×

Irish Information Security Forum

Cybersecurity Terminology

cybersecurity Ireland terminology 

Backdoors

Backdoors allow remote access to computers or systems without users’ knowledge.

 

Formjacking

Formjacking is the process of inserting malicious JavaScript code into online payment forms to harvest customers’ card details.

 

Cryptojacking

Cryptojacking is the malicious installation of cryptocurrency mining – or ‘cryptomining’ – software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.

 

DDoS attacks

DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash. more

 

DNS poisoning attacks

DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.

 

Botnets

Botnets are large networks of compromised computers, whose processing power is used without the user’s knowledge to carry out criminal activity. This can include distributing spam or phishing emails or carrying out DDoS attacks.

 

Drive-by downloads

Drive-by downloads install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action, such as clicking malicious email attachments or links, to infect them.

 

Exploits and exploit kits

An exploit is a piece of malicious code that can compromise a security vulnerability. Many have been developed by the security services. For instance, in 2017 the WannaCry ransomware spread using an exploit known as EternalBlue. This exploit had been created by and stolen from the US National Security Agency. Exploit kits are collections of multiple exploits. Available for rent on the dark web, they enable unskilled criminals to automate attacks on known vulnerabilities.

 

Malware

Malware is a broad term used to describe any file or program intended to harm or disrupt a computer. more

 

MFA

Multi-factor authentication (MFA) enhances security by requiring multiple forms of verification before granting access. Here are some common MFA methods and their relative security:

 

MITM attacks

A MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read and/or altered.

MITM attacks often happen when a user logs on to an insecure public Wi-Fi network. Attackers can insert themselves between a visitor’s device and the network. The user will then unknowingly pass information through the attacker.

 

Phishing attacks

Phishing is a method of social engineering used to trick people into divulging sensitive or confidential information, often via email. Not always easy to distinguish from genuine messages, these scams can inflict enormous damage on organisations. more

 

Quishing

Quishing is a form of phishing attack that uses QR codes to lure victims. Cybercriminals create a QR code that appears legitimate, such as one offering a discount or special offer. more.

 

Social engineering

Social engineering is used to deceive and manipulate victims to obtain information or gain access to their computer.

This is achieved by tricking users into clicking malicious links or by physically gaining access to a computer through deception. more

 

SQL injection

A SQL (Structured Query Language) injection occurs when an attacker inserts malicious code into a server that uses SQL. SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data.

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter