any software program intended for marketing purposes such as that used to deliver and display advertising banners or popups to the user’s screen or tracking the user’s online usage or purchasing activity.

an act that takes advantage of a vulnerability to compromise a controlled system.

degradation of service caused by events such as incidents such as a backhoe taking out a fiber-optic link for an ISP.

component in a system, which allows the attacker to access the system at, will with special privileges.

a complete loss of power for a more lengthy period of time.

a complete loss of power for a more lengthy period of time.

infects the key operating system files located in a computer’s boot sector.

an abbreviation of robot; “an automated software program that executes certain commands when it receives a specific input.

a more prolonged drop in voltage.

the application of computing and network resources to try every possible password combination.

When any form of processing overload takes place.

an application error that occurs when more data is sent to a program buffer than it is designed to handle.

a process developers used to ensure that the working system delivered to users represents the intent of the developers.

legal information gathering techniques employed.

attempting to reverse-calculate a password.

occurs when an application running on a Web server gathers data from a user in order to steal it.

One who uses exploitative techniques for emotional online activities

hacks of systems to conduct terrorist activities via network or Internet pathways.

a variation of the brute force attack that narrows the field by selecting specific target accounts and using a list of commonly used passwords (the dictionary) instead of random combinations.

an attack in which a coordinated stream of requests is launched against a target from many locations at the same time.

develops software scripts and program exploits used by those in the second category; usually a master of several programming languages, networking protocols, and operating systems and also exhibits a mastery of the technical environment of the chosen targeted system.

complete loss of power for a moment.

people who use and create computer software [to] gain access to information illegally

nterfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency.

when information gatherers employ techniques that cross the threshold of what is legal or ethical.

fall into four broad classes: overflows, underflows, truncations, and signedness errors; are usually exploited indirectly—that is, triggering an integer bug enables an attacker to corrupt other areas of memory, gaining control of an application

embedded in automatically executing macro code used by word processors, spread sheets, and database applications.

an attacker routes large quantities of e-mail to the target.

software designed and deployed to attack a system.

an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network.

script kiddies who use automated exploits to engage in distributed denial-of-service attacks.

a sniffer on a TCP/IP network.

the redirection of legitimate Web traffic (e.g., browser requests) to an illegitimate site for the purpose of obtaining private information.

an attempt to gain personal or financial information from an individual, usually by posing as a legitimate entity.

hacks the public telephone network to make free calls or disrupt services.

one that over time changes the way it appears to antivirus software programs, making it undetectable by techniques that look for preconfigured signatures.

a momentary low voltage.

hackers of limited skill who use expertly written software to attack a system.

an agreement providing minimum service levels.

used in public or semipublic settings when individuals gather information they are not authorized to have by looking over another individual’s shoulder or viewing the information from a distance.

a program or device that can monitor data traveling over a network.

the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker.

the unlawful use or duplication of software-based intellectual property.

unsolicited commercial e-mail.

a label that applies to any highly targeted phishing attack.

a momentary increase in voltage

a technique used to gain unauthorized access to computers, wherein the intruder sends messages with a source IP address that has been forged to indicate that the messages are coming from a trusted host.

any technology that aids in gathering information about a person or organization without their knowledge.
Ø Surge: a prolonged increase in voltage.

the illegal taking of another’s property, which can be physical, electronic, or intellectual.

damages or steals an organization’s information or physical asset.

an object, person, or other entity that presents an ongoing danger to an asset.

explores the contents of a Web browser’s cache and stores a malicious cookie on the client’s system.

Intentional vulnerability placed by security personnel to lure attackers.

unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter.

software programs that hide their true nature and reveal their designed behavior only when activated.

e-mails warning of supposedly dangerous viruses that don’t exist.

consists of segments of code that perform malicious actions.

an identified weakness in a controlled system, where controls are not present or are no longer effective.

a malicious program that replicates itself constantly, without requiring another program environment.

machines that are directed remotely (usually by a transmitted command) by the attacker to participate in the attack.