the e-signature bill) specifies that in the United States, the use of a digital signature is as legally valid as a traditional signature written in ink on paper.Continue Reading

  • quantum cryptography

    Quantum cryptography uses our current knowledge of physics to develop a cryptosystem that is not able to be defeated - that is, one that is completely secure against being compromised without knowledge of the sender or the receiver of the messages.Continue Reading

  • key

    In cryptography, a key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text, or to decrypt encrypted text.Continue Reading

  • security identifier (SID)

    In Windows NT and 2000 operating systems, the security identifier (SID) is a unique alphanumeric character string that identifies each operating system and each user in a network of NT/2000 systems.Continue Reading

  • executable

    In computers, to execute a program is to run the program in the computer, and, by implication, to start it to run.Continue Reading

  • cryptology

    Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.Continue Reading

  • access log

    An access log is a list of all the requests for individual files that people have requested from a Web site.Continue Reading

  • sudo (superuser do)

    Sudo (superuser do) is a utility for UNIX- and Linux-based systems that provides an efficient way to give specific users permission to use specific system commands at the root (most powerful) level of the system. Sudo also logs all commands and ...Continue Reading

  • Bugbear

    Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers. It is similar to an earlier virus, Klez, in terms of its invasion approach and rapid proliferation.Continue Reading

  • Blowfish

    Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.Continue Reading

  • signature file

    A signature file is a short text file you create for use as a standard appendage at the end of your e-mail notes or Usenet messages.Continue Reading

  • one-time pad

    In cryptography, a one-time pad is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.Continue Reading

  • Melissa virus

    Melissa is a fast-spreading macro virus that is distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or Word 2000, and, if the user has the Microsoft Outlook e-mail program, causes the virus to be resent ...Continue Reading

  • vandal

    A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user.Continue Reading

SearchCloudSecurity
SearchNetworking
SearchCIO
SearchEnterpriseDesktop
SearchCloudComputing
ComputerWeekly.com
Close