Phishing & Social Engineering
This term describes a fraudulent email designed to trick the recipient into revealing sensitive information.
What is Phishing?
This type of malware encrypts a victim's files and demands payment for the decryption key.
What is Ransomware?
A security system that monitors and controls incoming and outgoing network traffic based on predetermined rules.
What is a Firewall?
The security practice of requiring at least two different forms of identification before granting access.
What is Multi-Factor Authentication (MFA)?
his generative AI technology is used by attackers to create highly realistic audio or video of a person to bypass voice biometrics or trick employees into making wire transfers.
What is a Deepfake?
Abbreviated as BEC, this type of phishing targets companies to conduct unauthorized transfers of funds.
What is Business Email Compromise?
Named after a Greek myth, this malware disguises itself as legitimate software to gain access to a system.
What is a Trojan Horse?
This technology creates a secure, encrypted "tunnel" over a public network like the internet.
What is a VPN (Virtual Private Network)?
The process of updating software to the latest version to fix security vulnerabilities.
What is Patching?
In AI-driven defense, this technique involves establishing a "baseline" of normal user behavior and flagging any activity that deviates from it as a potential threat.
What is Anomaly Detection (or Behavioral Analytics)?
This term refers to phishing attacks specifically conducted over voice calls or VoIP.
What is Vishing?
An exploit that takes advantage of a software vulnerability that is unknown to the vendor and has no available patch.
What is a Zero-Day?
The process where two entities on a network confirm each other's identity and agree on encryption parameters.
What is a Handshake (e.g., TLS Handshake)?
A security model based on the principle of "never trust, always verify," regardless of whether the user is inside the network perimeter.
What is Zero Trust?
This subfield of machine learning focuses on tricking models by providing them with deceptive input, such as adding invisible "noise" to an image so an AI misclassifies it.
What is Adversarial Machine Learning?
A highly targeted phishing attack aimed specifically at senior executives or high-profile individuals.
What is Whaling?
A network of infected "zombie" computers controlled by a single attacker to launch massive DDoS attacks.
What is a Botnet?
An attack where the perpetrator secretly relays and possibly alters the communications between two parties who believe they are directly communicating.
What is a Man-in-the-Middle (MitM) attack?
This group of security professionals is hired to simulate an attack on an organization to test its defenses.
What is a Red Team?
A specific attack where a user provides a Large Language Model (LLM) with carefully crafted text designed to ignore its safety filters and original instructions.
What is Prompt Injection (or Jailbreaking)?
The social engineering practice of following an authorized person into a secure area without a badge.
What is Tailgating (or Piggybacking)?
An Advanced Persistent Threat (APT) actor that remains undetected in a network for an extended period to steal data.
What is a "Sleeper" or APT?
This type of scan sends packets to a port without completing the three-way handshake to avoid detection by simple logs.
What is a Stealth Scan (or SYN Scan)?
This international standard provides the framework for an Information Security Management System (ISMS).
What is ISO/IEC 27001?
An attack that occurs during the AI's development phase, where a malicious actor corrupts the training data to create a "backdoor" or permanent bias in the resulting model.
What is Data Poisoning?