Cybersecurity Glossary

A mail exchange (MX) record exists within your DNS (Domain Name System) and is responsible for the delivery of emails to your email server. The MX record establishes which mail server to route emails to on behalf of a domain. MX records are an important security vulnerability with traditional email security solutions. Secure email gateways (SEGs) require you to update your MX records to match that of the SEG. Because MX records are publicly visible, this alerts cybercriminals to the type of email security you are using—making you more vulnerable to a bypass attempt by hackers.

Natural Language Processing (NLP) is a field of computer science that uses Machine Learning to teach computers to process and understand human language. Natural Language Processing analyzes text and is used in cybersecurity to detect threats. NLP algorithms can identify the urgent language used in social engineering attempts, as well as the flag words and phrasing typically used in spear-phishing attacks, also known as business email compromise (BEC).

Network vector rendering (NVR) is a type of remote browser isolation (RBI) that leverages Skia, the graphics library that works across many browsers, hardware, and software platforms. Unlike pixel pushing or DOM reconstruction, NVR streams Skia commands—rather than website code—to the user’s local device. While less costly than some pixel pushing solutions, NVR leaves the risk of exposure to cyberthreats as it uses partial web isolation.

Also known as a man-in-the-browser (MiTB) attack, an on-path browser attack deploys a Trojan Horse to capture and manipulate calls made from the browser to its security mechanisms. MiTB attacks most commonly facilitate financial fraud without alerting the user to nefarious activity.

Patch management is an essential part of any cybersecurity strategy and involves running regularly scheduled system updates—or patches—to address vulnerabilities or new cybersecurity threats. Automated patch management software streamlines this process by automatically updating the software on a regular cadence to reduce down time and ensure organizations have the most updated cybersecurity protection available.

Personally identifiable information, or PII, is information that can be used to identify an individual. PII can include direct identifiers, such as passport information, driver’s license information, or birth certificates, or it can be made up of a variety of indirect identifiers, such as race, occupation, and location. In the wake of increasing cyberattacks that have jeopardized countless individuals’ sensitive information, measures have been put in place to ensure PII is being safely protected and secured in order to keep identities confidential and secure.

Petya is a type of ransomware that spreads through phishing emails and infects the master boot record of Microsoft Windows-based devices. A user that clicks a malicious link containing Petya ransomware enables the virus to overwrite the master boot record in order to encrypt the user’s hard drive. Once encrypted, users are required to enter an encryption key, typically obtained for a ransom, in order to retrieve their data. After Petya first emerged in 2016, a new variant surfaced called NotPetya, which made headlines for crippling business operations worldwide. Unlike the original form of the virus, NotPetya uses several propagation techniques to quickly spread within and across networks. In order to protect your organization against Petya and its variants, it’s important to educate your employees on phishing email detection to avoid potential compromise.

Pharming is a type of cyberattack that redirects users away from a trusted website to a fraudulent one. Through malicious code already embedded on a user’s device, pharming pushes website traffic towards fake sites, where users provide sensitive information for cybercriminals to harvest.

Similar to phishing attacks, a pharming cyberattack relies on a user not knowing that they’ve been redirected to an illegitimate site so that they freely provide personally identifiable information (PII) or login credentials without realizing foul play. As is the case with many cyberattacks, pharming prevention starts with familiarizing your employees with suspicious-looking emails and websites so that they can detect pharming attempts before handing over sensitive information.

Phishing is the most common form of social engineering carried out by email. Unlike cyberattacks on systems and software, it requires little to no hacking expertise, making it a quick and easy way for cybercriminals to get access to a business’s most sensitive data.