Cybersecurity Glossary

Wi-Fi Protected Access 3. The latest generation of Wi-Fi security protocol that provides stronger encryption and protection against brute-force attacks.

Wired Equivalent Privacy. An outdated and insecure wireless security protocol that uses static encryption keys, easily cracked with modern tools.

The act of searching for Wi-Fi networks from a moving vehicle using a laptop or smartphone to map wireless access points and identify security weaknesses.

Web Application Firewall. A security solution that monitors, filters, and blocks HTTP/HTTPS traffic to and from a web application to protect against common web exploits.

A malicious script uploaded to a web server that gives an attacker remote access and control, typically allowing command execution through a web browser interface.

Self-replicating malware that spreads across networks without requiring user interaction or attachment to host programs, often exploiting network vulnerabilities.

A type of spear phishing attack that specifically targets high-profile individuals such as executives and senior management to steal sensitive corporate data.

An attack strategy where the adversary compromises a website frequently visited by a specific target group to infect their systems with malware.

Destructive malware designed to permanently destroy data on infected systems by overwriting or deleting files and disk structures beyond recovery.

An open-source network protocol analyzer that captures and displays packet data in real time, essential for network troubleshooting and security analysis.

Wi-Fi Protected Access 2. A wireless security protocol that uses AES encryption to protect wireless network communications, widely deployed but vulnerable to KRACK attacks.

A system that monitors wireless network traffic for unauthorized access points, suspicious activities, and known wireless attack patterns.

A wireless auditing platform used by penetration testers to perform man-in-the-middle attacks, rogue AP creation, and wireless reconnaissance.

A dedicated space or virtual environment where incident response teams gather during major security incidents to coordinate response efforts.

A malicious script uploaded to a web server that provides remote access and command execution capabilities through a web browser interface.

Security considerations for WebSocket connections, including authentication, authorization, input validation, and protection against cross-site WebSocket hijacking.

An attack that manipulates web caching mechanisms to store malicious responses that are subsequently served to other users.

Testing that evaluates the security of wireless networks and devices, including WiFi, Bluetooth, RFID, and other radio frequency technologies.

A hardware or software tool used in forensics to prevent any data from being written to a storage device during evidence acquisition.

A specialized wireless auditing tool that can perform man-in-the-middle attacks, rogue access point creation, and wireless reconnaissance.

The use of artificial intelligence technologies to enhance the effectiveness of cyberattacks, including automated vulnerability discovery and social engineering.

The four-way authentication exchange between a wireless client and access point that establishes encryption keys, which can be captured for offline cracking.

Security weaknesses in Wi-Fi Protected Setup, a feature designed to simplify wireless configuration but vulnerable to brute-force PIN attacks.

The collection and analysis of wireless network traffic and artifacts for incident investigation, including captured packets and access point logs.

FragAttacks — a collection of WiFi vulnerabilities affecting frame aggregation and fragmentation in all modern WiFi security protocols.

A security assessment focused on wireless networks, testing for encryption weaknesses, rogue access points, and client-side vulnerabilities.

A protocol providing full-duplex communication channels over a single TCP connection, enabling real-time data transfer between client and server.

A malicious script placed on a web server that provides remote command execution and file management capabilities through HTTP requests.

Destructive malware designed to irreversibly destroy data on infected systems, often used in geopolitical cyber warfare.

Web Authentication API. A W3C standard that enables passwordless authentication in web browsers using public-key cryptography and hardware authenticators.

A targeted attack strategy where the adversary compromises websites frequently visited by a specific group to infect members of that group.

Security measures applied to cloud workloads including virtual machines, containers, and serverless functions to prevent unauthorized access.

Scripts or pixels embedded in websites that monitor user behavior, collect browsing data, and build profiles for advertising or analytics.

Security considerations for WebAssembly modules including sandboxing, memory safety, and preventing side-channel attacks.

A modern VPN protocol that aims to be simpler and more performant than IPsec and OpenVPN while maintaining strong cryptographic security.

Security enhancements in WiFi 6 including WPA3 support, Target Wake Time for IoT, and improved protection against brute-force attacks.

Using WiFi signal disturbances to detect movement, gestures, or activities within a building without physical access.

An attack that exploits cross-site WebSocket connections to perform unauthorized actions using an authenticated user session.

An attack that tricks web caches into storing sensitive user-specific content, making it accessible to other users.

An open-source security platform for threat detection, integrity monitoring, incident response, and compliance across IT infrastructure.

Security vulnerabilities in WiFi Direct peer-to-peer connections that can be exploited for unauthorized access and data interception.

Manipulating parameters exchanged between client and server to modify application data like user credentials, permissions, and prices.

Security assessment of wireless networks including authentication testing, rogue AP detection, and client-side attacks.

Malware delivered through compromised websites that specific target groups frequently visit.

Using Windows Management Instrumentation event subscriptions to execute malicious code persistently across reboots.

The examination of web server logs, cached content, and browser artifacts to reconstruct web-based attacks and user activity.

The process of recovering WiFi pre-shared keys by capturing authentication handshakes and performing offline dictionary or brute-force attacks.

Deploying decoy wireless networks and access points to detect unauthorized wireless scanning and attack attempts.

Organizational rules governing the deployment, configuration, and use of wireless networks and devices.

Continuous surveillance of wireless network activity to detect unauthorized devices, attacks, and policy violations.

Security measures to prevent automated extraction of website content including CAPTCHAs, rate limiting, and bot detection.

Storage media that can only be written to once and not modified, used for storing forensic evidence and audit logs.