Total Defense
Security Glossary
Search our glossary to learn more about online security and anti-virus terms.
Anti-Virus Software
Antivirus software, or anti-virus software (abbreviated to AV software), also known as anti-malware software, is a computer program employed to prevent, detect, and remove malware from devices. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other kinds of malware, high quality antivirus software has started to provide protection from many other kinds of emerging computer threats.
Adware
A type of software that downloads or displays unwanted ads when a user is online or redirects search requests to certain advertising websites.
Authentication
The procedure of confirming the identity of a user or device in order to give access to a system or network. The authentication process is used to validate that the information a user provides is true. This process is a large part of the digital age to maintain privacy on potentially vulnerable networks.
Backdoor
Method that a third party uses to bypass security systems, such as authentication or encryption. Hackers will install malware to gain access to private data within a program or computer system
Bitcoin
Bitcoin is a cryptocurrency. It’s a decentralized digital currency without a central bank or single administrator that can be sent from user to user on the peer-to-peer bitcoin network without the need for intermediaries. Transactions are confirmed by network nodes via cryptography and recorded in a public distributed ledger called a blockchain.
Blockchain
Blockchain was created to keep track or support Bitcoin cryptocurrency. It’s the technology that keeps record of transactions made in cryptocurrency processes. Blockchain is a decentralized, public digital ledger that is used to manage the cryptocurrency database
Botnet
Networks of computers infected by malware and controlled remotely by cybercriminals, usually for financial gain or to launch attacks on websites or networks. Many botnets are designed to harvest data, such as passwords, Social Security numbers, credit card numbers, and other personal information.
Breach
Breach refers to a security incident in which confidential information is compromised by an unauthorized individual or network. Data or security breaches occur when a third party accesses any private information illegally.
Browser
An application used to access and navigate the web. The browser is the vehicle used to locate web pages. Commonly used browsers include Internet Explorer, Chrome and Mozilla Firefox.
Cloud
A large network of information stored on the internet instead of a computer hard drive. Cloud computing simply refers to pay-for-use storing and sharing data over the internet as opposed to outdated methods such as CDs or flash drives.
Cookie
When you browse the Internet, information about your computer may be collected and stored. This information might be general information about your computer (such as IP address, the domain you used to connect (e.g., .edu, .com, .net), and the type of browser you used). It might also be more specific information about your browsing habits (such as the last time you visited a particular web site or your personal preferences for viewing that site).
Cryptocurrency
Unlike other currencies, cryptocurrency operates independently of a central bank and uses encryption techniques and blockchain technology to secure and verify transactions.
Cryptojacking
Cryptojacking occurs when malicious cyber actors exploit vulnerabilities—in webpages, software, and operating systems—to illicitly install cryptomining software on victim devices and systems. With the cryptomining software installed, the malicious cyber actors effectively hijack the processing power of the victim devices and systems to earn cryptocurrency. Additionally, malicious cyber actors may infect a website with cryptomining JavaScript code, which leverages a visitor’s processing power via their browser to mine cryptocurrency
Cryptomining
Cryptocurrency mining, or cryptomining, is simply the way in which cryptocurrency is earned. Individuals mine cryptocurrency by using cryptomining software to solve complex mathematical problems involved in validating transactions. Each solved equation verifies a transaction and earns a reward paid out in the cryptocurrency. Solving cryptographic calculations to mine cryptocurrency requires a massive amount of processing power.
Cyberattack
A cyberattack is any type of offensive maneuver employed by nation-states, individuals, groups, society or organizations that targets computer information systems, infrastructures, computer networks, and/or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system.
Cyberbullying
Cyberbullying refers to practice of using technology to harass, or bully, someone else. Bullies used to be restricted to methods such as physical intimidation, postal mail, or the telephone. Now, developments in electronic media offer forums such as email, instant messaging, web pages, and digital photos to add to the arsenal. Computers, cell phones, and PDAs are current tools that are being used to conduct an old practice. Forms of cyberbullying can range in severity from cruel or embarrassing rumors to threats, harassment, or stalking. It can affect any age group; however, teenagers and young adults are common victims, and cyberbullying is a growing problem in schools.
Cybercrime
Cybercrimes are crimes committed by way of computers or the internet. Cybercriminals are commonly referred to as hackers. Cybercrime is criminal activity involving identity theft, phishing, cyberstalking, or any illegal action taken to either target computer networks or use computer networks as a means to carry out the crime.
Cybersecurity
It seems that everything relies on computers and the internet now—communication (e.g., email, smartphones), entertainment (e.g., digital cable, mp3s), transportation (e.g., car engine systems, airplane navigation), shopping (e.g., online shopping, credit cards), medicine (e.g., medical equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else’s system? Cybersecurity involves protecting that information by preventing, detecting, and responding to cyber attacks.
Data Breach
Breach of secured information or private information that was accessed without authorization. Cybercriminals have been known to target large organizations in order to infiltrate network security, uncovering a mass amount of consumers’ sensitive information.
Digital Asset Protection
Simply put, digital asset protection is the system of protecting one’s digital assets. Digital assets can include any form of digitally stored content, such as photos, emails, audio files, word processing documents, online financial services, cryptocurrency and more. Software to protect your digital assets is a must in our modern digital world.
Digital Threats
A cybersecurity or computer security threat to a computer system or network. The possibility of disrupting a computer network by infiltrating and tampering with personal data. Threats may or not come to fruition, but they are one of the many dangers of the digital age.
Domain
Domains are defined by their IP addresses. A domain is a central security database that is made up of a group of computers or devices that share the same domain. Domain Name Servers (DNS) are simply a directory that your device uses to translate into IP addresses, or web pages.
DoS – Denial of Service
A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network. A denial-of-service is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users. DoS attacks can cost an organization both time and money while their resources and services are inaccessible.
DHCP – Dynamic Host Configuration Protocol
DHCP, or dynamic host configuration protocol, is a server that automatically assigns an IP address to the IP host, or device. The DHCP manages the network’s IP addresses in one central place, called the DHCP server.
Encryption
In basic terms, encryption is a way to send a message in code. The only person who can decode the message is the person with the correct key; to anyone else, the message looks like a random series of letters, numbers, and characters. Encryption is especially important if you are trying to send sensitive information that other people should not be able to access. Because email messages are sent over the Internet and might be intercepted by an attacker, it’s important to add an additional layer of security to sensitive information.
End-to-end Encryption
End-to-end encryption locks your messages like a secret vault, only accessible by you and the person you’re talking to. Nobody else, not even the app you use, can eavesdrop!
Ethernet
Ethernet cables connect wired local area networks (LANs) for the purpose of linking multiple devices together so they can access data sent back and forth. Ethernet allows devices to communicate with each other within the same local network.
Exploit
An exploit is a method used by hackers to obtain unauthorized access to private information stored on computers. Exploits are attacks on computer systems that take advantage of vulnerabilities. For example, they are commonly incorporated into malware.
Firewall
Firewall software is used to block unauthorized access to a computer system. All incoming and outgoing network traffic is monitored through a firewall so that it can block suspicious activity that does not abide to a defined set of security rules.
Hacker
Hackers are individuals who illegally obtain access to private computer systems to steal data or destroy information. Hackers utilize a variety of methods gain access to private computer systems without consent. Hackers are commonly experts at programming, using their skillset to commit cyber crimes.
HTTPS – Hyper Text Transfer Protocol Secure
Hyper Text Transfer Protocol Secure (HTTPS) is a web transfer protocol that provides a secure connection between the browser and the website. The “S” at the end of HTTPS stands for secure, while HTTP is another web transfer protocol that is not secure. HTTPS encrypts and decrypts through a secure socket layer ( SSL) or transport layer security (TLS) connection.
Identity Theft
Identity theft refers to the act of illegally obtaining someone else’s identity or personal data without permission for personal or financial gain. Individuals who perform identity theft typically do it with an intent to commit crimes such as accessing bank accounts, applying for credit cards, using social security numbers or obtaining driver’s licenses.
Incident response
Incident response is like a digital SWAT team! It’s a plan to quickly identify, contain, and recover from cyberattacks, minimizing damage and getting you back online safely. ️
IoT – Internet of Things
IoT, or Internet of Things, refers to the expansion of Internet connectivity to any external device. IoT has allowed many devices, such as coffee makers, washing machines, home security systems or refrigerators, to become “smart” devices. Any electronic device that has an on/off switch can essentially become part of the Internet of Things.
IP Address
Each individual computer has its own Internet Protocol Address (IP Address), which differentiates it from the rest. This numerical label gets assigned to any computer device that is connected to the Internet or local network. Computer systems can use IP Addresses to recognize other computers that are also connected through the Internet protocol. An IP Address is assigned using a unique set of numbers separated by periods.
ISP – Internet Service Provider
ISP stands for Internet Service Provider and refers to companies that provide access to the Internet. Examples of ISPs include Comcast/Xfinity, AT&T or Verizon. Any time your device is connected to the Internet, whether in public, at work or at home, the connection gets routed through your ISP.
JavaScript
JavaScript is a sophisticated computer programming language typically used by web developers. This scripted language was originally developed by Netscape and it’s commonly used to create interactive websites, allowing client-side script to perform certain functions. JavaScript can detect the user’s browser, give the user control of the browser and create dynamic web pages.
Keylogger
Keyloggers, short for keystroke loggers, are usually part of cyber attacks such as malware, spyware or viruses. Keylogger refers to a software that tracks and records consecutive key strokes on a keyboard to access personal information. Keyloggers can use hardware or software to obtain access to passwords and usernames that are frequently entered on a user’s keyboard, only to use the information to commit cybercrimes.
Latency
Latency refers to a delay in data communication over a network, or a delay in the total time it takes for data to get transferred from one location to the next over the internet. Internet speed is heavily affected by latency and can vary from one system to another.
LTE
LTE, or Long Term Evolution, is a 4G wireless broadband technology. LTE and 4G are often used interchangeably, however, LTE is a subcategory of 4G and the most common 4G standard. LTE was created to perform up to 100 times faster data transfer speeds than 3G network speeds.
Macro
Macro, short for macroinstruction, is an automated pattern that translates an input sequence of characters to a preset output sequence. Macros are meant to make the computer user experience more efficient, allowing users to enter a single character that will perform a larger series of actions.
Malware
Malware, short for “malicious software,” includes any software (such as a virus, Trojan, or spyware) that is installed on your computer or mobile device. The software is then used, usually covertly, to compromise the integrity of your device. Most commonly, malware is designed to give attackers access to your infected computer. That access may allow others to monitor and control your online activity or steal your personal information or other sensitive data.
Mobile Networks
Mobile networks, also referred to as cellular networks, are large radio networks connected by base stations, or fixed location transceivers. The network encompasses land called cells. Mobile networking supports data and voice networking connectivity for cellular devices.
Mobile Security
Mobile security is a broad term that refers to keeping mobile devices safe from viruses, corrupted apps, and destructive malware. Mobile security software can secure personal and business information stored on your mobile device, such as a smartphone or tablet, by detecting and blocking threats like phishing attacks, mobile spyware and unsecured Wi-Fi.
Multi-factor authentication (MFA)
MFA adds an extra layer of security like a secret handshake. It’s not just a password, you also need a code from your phone or another device to log in. Double the protection, double the peace of mind!
NFT – Non-Fungible Token
A non-fungible token (NFT) is a financial security consisting of digital data stored in a blockchain, a form of distributed ledger. The ownership of an NFT is recorded in the blockchain, and can be transferred by the owner, allowing NFTs to be sold and traded. NFTs can be created by anybody, and require few or no coding skills to create. NFTs typically contain references to digital files such as photos, videos, and audio. Because NFTs are uniquely identifiable, they differ from cryptocurrencies, which are fungible. The market value of an NFT is associated with the digital file it references.
Online Internet Security
Online Internet security refers to the process of protecting sensitive information on computers, laptops, tablets, smartphones or any personal/business device by preventing, detecting, and responding to cyber attacks over the Internet. Internet Security programs can be installed with real-time and on-demand scanning engines so users don’t have to worry about their personal data being compromised.
P2P – Peer to Peer
P2P, which stands for Peer to Peer, are computer systems connected to each other with equal permissions to share and process data. When connected through P2P, the buyer and seller interact directly without a third party being involved in the transaction. Examples of P2P services are Airbnb, Etsy and Uber. Not all P2P systems involve money being exchanged, however. There are some that bring individuals together to work collaboratively or share information without intermediation from a central server.
Personally Identifiable Information – PII
Personally Identifiable Information (PII)is any private information that could be used to identity an individual. Hackers who get a hold of an individuals’ PII, such as bank information or social security numbers, can use it fraudulently for their own financial gain. Keeping your PII safe and secure will ward off identity thieves.
Phishing
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
Privacy Policy
Privacy policies refer to legal requirements companies take on to ensure their clients’ information remains private. Reading through a privacy policy will disclose and help clients understand how their private information is being handled, i.e. the nature, purpose and use of the information once it’s shared.
Proxy Server
A proxy server is an intermediary server between a computer and the Internet. Proxy servers allow client computers access to web browsing to other networks, usually anonymously. Proxy servers can be dangerous if hackers get permission to use them to gain access to private passwords and personal information.
Ransomware
Ransomware is a type of malware that infects a computer and restricts access to it until a ransom is paid by the user to unlock it. Even when a victim pays the ransom amount, the stolen files could remain locked or be deleted by the cybercriminal.
Rootkit
Rootkit is a type of malware that opens a permanent “back door” into a computer system. Once installed, a rootkit will allow additional viruses to infect a computer as various hackers find the vulnerable computer exposed and compromise it.
Scam
Scams refer to illegal schemes performed by a dishonest individual or group to get access to property or information that doesn’t belong to them for their financial or personal gain. Computer scams are carried out by hackers committing cybercrimes, usually to get money out of the victim.
Security awareness training
Security awareness training is like bootcamp for your brain! It teaches you how to spot cyber threats, protect your data, and stay safe online. Think superhero training, but for the digital world!
Social Engineering
Cybercriminals perform social engineering techniques such as phishing, baiting and spear phishing to manipulate their targets into disclosing personal information. Social engineering relies on human interaction to get access to the confidential information they need to commit cybercrimes.
Spam
Spam refers to junk email, text messages or other cyber-based messages sent individually or to a large group of intended targets. Spam is unsolicited and considered an Internet etiquette faux pas, usually in the form of unwanted advertisements.
Spear Phishing
Spear phishing is a type of phishing method that intentionally targets individuals or organizations to gain unauthorized access to private data for criminal intent. Spear phishing is a sub-set of the broader term of phishing, which does not target anyone specifically but instead targets a group of people at once in hopes of accessing private information.
Spoofing
Spoofing is a sophisticated technique used by cybercriminals in which communication is sent to the victim by an unknown source, disguised as a trusted source. The process of spoofing refers to tricking or deceiving computer users or systems into thinking they’re sharing information with a business or individual they know.
Spyware
Spyware is a type of malware that quietly gathers a user’s sensitive information (including browsing and computing habits) and reports it to unauthorized third parties.
Torrenting
Torrenting is a file-sharing protocol that allows users to connect and share content like music or movies using BitTorrent protocol. Each computer user that uses BitTorrent to download files uses the web page’s central server instead of relying on a single website or source for the files, allowing a large amount of computer users to connect and share content.
Trojan
A Trojan is a type of malware that disguises itself as a normal file to trick a user into downloading it in order to gain unauthorized access to a computer.
Two-Factor Authentication
Two-factor authentication is a method of confirming users’ claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are. A good example of two-factor authentication is being frequently used on gmail.com. Every fresh login would ask for the password and a system generated one-time password sent on the registered mobile number or email-id.
Virtual Private Network – VPN
A VPN, or virtual private network, creates a secure connection to a public network on the Internet. For example, businesses will use a VPN to provide a safe connection to a less secure, public network, maintaining a level of privacy through a series of protocols, whether employees are in the office or at home.
Virus
Virus is a program that spreads by first infecting files or the system areas of a computer or network router’s hard drive and then making copies of itself. Some viruses are harmless, others may damage data files, and some may destroy files entirely.
Vulnerability
Computer vulnerability refers to a flaw in a computer system that can be exploited by a hacker or cybercriminal to carry out illegal actions they wouldn’t have otherwise been exposed or privy to. Vulnerabilities can be classified as any weakness in a computer system that leaves it open for an attack. By eliminating vulnerabilities, hackers have less of a chance to penetrate your system and access your private information.
Wide Area Network – WAN
Wide Area Networks (WANs) are computer networks that cover a large geographical area, such as between cities or countries. WANs are often comprised of two or more LANs, or Local Area Networks, and are often used to link LANs. With more geographical space in a WAN, they’re known to run slower than LANs. Examples of WANs are telephone networks or satellite links.
Worm
A worm is a type of malware that replicates itself over and over within a computer. Most cybercrime starts with malware. Cybercriminals use it to access your computer or mobile device to steal your personal information like your Social Security number, passwords, credit card information, or bank account information, to commit fraud. Once cybercriminals have your personal information, they use the data for illegal purposes, such as identity theft, credit card fraud, spamming, and spreading malware to other machines.
Zero-Day Attack
A zero-day (also known as 0-day) vulnerability is a computer-software vulnerability that is unknown to those who would be interested in mitigating the vulnerability (including the vendor of the target software). Until the vulnerability is mitigated, hackers can exploit it to adversely affect computer programs, data, additional computers or a network. An exploit directed at a zero-day is called a zero-day exploit, or zero-day attack. Even after a fix is developed, the fewer the days since Day Zero, the higher is the probability that an attack against the afflicted software will be successful, because not every user of that software will have applied the fix. Zero-day attacks are a severe threat.
Zero Trust Security Model
Zero trust is like a super strict bouncer, checking everyone’s ID, even regulars! No one gets in without proving they’re legit, inside or outside the network. Every access request gets the third degree, keeping your data safe and sound.
4G
4G is the fourth generation broadband technology, replacing the previous 3G technology. 4G became available in 2009 and superseded 3G with faster data transfer speeds.
5G
5G refers to the fifth generation broadband technology, replacing the previous 4G technology. As of 2019, 5G is explained to have up to 100 times faster data transfer speeds than 4G technology and currently the newest data technology system. 5G will have higher speed, lower latency and the capability to connect more devices at one time.
Total Defense
Internet Security and Safety Center
Helpful tips and articles with practical steps you can follow to improve your online safety
Total Defense Security Tip of the Day
11.20.24
iMessage isn't always the safest choice for sensitive conversations
iMessage is a convenient way to stay connected with friends and family. However, it's important to be aware of its potential security risks.
The Man-in-the-Middle Threat:
One of the primary concerns with iMessage is its susceptibility to "man-in-the-middle" attacks. In this type of attack, a malicious actor can intercept and potentially modify your messages. While Apple employs strong encryption, it's essential to be cautious, especially when discussing sensitive information.
When to Exercise Caution:
- Sensitive Information: Avoid sending highly sensitive information, such as financial details or social security numbers, via iMessage.
- Public Wi-Fi: Be mindful when using iMessage on public Wi-Fi networks, as these networks are less secure and more vulnerable to attacks.
Alternative Secure Messaging Apps:
If you need to have a highly secure conversation, consider using a dedicated messaging app with end-to-end encryption. Some popular options include:
- Signal: A highly secure messaging app that prioritizes privacy.
- WhatsApp: Offers end-to-end encryption for individual chats and group chats.
- Telegram: Provides robust security features, including secret chats with self-destructing messages.
Tips for Secure Messaging:
- Verify the Recipient: Always double-check the recipient before sending sensitive information.
- Be Wary of Phishing Attempts: Be cautious of suspicious messages or links, even if they appear to be from a trusted source.
- Keep Your Software Updated: Regularly update your device's operating system and messaging apps to address security vulnerabilities.
- Use Strong Passcodes: Set a strong passcode for your device to protect your messages and other sensitive data.
- Be Mindful of What You Share: Avoid sharing personal information, such as your home address or financial details, over messaging apps.
By understanding the potential risks and taking these precautions, you can use iMessage safely and securely.