Cybersecurity Glossary

To implement effective cybersecurity solutions built for the digital world, it’s important to understand common industry concepts and definitions. This glossary provides you with cybersecurity terms to be aware of as you look to protect your organization against cyber threats.

What is an account takeover (ATO)?

Account takeover (ATO) is when a hacker successfully takes ownership of one or multiple online accounts.

Read more ›
What is an advanced persistent threat (APT)?

An advanced persistent threat, or APT, is a type of cyberattack in which one or multiple threat actors gain unauthorized access to your systems or network for an extended period of time without being detected. Typical targets of APTs are large businesses and government organizations, since the scope of their systems is so large that detecting a seemingly small threat goes under their radar. Once an APT occurs, individuals can deepen their access to your systems and cause serious damage. Consequences of a successful APT include loss of sensitive information, intellectual property theft, malware viruses, and total site takeovers.

What is barrel phishing?

Also referred to as “double-barreled” phishing, barrel phishing is a more sophisticated form of phishing that involves two emails. The first email—often referred to as the “bait email”—attempts to establish a relationship with the recipient or trick them into believing the sender is a trusted source. Once the recipient’s guard is lowered, they’re sent a follow-up email where the actual phishing occurs, usually in the form of malicious links.

Read more ›
What is a botnet?
Botnet, short for “robot network,” is a compromised network of connected devices. The infected devices are controlled remotely by a threat actor to carry out malicious activities, such as launching distributed denial-of-service (DDoS) attacks, sending spam and phishing campaigns, carrying out brute force attacks, and more. Botnet attacks continue to rise with the growth of unsecured IoT devices, creating vulnerabilities for cybercriminals. Emotet, the infamous malware, is an example of a botnet.
What is brand impersonation?

Brand impersonation is a type of email phishing attack where cybercriminals pose as a trusted brand to dupe victims and steal their data. Also known as brand spoofing, this cyberattack uses an email that looks like it’s from a recognizable brand to trick recipients into clicking a link or downloading an attachment containing malware. Some of the most impersonated brands include Facebook, Microsoft, Google, and PayPal.

Read more ›
What is brute force?

Brute force refers to an attack that aims to gain unauthorized access to an account or encryption key. The attack method uses a trial-and-error approach in which hackers attempt to guess password combinations. Brute force attacks can be used to launch a host of malicious activities, such as harvesting data, spreading malware and ransomware, diverting website traffic, and more. While brute force attacks have existed for many years, they’ve grown more sophisticated with the aid of software that enhances the speed and accuracy of this kind of attack. Common protections against brute force attacks include anti-virus software, anti-phishing solutions, anti-malware and ransomware solutions, good cyber hygiene, and user awareness training.

Read more ›
What is Business Email Compromise (BEC)?

Business Email Compromise (BEC) is a type of spear phishing attack in which a person impersonates a well-known contact of an employee in an attempt to have them transfer funds, reveal sensitive information, or carry out other harmful actions.

Read more ›
What is CEO fraud?

CEO fraud is when a hacker impersonates a senior executive within an organization and attempts to dupe employees into providing sensitive company information, sharing account credentials, or transferring funds.

Read more ›
What is clone phishing?

Clone phishing uses a duplicate or “clone” copy of an email from a trusted source to deceive the recipient. Instead of creating their own email, the hacker duplicates an existing email from a well-established brand to lure their victims. The email is typically either one the recipient has received in the past or at least isn’t surprised to be receiving. The legitimacy of the cloned email tricks recipients into clicking on malicious links or giving up sensitive information.

Read more ›
What is a cloud access security broker (CASB)?

A cloud access security broker, or CASB, protects companies using cloud-hosted services and applications. CASBs act as a firewall between enterprise users and their cloud applications—managing and protecting the data being accessed and stored there. Cloud access security brokers can either be on-premise or cloud-based and fill any gaps in security to allow a company’s security policy to extend beyond their own infrastructure to cloud-based applications.

Read more ›

Ready to choose Vade for M365?