Cybersecurity Terms You Should Know – Part 5

Cybersecurity requires a ton of knowledge across many different areas and seemingly all at once. This short series of articles aims to give newer friends some guidance. If I did something dumb, please let me know on twitter @digibeard_yt or you can email at howdy@digibeard.io. Let’s Go!
Part 1, Part 2, Part 3, Part 4.

Ransomware

Malware that encrypts all the files on your system. It then asks for a ransom, usually in bitcoin, to get the key needed to decrypt your files.

Rainbow Table

These are pre-calculated password hashes that will aid you in cracking password hashes of the target much more easily.

Reconnaissance

Finding information about your target(s) using methods like a google search, visiting the company website or using other publicly available data to enhance your profile on the target.

Reverse Engineering

This is rebuilding a piece of software based on the functions it steps through.

Role-Based Access

This is another form of access or ACL that can be configured to have certain roles such as help desk II or management roles versus developer roles.

Rootkit

Rootkit are hard to detect software that allows for malicious and unauthorized use. Typically, rootkits install themselves so they run everytime the machine is booted.

Scanning

A fundamental part of recon, you’re going to want to know how the network or resource works, scanning with nmap or nikto/nessus/etc will take advantage of automated scanning for you.

Secure Shell (SSH)

Secure shell is the protocol that establishes an encrypted communication channel between client and server. SSH is instrumental is allowing you to remotely access a server for system administration tasks.

Session

A session is the duration over which a communication channel is open between two or more machines.

Session Hijacking

Stealing someone’s session via MITM. You can steal the cookies or session tokens needed to move forward and then authenticate as the user.

Social Engineering

The art (and apparently science?) of tricking people into helping you with something that’s not in their best interest.

Secure Hashing Algorithm (SHA)

SHA is a widely used family of encryption algorithms. SHA is a one-way algorithm, it should not be considered the same as an encryption algorithm you can decrypt.

Sniffing

Passively watching traffic float by using a MITM attack on the network, sniffing can be performed on wired or wireless networks.

Spam

Unwanted digitial communications, includes email, social media messages and more. Typically aims to drive you to a malicious, credential stealing website that looks like the real thing.

Syslog

System administrators use the systems logging protocol to capture all activity on a server. Typically the logs are stored on a separate server to retain any logs in the event of an attack.

Secure Sockets Layer (SSL)

SSL allows for an encrypted tunnel between a client and server. When you login to Twitter, only the encrypted text is present and not the original password.

Snort

Snort is an open-source Intrusion Detection System for Windows and Linux. Works fantastic when paired with an active firewall.

SQL Injection

A form of attack on SQL databases where the user input is not validated for dangerous or malicious SQL queries.

Trojan

Trojans are a type of malware hidden inside software. Trojans tag along with legitimate software and aren’t disclosed to the user. Like the Trojan Horse of old, there is malicious software packed inside of things like pirated games or copies of Microsoft Office.

Traceroute

A handy tool that maps out the route that a packet takes between its source and its destination.

Tunnel

A private, encrypted channel between two or more machines.

Virtual Private Network (VPN)

A subnetwork wrapped within a network. VPNs are all the more common in the post-pandemic World of Work From Home.

Virus

A batch of code and instructions created to perform a specific action on targeted systems. A virus has to be triggered to activate, something like clicking on the program on a sketchy USB or opening an unexpected attachment in your email.

Vulnerability

A point of attack that is caused by a bug or through intentional or unexpected network design.

War Driving

Driving through areas of a city mapping out wifi networks. This could also be used maliciously by identifying WAPs without password protection.

WHOIS

The WHOIS database contains information about the owner of a website, it might mention specific nameservers or IP ranges or DNS records.

Wireshark

Open-source network traffic analyzer. Wireshark also allows one to filter out requests and responses for network troubleshooting.

Worm

Unlike Trojans and other Virus that need a trigger, worms are capable of replicating themselves and spreading to other network devices.

Wireless Access Point (WAP)

The Wireless Access Point or WAP, for short, is the device that allows wireless devices to connect to the Internet.

Wireless Application Firewall (WAF)

A next-gen firewall or a WAF, is a firewall for web applications that helps mitigate a number of attacks such as cross-site scripting, DoS and other OWASP Top 10 Vulnerabilities.

Zero-Day

A newly found vulnerability in a system where there is no patch. Zero-days are dangerous to combat since there is no possible way to protect against one in the wild.

Zombie

A compromised machine. These are often infected via worms, viruses or trojans and controlled by an attacker. A group of zombies would be a botnet.

Part 1, Part 2, Part 3, Part 4.