CONTACT

Understanding Cyber Threats

Threat Glossary

A comprehensive guide to cyber threats, attack techniques, and security concepts.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

A

  • Advanced Persistent Threat (APT) – A prolonged, targeted cyber attack where adversaries infiltrate a network to steal sensitive data or disrupt operations.
  • Attack Surface – The sum of all entry points (hardware, software, networks) that an attacker can exploit.

B

  • Botnet – A network of compromised computers remotely controlled by an attacker to launch cyber attacks, such as DDoS attacks or credential stuffing.
  • Brute Force Attack – A method where attackers try numerous password combinations to gain unauthorised access.

C

  • Command and Control (C2/C&C) – A technique used by attackers to remotely control compromised systems or devices.
  • Credential Stuffing – Using stolen username-password pairs to gain unauthorised access to multiple accounts.
  • Cross-Site Scripting (XSS) – An attack where malicious scripts are injected into websites to steal user data.
  • Cyber Threat Intelligence (CTI) – The process of gathering, analysing, and applying information about potential or active cyber threats, enabling organisations to anticipate, prevent, and respond to attacks.
  • Cyber Kill Chain – A model outlining the stages of a cyber attack, from initial reconnaissance to actions on objectives, helping security teams disrupt adversaries at each phase.

D

  • Denial-of-Service (DoS) / Distributed Denial-of-Service (DDoS) Attack – An attack that overwhelms a system or network, making it unavailable to legitimate users.
  • Data Breach – An incident where sensitive or confidential data is accessed or leaked without authorisation.
  • Data Loss Prevention (DLP) – Systems and strategies designed to prevent the unauthorised transfer or leakage of sensitive data.
  • Deception Technology – Security tools that deploy decoys, traps, and misleading information to divert and study attackers.

E

  • Endpoint Security – Protection of devices (laptops, servers, mobile phones) against cyber threats.
  • Endpoint Detection and Response (EDR) – Solutions that monitor endpoints for suspicious activities, enabling quick investigation and remediation.
  • Exfiltration – The unauthorised transfer of data from a compromised system.

F

  • Firewall – A security system that monitors and controls incoming/outgoing network traffic based on predefined security rules.
  • Fileless Malware – Malicious software that operates in-memory rather than installing files, making detection more difficult.

G

  • Greyware – Software that may not be explicitly malicious but poses security risks, such as adware or spyware.
  • Group Policy Object (GPO) Attack – A cyber attack that manipulates Active Directory policies to gain persistence.

H

  • Honeypot – A decoy system designed to attract cyber attackers to study their techniques.
  • Honeynet – A network of interconnected honeypots used to gather detailed information about attacker tactics.
  • Hashing – A cryptographic technique that converts data into a fixed-length string, commonly used for password storage.

I

  • Insider Threat – A security risk posed by employees or trusted individuals with access to an organisation’s systems.
  • Incident Response – A structured approach to handling and mitigating cyber security breaches.
  • Indicators of Compromise (IoCs) – Artifacts such as file hashes, IP addresses, or domain names that signal a potential security breach.
  • Incident Management – The process of handling security incidents to minimise business disruption and recover quickly.

J

  • Jailbreaking – The process of removing software restrictions on a mobile device, potentially exposing it to security risks.

K

  • Keylogger – Malware that records keystrokes to steal sensitive information such as passwords and credit card numbers.

L

  • Living-off-the-Land (LotL) Attacks – Cyber attacks that use legitimate system tools to evade detection.

M

  • Man-in-the-Middle (MitM) Attack – An attack where an adversary intercepts communications between two parties to steal or manipulate data.
  • Malware – Malicious software designed to damage, disrupt, or gain unauthorised access to systems.
  • Managed Detection & Response (MDR) – A security service that combines advanced technology with human expertise to continuously monitor, detect, and respond to cyber threats—often delivered as a managed service.
  • Multi-Factor Authentication (MFA) – An authentication method requiring more than one form of verification to grant access.

N

  • Network Segmentation – Dividing a network into smaller segments to limit the spread of cyber attacks.
  • Nonce – A one-time value used in cryptographic communications to prevent replay attacks.

O

  • Open Source Intelligence (OSINT) – Information gathered from publicly available sources to assess threats.

P

  • Phishing – A social engineering attack where attackers trick users into revealing sensitive information via fraudulent emails or messages.
  • Privilege Escalation – Exploiting vulnerabilities to gain higher access privileges in a system.
  • Patch Management – The process of managing and applying updates to software applications and systems in order to fix vulnerabilities.
  • Privileged Access Management (PAM) – Technologies and strategies to control, monitor, and secure accounts with elevated access rights.

Q

  • Quarantine – The process of isolating infected files or systems to prevent malware spread.

R

  • Ransomware – Malware that encrypts files and demands payment (ransom) for decryption.
  • Remote Access Trojan (RAT) – Malware that enables an attacker to take full control of a compromised device remotely.
  • Risk Management – The process of identifying, assessing, and mitigating risks to an organisation’s information assets.

S

  • SQL Injection (SQLi) – An attack that exploits vulnerabilities in web applications to manipulate databases.
  • Supply Chain Attack – An attack that targets an organisation by compromising third-party vendors or service providers.
  • Social Engineering – A manipulation tactic where attackers trick individuals into divulging confidential information.
  • Security Information and Event Management (SIEM) – A solution that aggregates and analyses security alerts generated by hardware and software, enabling real-time monitoring and threat detection.

T

  • Trojan Horse – A type of malware that disguises itself as a legitimate program to trick users into installing it.
  • Tactics, Techniques, and Procedures (TTPs) – The methods and patterns used by cyber attackers to infiltrate and exploit networks.
  • Threat Operations (ThreatOps) – A proactive approach that integrates threat intelligence, continuous monitoring, and incident response to detect and disrupt adversary activity.
  • Threat Intelligence Platforms (TIPs) – Tools that collect, correlate, and analyse threat data from multiple sources to help organisations make informed security decisions.

U

  • Unauthorised Access – Gaining access to systems, networks, or data without permission.
  • URL Spoofing – Creating a deceptive URL to trick users into visiting malicious websites.

V

  • Vulnerability – A weakness in software, hardware, or processes that can be exploited by attackers.
  • Vulnerability Assessment – A systematic review to identify security weaknesses within an organisation’s IT infrastructure.
  • Virtual Private Network (VPN) – A security tool that encrypts internet traffic to protect privacy.

W

  • Watering Hole Attack – An attack where cyber criminals compromise websites frequently visited by their target.
  • Whaling Attack – A phishing attack that specifically targets high-profile executives or decision-makers.

X

  • XDR (Extended Detection and Response) – A security solution that integrates threat detection and response across multiple layers, including network, endpoint, and cloud.

Y

  • YARA Rules – A method used to identify malware patterns and detect cyber threats.

Z

  • Zero-Day Attack – An attack that exploits unknown or unpatched vulnerabilities before the vendor releases a fix.
  • Zero Trust Security – A security model that requires strict identity verification for every user and device attempting to access resources.

Stay Ahead of Cyber Threats.
Get Exclusive Insights!

Receive expert cyber security insights, threat intelligence reports, and the latest industry updates.

Services

Resources

Company

Huntabil.IT is a leader in threat-informed defence, helping organisations stay ahead of cyber threats with expert-driven intelligence, proactive threat hunting, and tailored security advisory services.

© 2025 Huntabil.IT Technologies Pty Ltd

Stay in the loop!