Browse — Entity Type · Threat
allDataSystemNetworkIdentityCredentialPhysicalProcessCapabilityOrganizationFrameworkEventMetricVulnerabilityThreatControlFindingRequirementRoleArtifactUnknown
184 terms
TermTypeDefinitionClassificationsUpdated
Account HarvestingnounAccount Harvesting is the process of collecting all the legitimate account names on a system.Threat
ACK PiggybackingnounACK piggybacking is the practice of sending an ACK inside another packet going to the same destination.Threat
active attacknounAn attack on the authentication protocol where the Attacker transmits data to the Claimant, Credential Service Provider, Verifier, or Relying Party. Examples of active attacks include man-in-the-middle, impersonation, and session hijacking.Threat
Advanced persistent threatnounAn adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives using multiple attack vectors (NIST SP800-61) Scope Note: The APT: 1. pursues its objectives repeatedly over an extended period of time 2. adapts to defenders’ efforts to resist it 3. is determined to maintain the level of interaction needed to execute its objectivesThreat
AdversarynounIndividual, group, organization, or government that conducts or has the intent to conduct detrimental activities.Threat
AdwarenounA software package that automatically plays, displays or downloads advertising material to a computer after the software is installed on it or while the application is being used Scope Note: In most cases, this is done without any notification to the user or without the user’s consent. The term adware may also refer to software that displays advertisements, whether or not it does so with the user’s consent; such programs display advertisements as an alternative to shareware registration fees. These are classified as adware in the sense of advertising supported software, but not as spyware. Adware in this form does not operate surreptitiously or mislead the user, and it provides the user with a specific service.Threat
Anti-malwarenounA technology widely used to prevent, detect and remove many categories of malware, including computer viruses, worms, Trojans, keyloggers, malicious browser plug-ins, adware and spywareThreat
Antivirus/anti-malware softwarenounA program that monitors a computer or network to identify all types of malware and prevent or contain malware incidents.Threat
Asymmetric WarfarenounAsymmetric warfare is the fact that a small investment, properly leveraged, can yield incredible results.Threat
attacknounAny kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.Threat
Attack mechanismnounA method used to deliver the exploit. Unless the attacker is personally performing the attack, an attack mechanism may involve a payload, or container, that delivers the exploit to the target.Threat
attack methodnounThe manner or technique and means an adversary may use in an assault on information or an information system.Threat
attack pathnounThe steps that an adversary takes or may take to plan, prepare for, and execute an attack.Threat
attack patternnounSimilar cyber events or behaviors that may indicate an attack has occurred or is occurring, resulting in a security violation or a potential security violation.Threat
Attack vectornounA path or route used by the adversary to gain access to the target (asset) Scope Note: There are two types of attack vectors: ingress and egress (also known as data exfiltration)Threat
BlindingnounGenerating network traffic that is likely to trigger many alerts in a short period of time, to conceal alerts triggered by a “real” attack performed simultaneously.Threat
Boot Record InfectornounA boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.Threat
botnounA computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of a remote administrator.ThreatRegulated
bot mastnounThe controller of a botnet that, from a remote location, provides direction to the compromised computers in the botnet.Threat
BotnetnounA term derived from robot network; is a large automated and distributed network of previously compromised computers that can be simultaneously controlled to launch large-scale attacks such as a denial-of-service attack on selected victimsThreat
Brute forcenounA class of algorithms that repeatedly try all possible combinations until a solution is foundThreat
Brute force attacknounRepeatedly trying all possible combinations of passwords or encryption keys until the correct one is foundThreat
Buffer Overflow AttacknounA method of overloading a predefined amount of space in a buffer, which can potentially overwrite and corrupt data in memory.Threat
Cache CrammingnounCache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.Threat
Cache PoisoningnounMalicious or misleading data from a remote name server is saved [cached] by another name server. Typically used with DNS cache poisoning attacks.Threat
Competitive IntelligencenounCompetitive Intelligence is espionage using legal, or at least not obviously illegal, means.ThreatIP
Computer AbusenounIntentional or reckless misuse, alteration, disruption, or destruction of information processing resources.ThreatRegulated
Computer Network AttacknounActions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.ThreatRegulatedCUI
Computer Network ExploitationnounEnabling operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary information systems or networks.ThreatRegulatedCUI
ConsumerizationnounA new model in which emerging technologies are first embraced by the consumer market and later spread to the businessThreat
CorruptionnounA threat action that undesirably alters system operation by adversely modifying system functions or data.Threat
CrimewarenounA type of malware used by cyber criminals. The malware is designed to enable the cyber criminal to make money off of the infected system (such as harvesting key strokes, using the infected systems to launch Denial of Service Attacks, etc.).Threat
Cyber AttacknounAn attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.ThreatRegulated
cyber threatnounAn internal or external circumstance, event, action, occurrence, or person with the potential to exploit technology-based vulnerabilities and to adversely impact (create adverse consequences for) organizational operations, organizational assets (including information and information systems), individuals, other organizations, or society.ThreatRegulated
CyberespionagenounActivities conducted in the name of security, business, politics or technology to find information that ought to remain secret. It is not inherently military.ThreatRestrictedCUI
cybersecurity risknounA risk to organizational operations, (including mission, functions, image, and reputation), resources, and other organizations due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information, Information Technology, and/or Operations Technology.ThreatRegulated
CyberwarfarenounActivities supported by military organizations with the purpose to threat the survival and well-being of society/foreign entityThreatRegulatedCUI
DefacementnounDefacement is the method of modifying the content of a website in such a way that it becomes "vandalized" or embarrassing to the website owner.Threat
denial of servicenounThe prevention of authorized access to resources or the delaying of time-critical operations. (Time-critical may be milliseconds or it may be hours, depending upon the service provided.)Threat
Denial-of-service attacknounAn assault on a service from a single source that floods it with so many requests that it becomes overwhelmed and is either stopped completely or operates at a significantly reduced rateThreat
Dictionary AttacknounDiscovery of authenticators by encrypting likely authenticators and comparing the actual encrypted authenticator with the newly encrypted possible authenticators.Threat
Differential Power AnalysisnounAn analysis of the variations of the electrical power consumption of a cryptographic module, using advanced statistical methods and/or other techniques, for the purpose of extracting information correlated to cryptographic keys used in a cryptographic algorithm.ThreatRegulated
distributed denial of servicenounA Denial of Service technique that uses numerous hosts to perform the attack.Threat
Distributed denial of service (DDoS)nounA type of attack that makes a computer resource or resources unavailable to its intended users. Although the means to carry out, motives for, and targets of a DDoS attack may vary, it generally consists of the concerted efforts of a group that intends to affect an institution's reputation by preventing an Internet site, service, or application from functioning efficiently.Threat
Domain HijackingnounDomain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain's DNS server and then putting his own server up in its place.Threat
Dumpster DivingnounDumpster Diving is obtaining passwords and corporate directories by searching through discarded media.ThreatRestrictedIP
Eavesdropping AttacknounAn attack in which an Attacker listens passively to the authentication protocol to capture information which can be used in a subsequent active attack to masquerade as the Claimant.ThreatRegulated
Fast FluxnounProtection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.Threat
Fault Line AttacksnounFault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.Threat
FingerprintingnounSending strange packets to a system in order to gauge how it responds to determine the operating system.Threat
FloodingnounAn attack that attempts to cause a failure in a system by providing more input than the system can process properly.Threat
Fork BombnounA Fork Bomb works by using the fork() call to create a new process which is a copy of the original. By doing this repeatedly, all available processes on the machine can be taken up.Threat
Fragment Overlap AttacknounA TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. The TCP packet (and its header) are carried in the IP packet. In this attack the second fragment contains incorrect offset. When packet is reconstructed, the port number will be overwritten.Threat
Hijack AttacknounA form of active wiretapping in which the attacker seizes control of a previously established communication association.Threat
HijackingnounThe use of an authenticated user's communication session to communicate with system components.ThreatRegulated
Hybrid AttacknounA Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.Threat
ICT supply chain threatnounA man-made threat achieved through exploitation of the information and communications technology (ICT) system’s supply chain, including acquisition processes.ThreatRegulated
Imitative Communications DeceptionnounIntroduction of deceptive messages or signals into an adversary's telecommunications signals. See also Communications Deception and Manipulative Communications Deception.ThreatRegulatedCUI
ImplantnounElectronic device or electronic equipment modification designed to gain unauthorized interception of information-bearing emanations.ThreatRegulatedCUI
Inference AttacknounInference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.Threat
information security threatnounAny circumstance or event with the potential to adversely impact the measures taken so that information and information systems are protected from unauthorized access, use, disclosure, disruption, modification, or destruction.ThreatRegulated
Information System-Related Security RisksnounInformation system-related security risks are those risks that arise through the loss of confidentiality, integrity, or availability of information or information systems and consider impacts to the organization (including assets, mission, functions, image, or reputation), individuals, other organizations, and the Nation.ThreatRegulated
Information WarfarenounInformation Warfare is the competition between offensive and defensive players over information resources.Threat
InjectionnounA general term for attack types which consist of injecting code that is then interpreted/executed by the application. (OWASP)Threat
Input Validation AttacksnounInput Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.Threat
InsidenounAn entity with authorized access (i.e., within the security domain) that has the potential to harm an information system or enterprise through destruction, disclosure, modification of data, and/or denial of service.ThreatRegulated
Inside ThreatnounAn entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.Threat
inside( r) threatnounA person or group of persons within an organization who pose a potential risk through violating security policies.ThreatRestricted
IntrudernounIndividual or group gaining access to the network and it's resources without permissionThreat
IP FloodnounA denial of service attack that sends a host more echo request ("ping") packets than the protocol implementation can handle.Threat
JammingnounAn attack in which a device is used to emit electromagnetic energy on a wireless network’s frequency to make it unusable.Threat
Key LoggernounA program designed to record which keys are pressed on a computer keyboard used to obtain passwords or encryption keys and thus bypass other security measures.Threat
Laboratory AttacknounUse of sophisticated signal recovery equipment in a laboratory environment to recover information from data storage media.ThreatRegulatedCUI
Log ClippingnounLog clipping is the selective removal of log entries from a system log to hide a compromise.ThreatRegulatedCUI
Logic BombnounA piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met.ThreatRegulated
macro virusnounA virus that attaches itself to documents and uses the macro programming capabilities of the document’s application to execute and propagate.Threat
malicious actnounAn intentional, wrongful act performed against another without legal justification or excuse.ThreatRegulated
malicious activitynounActivity with a harmful intent, such as fraud, theft, blackmail, vandalism, looting, sabotage, etc.ThreatRegulated
malicious appletnounA small application program that is automatically downloaded and executed and that performs an unauthorized function on an information system.Threat
malicious codenounSoftware or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host. Spyware and some forms of adware are also examples of malicious code.ThreatRegulated
malicious logicnounHardware, firmware, or software that is intentionally included or inserted in a system for a harmful purpose.ThreatRegulated
MalwarenounA program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or of otherwise annoying or disrupting the victim.Threat
Man-in-the-middle attacknounA form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.Threat
Manipulative Communications DeceptionnounAlteration or simulation of friendly telecommunications for the purpose of deception. See Communications Deception and Imitative Communications Deception.ThreatRegulatedCUI
Masquerade AttacknounA type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.Threat
MasqueradingnounA type of threat action whereby an unauthorized entity gains access to a system or performs a malicious act by illegitimately posing as an authorized entity.Threat
Miniature fragment attacknounUsing this method, an attacker fragments the IP packet into smaller ones and pushes it through the firewall, in the hope that only the first of the sequence of fragmented packets would be examined and the others would pass without review.Threat
Misnamed FilesnounA technique used to disguise a file’s content by changing the file’s name to something innocuous or altering its extension to a different type of file, forcing the examiner to identify the files by file signature versus file extension.ThreatRegulated
mobile codenounSoftware programs or parts of programs obtained from remote information systems, transmitted across a network, and executed on a local information system without explicit installation or execution by the recipient. Note: Some examples of software technologies that provide the mechanisms for the production and use of mobile code include Java, JavaScript, ActiveX, VBScript, etc.ThreatRegulated
Morris WormnounA worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.Threat
Mutual SuspicionnounCondition in which two information systems need to rely upon each other to perform a service, yet neither trusts the other to properly protect shared data.Threat
Network SniffingnounA passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest. It is both a review technique and a target identification and analysis technique.Threat
Network WeavingnounPenetration technique in which different communication networks are linked to access an information system to avoid detection and trace-back.Threat
Off-line AttacknounAn attack where the Attacker obtains some data (typically by eavesdropping on an authentication protocol run, or by penetrating a system and stealing security files) that he/she is able to analyze in a system of his/her own choosing.Threat
Online AttacknounAn attack against an authentication protocol where the Attacker either assumes the role of a Claimant with a genuine Verifier or actively alters the authentication channel. The goal of the attack may be to gain authenticated access or learn authentication secrets.ThreatRegulated
Operational risknounThe risk of failure or loss resulting from inadequate or failed processes, people, or systems.ThreatRegulated
Outside ThreatnounAn unauthorized entity from outside the domain perimeter that has the potential to harm an Information System through destruction, disclosure, modification of data, and/or denial of service.Threat
outside( r) threatnounA person or group of persons external to an organization who are not authorized to access its assets and pose a potential risk to the organization and its assets.ThreatRestricted
Outsider ThreatnounAn unauthorized entity outside the security domain that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.Threat
OverloadnounHindrance of system operation by placing excess burden on the performance capabilities of a system component.Threat
passive attacknounAn attack against an authentication protocol where the Attacker intercepts data traveling along the network between the Claimant and Verifier, but does not alter the data (i.e., eavesdropping).Threat
Passive WiretappingnounThe monitoring or recording of data while it is being transmitted over a communications link, without altering or affecting the data.ThreatRegulated
PenetrationnounGaining unauthorized logical access to sensitive data by circumventing a system's protections.ThreatRegulated
pharmingnounThis is a more sophisticated form of MITM attack. A user’s session is redirected to a masquerading website. This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading website’s IP. Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website. Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website. At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website.ThreatPII
PhishingnounA digital form of social engineering that uses authentic-looking—but bogus—emails to request information from users or direct them to a fake Web site that requests information.Threat
Ping of DeathnounAn attack that sends an improperly large ICMP echo request packet (a "ping") with the intent of overflowing the input buffers of the destination machine and causing it to crash.Threat
Ping SweepnounAn attack that sends ICMP echo requests ("pings") to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities.Threat
PolymorphismnounPolymorphism is the process by which malicious software changes its underlying code to avoid detection.Threat
Port ScannounA port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses. Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can therefore be probed for weakness.Threat
Port scanningnounUsing a program to remotely determine which ports on a system are open (e.g., whether systems allow connections through those ports).Threat
Program InfectornounA program infector is a piece of malware that attaches itself to existing program files.Threat
RansomwarenounA type of malware that is a form of extortion. It works by encrypting a victim's hard drive denying them access to key files. The victim must then pay a ransom to decrypt the files and gain access to them again.Threat
ReconnaissancenounReconnaissance is the phase of an attack where an attackers finds new systems, maps out networks, and probes for specific, exploitable vulnerabilities.Threat
ReplaynounThe ability to copy a message or stream of messages between two parties and replay (retransmit) them to one or more of the partiesThreat
Replay attacknounThe interception of communications, such as an authentication communication, and subsequently impersonation of the sender by retransmitting the intercepted communication.Threat
Resource ExhaustionnounResource exhaustion attacks involve tying up finite resources on a system, making them unavailable to others.Threat
Return-oriented attacksnounAn exploit technique in which the attacker uses control of the call stack to indirectly execute cherry-picked machine instructions immediately prior to the return instruction in subroutines within the existing program codeThreat
Reverse EngineeringnounAcquiring sensitive data by disassembling and analyzing the design of a system component.ThreatRestrictedIP
RootkitnounA set of tools used by an attacker after gaining root-level access to a host to conceal the attacker’s activities on the host and permit the attacker to maintain root-level access to the host through covert means.Threat
ScanningnounSending packets or requests to another system to gain information to be used in a subsequent attack.Threat
SkimmingnounThe unauthorized use of a reader to read tags without the authorization or knowledge of the tag’s owner or the individual in possession of the tag.ThreatRegulatedPII
SmurfnounThe Smurf attack works by spoofing the target address and sending a ping to the broadcast address for a remote network, which results in a large amount of ping replies being sent to the target.Threat
Social engineeringnounA general term for attackers trying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear to be benign but are actually malicious.Threat
SpamnounElectronic junk mail or the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.Threat
Spear phishingnounAn attack targeting a specific user or group of users, and attempts to deceive the user into performing an action that launches an attack, such as opening a document or clicking a link. Spear phishers rely on knowing some personal piece of information about their target, such as an event, interest, travel plans, or current issues. Sometimes this information is gathered by hacking into the targeted network.Threat
SpoofnounAttempt by an unauthorized entity to gain access to a system by posing as an authorized user.Threat
Spoofingnoun1. Faking the sending address of a transmission to gain illegal entry into a secure system. Impersonating, masquerading, piggybacking, and mimicking are forms of spoofing. 2. The deliberate inducement of a user or resource to take incorrect action.Threat
SpywarenounSoftware that is secretly or surreptitiously installed into an information system to gather information on individuals or organizations without their knowledge; a type of malicious code.Threat
SQL injectionnounResults from failure of the application to appropriately validate input. When specially crafted user-controlled input consisting of SQL syntax is used without proper validation as part of SQL queries, it is possible to glean information from the database in ways not envisaged during application design. (MITRE)Threat
SQL injection attacknounAn exploit of target software that constructs structure query language (SQL) statements based on user input. An attacker crafts input strings so that when the target software constructs SQL statements based on the input, the resulting SQL statement performs actions other than those the application intended. SQL injection enables an attacker to talk directly to the database, thus bypassing the application completely. Successful injection can cause information disclosure as well as ability to add or modify data in the database.Threat
Stack MashingnounStack mashing is the technique of using a buffer overflow to trick a computer into executing arbitrary code.Threat
StealthingnounStealthing is a term that refers to approaches used by malicious code to conceal its presence on the infected system.Threat
SteganographynounThe art and science of communicating in a way that hides the existence of the communication. For example, a child pornography image can be hidden inside another graphic image file, audio file, or other file format.ThreatRegulatedPHI
Supply Chain AttacknounAttacks that allow the adversary to utilize implants or other vulnerabilities inserted prior to installation in order to infiltrate data, or manipulate information technology hardware, software, operating systems, peripherals (information technology products) or services at any point during the life cycle.ThreatRegulatedCUI
supply chain risknounA risk measured by the likelihood and severity of damage if an Information Technology or Operations Technology system is compromised by a supply chain attack, and takes into account the importance of the system and the impact of compromise on organizational operations and assets, individuals, other organizations, and the Nation. Supply chain attacks may involve manipulating computing system hardware, software, or services at any point during the life cycle. Supply chain attacks are typically conducted or facilitated by individuals or organizations that have access through commercial ties, leading to stolen critical data and technology, corruption of the system/ infrastructure, and/or disabling of mission-critical operations.ThreatRegulated
SYN FloodnounA denial of service attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle.Threat
threatnounAny circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability.Threat
Threat agentnounMethods and things used to exploit a vulnerability Scope Note: Examples include determination, capability, motive and resources.Threat
threat informationnounInformation about a potential source of danger or undesirable event.ThreatInternal
Threat ScenarionounA set of discrete threat events, associated with a specific threat source or multiple threat sources, partially ordered in time.Threat
Threat ShiftingnounResponse from adversaries to perceived safeguards and/or countermeasures (i.e., security controls), in which the adversaries change some characteristic of their intent to do harm in order to avoid and/or overcome those safeguards/countermeasures.Threat
Threat SourcenounThe intent and method targeted at the intentional exploitation of a vulnerability or a situation and method that may accidentally trigger a vulnerability. Synonymous with Threat Agent.Threat
Time BombnounResident computer program that triggers an unauthorized act at a predefined time.Threat
Tiny Fragment AttacknounWith many IP implementations it is possible to impose an unusually small fragment size on outgoing packets. If the fragment size is made small enough to force some of a TCP packet's TCP header fields into the second fragment, filter rules that specify patterns for those fields will not match. If the filtering implementation does not enforce a minimum fragment size, a disallowed packet might be passed because it didn't hit a match in the filter. STD 5, RFC 791 states: Every Internet module must be able to forward a datagram of 68 octets without further fragmentation. This is because an Internet header may be up to 60 octets, and the minimum fragment is 8 octets.Threat
Traffic AnalysisnounThe analysis of patterns in communications for the purpose of gaining intelligence about a system or its users. It does not require examination of the content of the communications, which may or may not be decipherable. For example, an adversary may be able to detect a signal from a reader that could enable it to infer that a particular activity is occurring (e.g., a shipment has arrived, someone is entering a facility) without necessarily learning an identifier or associated data.Threat
Trojan horsenounA computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.Threat
unauthorized mobile codenounA program (e.g., script, macro, or other portable instruction) that can be shipped unchanged to a heterogeneous collection of platforms and executed with identical semantics -- that has not been permitted by the controlling authority.ThreatRegulated
unauthorized softwarenounAn application or device driver who use is not been permitted by the controlling authority.ThreatRegulated
unauthorized usenounUse of an asset for a person's own purpose without the consent of the owner.ThreatRegulated
User interface impersonationnounCan be a pop-up ad that impersonates a system dialog, an ad that impersonates a system warning, or an ad that impersonates an application user interface in a mobile device.Threat
Verifier Impersonation AttacknounA scenario where the Attacker impersonates the Verifier in an authentication protocol, usually to capture information that can be used to masquerade as a Claimant to the real Verifier.ThreatRegulated
VirusnounA computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to spread itself to other computers, or even erase everything on a hard disk.Threat
Virus signature filenounThe file of virus patterns that are compared with existing files to determine whether they are infected with a virus or wormThreat
War ChalkingnounWar chalking is marking areas, usually on sidewalks with chalk, that receive wireless signals that can be accessed.Threat
War DialernounA computer program that automatically dials a series of telephone numbers to find lines connected to computer systems, and catalogs those numbers so that a cracker can try to break into the systems.Threat
War DialingnounWar dialing is a simple means of trying to identify modems in a telephone exchange that may be susceptible to compromise in an attempt to circumvent perimeter security.Threat
War DrivingnounWar driving is the process of traveling around looking for wireless access point signals that can be used to get network access.Threat
Web BugnounMalicious code, invisible to a user, placed on Web sites in such a way that it allows third parties to track use of Web servers and collect information about the user, including IP address, host name, browser type and version, operating system name and version, and Web browser cookie.ThreatRegulatedPII
WiretappingnounMonitoring and recording data that is flowing between two points in a communication system.ThreatRegulated
WormnounA self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself. See Malicious Code.Threat
WORM (Acronym)nounWrite once, read many times. A type of optical disk where a computer can save information once, can then read that information, but cannot change it.Threat