Internet Security Adware Ad Supported Software, Often Called Adware
Total Page:16
File Type:pdf, Size:1020Kb
Internet Security Adware Ad supported software, often called adware, is used when referencing any type of software that downloads or displays unwanted advertisement on a computer while the software is being used. Adware is often bundled in with software the computer owner wants. Adware can also be spyware; a type of malware that is considered to be privacy invasive. Antivirus Software Antivirus (or anti-virus) software is used to safeguard a computer from malware, including viruses, computer worms, and trojans. Antivirus software may also remove or prevent spyware and adware, along with other forms of malicious software. Backdoor A backdoor refers to a method in which a hacker can bypass normal authentication on a computer to gain remote access without the knowledge of the user. A backdoor is a general term that may refer to installed software or a modification to an existing program or hardware. Black Hat Hacker An individual with extensive computer knowledge whose purpose is to breach or bypass internet security. The general view is that, while hackers build things, crackers break things. Also known as a Cracker. Black Hat SEO Black hat search engine optimization refers to a backhanded method of garnering a higher ranking in search engines. The practice is understandably frowned upon by search engines, and the perpetrating sites are punished accordingly. Common techniques include spamdexing, hidden text, and cloaking. Botnets Bots, or robots, serve a command computer, carrying out automated functions at their master’s bidding. Common bot crimes include denial-of-service, extortion, identity theft, spam, and fraud. Multiple infected computers together form a botnet, with each individual computer also termed a zombie. Cache A cache is a repository for stored data. It expedites the process of retrieving data. Cloud Computing Cloud computing is a general term for services over the internet that is better divided into three categories: Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service. IaaS (or utility computing) follows a traditional utilities model, providing servers and storage on demand with the consumer paying accordingly. PaaS allows for the construction of applications within a provider’s framework, like Google’s App Engine. SaaS enables customers to use an application on demand via a browser. Computer Virus A computer virus is a computer program that spreads malicious code. Although some viruses are latent, others can corrupt data or impede system performance. The term is specific, distinguished by how viruses are distributed (through downloads, email attachments, or removable media such as CDs, DVDs, or USB drives), but is often used as a catchall, much like the word “malware.” Browser Cookies Cookies are text retained on computers by browsers containing information filled into websites. A cookie may be used to remember a username, for example, so that the name will autofill on the user’s next visit. Cookies may be disabled, or cookie options customized, due to privacy concerns. Crackers An individual with extensive computer knowledge whose purpose is to breach or bypass internet security. The general view is that, while hackers build things, crackers break things. Also known as a Black Hat Hacker. Cyberterrorism In the most extreme sense of the term, cyberterrorism encompasses a computer-based act (a threat or an attack) perpetrated with the express intent of inspiring fear and performed in the name of some sort of ideology. Denial of Service (DoS) Attack A denial-of-service (DoS) attack involves an attempt to disrupt the normal functioning of a website or web service. In a typical DoS attack, the attacker will overload a site’s server with requests for access far above the capacity of the site, meaning that legitimate requests cannot be processed. Domain Name System (DNS) The Domain Name System (DNS) allows users to type easy-to-remember domain names into a browser while the computer interprets the name as a series of numbers, the IP (Internet Protocol) address. Each address is unique, enabling users to access the same result from any computer, anywhere, without conflict. Drive-by Downloads Drive-by downloads are downloads of software, adware, or malware that is either authorized by the user without understanding the consequences or downloaded without the knowledge of the user. This can occur by visiting nefarious websites, clicking on links in email, or clicking on a popup ad. Exploit An exploit is the use of software, data, or commands to “exploit” a weakness in a computer system or program to carry out some form of malicious intent, such as a denial-of-service attack. Patches are intended to remedy these vulnerabilities as soon as they are revealed. Fast Flux Botnets Botnets employ fast flux techniques to obfuscate the specific host involved in their phishing schemes. A fast-flux domain name service enables bots to utilize a shifting number of compromised hosts. Firewall Firewalls are configured (in hardware, software, or both) with specific criteria to block or prevent unauthorized access to a network. Hacker The term “hacker” generally refers to any person who enjoys understanding, modifying, and exploring programmable systems, particularly computers and computer systems. “Hacker” has been used to describe individuals who bypass security measures for malicious purposes or criminal activity; however, most people within the hacker community refer to these individuals as “Crackers.” Hacktivism Hacktivism is a term that combines the terms “hacker” and “activism” and generally means the use of technical tools, including denial of service attacks, virtual sit-ins, web page defacement or redirects, to showcase a political message through either illegal or legally ambiguous methods. Heap Spraying Heap spraying refers to the attempt to insert code into a predetermined location. This technique is often behind the exploits of vulnerable browsers. Heuristics Heuristics refers to an experimental method of problem solving. The rapid production of malware necessitates such a quick-fix approach to solutions. “In the Wild” A virus is said to be “in the wild” if it is spreading uncontained among infected computers in the general public. A virus being studied in a controlled environment for research purposes would not be considered “in the wild.” Keylogger A keylogger, also known as keystroke logging or keylogging, is a method of tracking the strokes on a keyboard without the knowledge of the user. This information is collected and used to access private accounts or collect personal information. Keyloggers can come in the form of software, hardware, or external monitoring such as acoustic analysis. Macro Virus A macro virus is a computer virus written in the same macro language used for software applications like word processors. Its effect is to release a chain of events in conjunction with the application. Microsoft Word is an example of an application susceptible to macro viruses; this explains why it is a bad idea to open suspicious or unknown attachments even if they may appear legitimate. Malware Malware is an abbreviated term meaning “malicious software.” This is software that is specifically designed to gain access or damage a computer without the knowledge of the owner. There are various types of malware including spyware, keyloggers, true viruses, worms, or any type of malicious code that infiltrates a computer. Generally, software is considered malware based on the intent of the creator rather than its actual features. Patch Tuesday Patch Tuesday refers to the second Tuesday of each month when Microsoft releases security fixes and patches developed and discovered over the previous month. Windows systems from Windows 98 on have included automatic checks for patches to avoid any concerns. Pharming Pharming refers to an attempt by a hacker to redirect a website’s traffic to another site, developed for the purpose of stealing information from users. Hackers can exploit vulnerabilities in either the host files on a personal computer or on the domain name system (DNS) server software. DNS servers work to direct information on the internet, similar to a road map for traffic. Compromised DNS servers are referred to as “poisoned.” Phishing Phishing refers to an attempt by a hacker to obtain confidential information about a user through fraudulent means; specifically by pretending to be a legitimate communication from a credible source. In a typical phishing scheme, a spam email will direct a reader to an external website, often with a masked URL. When the user inputs his or her information, it falls into the hands of the cybercriminal. Ransomware Ransomware is a category of malware that demands some form of compensation, a ransom, in return for data or functionality held hostage. For instance, ransomware might change Proxy settings in a browser to limit web use, making it difficult to find a solution to remove a computer virus. Rogue Security Software Rogue security software, or “scareware,” masquerades as genuine security software, while in actuality reporting incorrect results of fake malware scans. Most people are tricked into installing rogue security software when a pop-up window appears on their screen informing them that their computer may be infected, or as a result of SEO poisoning. Rootkit A rootkit is a type of software designed to hide the fact that an operating system has been compromised, sometimes by replacing vital executables. Rootkits allow viruses and malware to “hide in plain sight” by disguising as necessary files that your antivirus software will overlook. Rootkits themselves are not harmful; they are simply used to hide malware, bots and worms. Script Kiddie A script kiddie is often, but not always, a juvenile hacker; an attacker who uses scripts or programs developed by more sophisticated cybercriminals. Oftentimes the underlying motivation for a script kiddie’s attack is simply to garner the attention of peers. Search Engine Poisoning Search engine poisoning exploits the use of search engines to spread malware and viruses.