Definitions

Attack Vector: Is the way the attacker gains access to a target. The most common of these are malicious emails but many more exist and are discovered all the time.

BackDoor: Is a bypass allowing a Malicious user to connect to the target machine without permission from the target. These can be in the form of default username and passwords baked into the machine or a malicious download that opened a connection for the malicious user.

BlackHat: Is a term referring to a hacker who hacks for personal gain. The term refers to the old western movies where the good guy would wear a white hat and the bad guys would wear a Blackhat.

Banker: Refers to a malicious file that attempts to steal bank information from the user.

Command and Control: refers to code under a attackers control that listens for messages and replies with commands for the malware to execute. For example, a piece of malware infects a windows computer and detects that the user uses chrome but not firefox. It messages its C&C asking what it should do and the C&C decides that it should only run the Chrome information stealer command rather than execute all of its commands. After the malware sends the information it gathered back to the C&C server.

Domain squatting/cybersquatting: refers to holding or squatting on a misspelled or visually similar web address to trick victims into visiting and trusting the site.

Downloader: Refers to a software that Maliciously downloads another file from the internet and then executes it.

Dropper: Refers to a software that has a malicious file residing inside of it which is extracted and then ran.

Keylogger: A piece of software designed to record every key pressed on your keyboard, mostly used to steal your usernames and passwords.

Mal-Spam: (malicious-Spam) is a technique used by attackers where they send out emails pretending to be something you would expect to receive. This is a very common attack.

Phishing: fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity. Normally done over email or instant messaging.

Ransomware: A type of malware which encrypts your files, effectively holding your documents hostage until you pay to get them unlocked.

RootKit: A type of malware that abuses Operating systems trust of certain key often low level aspects so as to gain persistence and become harder to remove.

Supply Chain Attack: A attack Vector involving malicious attackers gaining access to trusted software and injecting there own code inside of it. Allowing them to bypass many security checks.