This section covers attack and malware vocabulary in a defensive, educational way.
Use it when the term helps readers understand how threats are described, detected, categorized, or contained without turning the page into an offensive guide.
- Botnet
A botnet is a group of compromised devices or systems that can be remotely coordinated to perform unwanted activity.
- Brute Force Attack
A brute force attack is an attempt to gain access by trying many possible passwords or keys until one works.
- Business Email Compromise
Business email compromise is fraud that abuses trusted business communication, especially email, to trick people into making payments, sharing data, or approving risky actions.
- Command and Control
Command and control refers to the communication path or infrastructure used to direct compromised systems or malicious activity remotely.
- Credential Stuffing
Credential stuffing is an attack in which stolen username and password pairs are tried against other login systems in the hope that users reused the same credentials.
- Credential Theft
Credential theft is the unauthorized capture or misuse of passwords, tokens, keys, or other authentication material.
- Data Exfiltration
Data exfiltration is the unauthorized movement of data out of a system, environment, or organization to a destination not approved for that information.
- Denial of Service
Denial of service is an attack or disruptive condition that aims to make a system or service unavailable or unreliable for legitimate use.
- Fileless Malware
Fileless malware is malicious activity that relies heavily on in-memory execution, built-in tools, or transient artifacts rather than depending only on obvious malicious files written to disk.
- Insider Threat
Insider threat is the risk that a trusted person inside an organization misuses access or exposes the organization to harm.
- Lateral Movement
Lateral movement is the spread of unauthorized access from one compromised system, identity, or foothold to other parts of the environment.
- Malvertising
Malvertising is the use of malicious or deceptive online advertising to deliver harmful content, redirect users, or support fraud.
- Password Spraying
Password spraying is an attack that tries a small set of common passwords across many accounts instead of trying many passwords against one account.
- Persistence
Persistence is the ability of unauthorized access or malicious code to remain active or regain access over time instead of disappearing after the first interruption.
- Phishing
Phishing is a social-engineering tactic that tries to trick people into revealing information, granting access, or taking unsafe actions.
- Ransomware
Ransomware is malicious software or related extortion activity that aims to block access to data or systems and pressure an organization into paying or complying.
- Ransomware as a Service
Ransomware as a service is an organized criminal business model in which ransomware tooling and supporting infrastructure are offered to affiliates who carry out attacks.
- Sandbox Evasion
Sandbox evasion is behavior intended to avoid, confuse, or outlast analysis environments so suspicious code or activity is less likely to be understood or flagged during automated inspection.
- Spear Phishing
Spear phishing is a targeted form of phishing aimed at a specific person, role, team, or organization.
- Supply Chain Attack
A supply chain attack compromises a trusted supplier, dependency, update path, or related upstream relationship so downstream targets are affected indirectly.
- Threat Actor
A threat actor is the person, group, or organization behind malicious or harmful activity.
- Trojan
A trojan is malicious software that disguises itself as something legitimate or useful in order to trick a user or system into allowing it.
- Watering Hole Attack
A watering hole attack is a strategy that targets a website or online service commonly used by a specific group in order to reach that group indirectly.
- Worm
A worm is malware that can spread between systems on its own without always relying on a user to manually run it each time.