Our Glossary contains many terms that may be used throughout the ESG website in addition to the software applications that we offer. This Glossary will assist you on defining many technical terms used to describe various computer security-related aspects.
Below are common online security terms in alphabetical order:
Small applications that add interactive functions and features to web pages. ActiveX can be used for multimedia and animation effects in addition to being used to display pop-ups or applied to desktop applications and software development tools. ActiveX is usually automatically installed and activated without computer user interaction or permission allowing malicious code to be installed initiated in some cases.
Programs designed to display or launch advertisements. Displays advertisements in the form of pop-ups, image banners or text banners. Adware programs are built into other shareware or freeware applications. Trojans can download and install malicious adware programs automatically without the computer users permission. Web browser vulnerabilities are also used to download and install adware programs silently.
An alternative Trojan, virus or other malware name used by other anti-virus or anti-spyware vendors. A security organization may give a computer parasite a different name for a specific computer virus.
A program that can be installed onto a computer consisting of executable, data, DLL files and registry settings. Most applications are accompanied by install and uninstall files.
An assault that causes damage or theft of stored data. Some attacks may result in sabotage of a computer network.
Automatic Download Software
An application used to download and install software without permission or interaction from the computer user.
Remote control software that allows an attacker or third part to gain access to the infected computer. Backdoors can compromise a victim’s computer allowing theft of personal information. Trojans are considered to be Backdoor infections as they bypass security mechanisms.
An application or process that continually runs without intrusion, visible windows or user interfaces visible to the computer user. Malicious applications can run in the Background without alerting the computer user of its operation.
A batch or sequence of commands carried out by a file that contains operating system commands. The .bat extension is used for batch files. Batch files are compatible with Windows operating systems.
A small piece of software stored on the motherboard of a computer providing basic functions to the operating system or functionality of the system.
A list of web addresses or e-mail messages that are believed to be malicious in content or known to send spam messages.
A disk containing specific files or programs that allow a computer to startup. A boot disk can be in the form of a bootable CD, floppy disk or physical hard drive. Boot disks are usually required to effectively remove viruses with an antivirus application.
A part of the boot area or files that contain the instructions needed to start up a computer. Boot records are infected by viruses allowing a virus to install itself into memory during startup.
Boot sector infector
A type of virus that corrupts the boot sector on a drive or disk allowing the virus to load into memory at startup. This type of virus is known to spread very quickly.
A group of networked computers pre-programmed to automatically perform actions such as send out spam messages. A botnet can send out thousands of spam messages from a single computer.
Browser Helper Object (BHOs)
A type of Dynamic Link Library (DLL) file that Internet Explorer allows to alter or modify the way it acts or functions. A BHO can include adding menu items, toolbars and the modification of HTML data.
Programs that replace the set browser home page, search results page, error page, search page or other browser content with unexpected or unwanted content.
A software component that interacts with a Web Browser application that provides additional functions or capabilities otherwise not included in the browser. Types of browser plugins can include ActiveX Controls and Browser Helper Objects.
A practice of distributing multiple pieces of software or files together. In some cases unwanted software is distributed spreading malicious applications or parasite infections through a bundle without notice or consent to the computer user.
An electronic document that contains and proves the identity of a website. Certificates are used to prove weather a website is authentic and contains a user’s name and public key.
A piece of data that a website uses to save on the hard drive for retrieval during visits to the a specific website. Unique identifiers are used by some cookies linking information such as registration, login data, user preferences, shopping care info etc.
Denial of Service (DoS) attack
Concentrated efforts to make a computer resource or website unavailable to its intended users. DoS attacks consist of bombarding the target machine with a large amount of external communication requests preventing normal traffic from accessing the machine or source.
Programs that use a computer’s modem to make calls or access services. Dialers can contact malicious sources where the download of unwanted files or theft of personal information can occur.
Distributed Denial-of-Service (DDoS) Attack
In addition to a DoS attack this is a processes involving botnets or a group of compromised systems to make a resource or website unavailable to its intended users.
An application designed to download and install files in an automated process. Unwanted files or applications can be downloaded by downloaders potentially infecting a computer with a parasite.
An automatic download of software or files when a specific website is visited. This process is typically performed by exploiting security holes or modified security settings on a specific computer.
Applications used to remotely control a computer for malicious actions such as sending spam messages or running DDoS attacks.
Malicious file that carries a Virus or Trojan infection dropping it onto a specific computer for malicious intent.
End User License Agreement (EULA)
A legal agreement or contract between the author and user of a particular program. The software license specifying the parameters and limitations of use of an application.
Software that takes advantage of a vulnerability within a user’s system for gaining access to the system.
Tools or programs used by a hacker to gain access to a computer so it can be attacked. Hacker tools are commonly used to gain information or access hosts bypassing security mechanisms put in place for protection. Also they are used to disable a computer preventing normal use.
Software that modifies a computer without notice or consent to the user. Normally hijackers modify browser setting changing the home page or redirecting users to unwanted web pages.
A file used to look up the IP address of a device connect to a computer network. Parasites may use host files to redirect computer users to malicious websites.
Keylogger (or Keystroke Logger)
Tracking software that records keyboard activity. A Keylogger can essentially compromise logins and passwords where they are transmitted to a remote user. Some Keylogger software is legitimate but is mostly used for malicious actions leading to identity theft.
Malicious Software programs that are designed to perform unwanted actions or compromise your system. Popular examples of malware include Viruses, Trojans and unwanted programs.
Master Boot Sector virus
A virus infection affecting the master boot record on a hard drive or disk. This type of virus infection loads into memory at boot before an antivirus application is able to detect or remove it.
A one-way operation hash function transformed into a shorter, fixed–length value. Verifies the data integrity by performing a hash operation on the data after received. No two or more strings will produce the same hash value.
Criteria used by anti-spyware companies determining behavioral factors in consideration of a process.
A program used to compress a group of files and encrypt the original code. Packers perform this process to prevent matching the memory image of a file so that it may be difficult to detect.
Software designed to decrypt a forgotten, lost or unknown password. Password Cracker identifies a password by running a brute-force attack, a method of testing each character combination to find the password. If used for illicit purposes a Password Cracker could pose a serious security and privacy risk.
Fraudulent activity that acquires personal information such as credit card numbers, social security numbers and passwords. Phishing comes in the forms of email and websites. A phishing website has a faux interface that usually resembles a legitimate site that the computer user is not able to identify in most casts. A phishing email message usually spoofs a legitimate sender or company that the computer user identifies as legitimate.
A security software used to discover the computer network services a remote system provides.
Potentially Unwanted Program (PUP)
A program that performs malicious actions and compromises the security and privacy of a computer.
A notice that is legally binding providing how a company deals with personal information of a user. Privacy Policies disclose how the uses of data, including secondary data, is used and shared with other parties.
A database used by an operating system that stores certain user information, settings and license information about all installed hardware and software on a computer.
Individual entries in the Registry that includes values for specific settings of installed programs. Registry keys are susceptible to be changed by computer infections which can impact the usability of your computer.
Remote Access/Administration Tool (RAT)
A program that allows remote access of a system. If used by attackers, a remote access program can be used to install unauthorized programs or perform malicious actions.
Remote Control Software
Any type of application used to give remote access of a computer.
An application that maliciously gains and/or maintains administrator level access without detection. Rootkits can be used to create a Backdoor where a computer could be compromised. Once a program has gained access it can be used to record keystrokes and monitor internet activity thus stealing personal information.
Scams are usually referred to as a form of fake email messages that mislead computer users promising material or luck to future recipients of the message. Scams are also associated with money-based hoaxes or far-fetched promises.
Screen Scrapers/Screen Capturers
A type of tracking software that records desktop activity in addition to keystrokes. Screen Capture programs are used to record videos of on-screen computer activity for viewing at a later time. If used for malicious purposes a screen scraper or screen capture program can lead to theft of personal information.
SkypeSkraping is a computer exploit in the Skype application that allows attackers to take control over another person’s account.
Junk mail or email messages that are unwanted or unrequested. Spam is usually sent to multiple recipients advertising products. Spam messages also include emails containing malicious attachments that if opened could infect the recipients computer.
A method of faking an email address, IP or legitimate website to acquire personal information or access to a secure system.
Tracking applications that send information about personal details without the computer user’s permission. The use of common spyware is to emulate commercial software impairing a users ability to control their computer and greatly affect system security.
A type of tracking software that monitors computer activity. If used by attackers a system monitor program could be used to compromise a user’s computer thus stealing personal information such as passwords, visited websites, emails and bank account numbers.
A type of cookie used for tracking users’ web surfing habits. Tracking Cookies are typically used by advertisers analyzing data for marketing purposes. Tracking Cookies used for malicious purposes could arm an attacker with a text file containing details on a computer user’s internet activity.
Computer software that monitors a computer user’s behavior and actions including recording personal information.
A malicious program that appears to be legitimate and do certain action but actually performs another. Trojans are mostly downloaded from websites or P2P communication.
The computer owner or assigned system administrator. This is the person who mainly operates and has full access to the computer.
A dangerous program containing code that replicates a copy of itself.
A virus that creates a copies on other drives or networked computers to perform malicious actions.