Adware stands for advertising-supported software. It is generally intrusive, flooding the user’s screen with advertising or disrupting browsing activity. Adware is typically bundled with other malware – to hinder system performance, steal user data, or hijack the system for malicious purposes.
An antivirus is a type of software created to combat viruses. Nowadays, they are better described as anti-malware, since they can fight more threats than just viruses. Antiviruses scan files for patterns in code called “signatures” – the “fingerprint” of malware.
Asymmetric encryption uses a public and private key to encode and decode data transmitted over a network. While more resource-intensive than symmetric encryption, it is more convenient. The parties involved in the data transfer don’t need to share keys beforehand.
A backdoor is a way to access data that overrides usual security measures. It can be built into the software, hardware, or appear due to programming errors. Hackers can exploit them, but they often build their own backdoor programs.
A series of interconnected devices (“bots”) which are controlled remotely for usually illegitimate purposes, such as carrying out DDoS attacks or sending out spam. Bots are infected with botnet malware. Device users are typically unaware their device is being controlled.
A browser hijacker is a type of malware that changes web browser settings – default search engine, home page, browser security measures, and others – without informing the user. Used for malicious advertising or more dangerous acts such as stealing personal data.
A brute force attack is an attempt to guess a password or other encryption key through trial-and-error – by using specialized software which will test out every possible combination – until the correct one is found, or the attack is blocked.
A record of collected and stored data by a VPN (or any online service) provider. This data consists of details like time, duration, and frequency of connections, the volume of data sent and received, or the assigned IP address.
A cookie is a small file that is exchanged between a server and a browser, and stored on a user’s device. It contains user data such as login info, emails, names, and others – this allows for user-specific customization and settings.
DoS (Denial-of-Service) – a network attack whereby a single internet connection sends fake network requests to a device, either to shut it down or cause massive slow-downs for legitimate users. DDoS (Distributed Denial-of-Service) relies on multiple active connections to carry out.
The Domain Name System (DNS) acts similarly to a “phonebook” for the internet. DNS is tasked with turning domain names (www.example.com) into an IP address so the user can be directed to the requested website. The reverse applies as well.
Eavesdropping (also called sniffing or snooping) is the act of stealing information transmitted over an unsecured network, such as public Wi-Fi with no password. Hackers use specialized software such as “sniffer” programs or protocol analyzers to find and record data.
Encryption is used to secure sensitive data by making it unreadable to outsiders that do not have the correct cryptographic key (or cipher) to decrypt the message. The most well-known encryption algorithms are asymmetric and symmetric.
A firewall is a network security system that monitors incoming and outgoing traffic and blocks any traffic it deems suspicious according to a defined set of rules. Firewalls fall into 2 main categories: network-based and host-based.
(Perfect) Forward Secrecy (PFS) is a method of ensuring that – if a hacker somehow discovers the cryptographic key used during the current VPN or website browsing session is compromised – no past session keys are discovered, and vice-versa.
The GDPR (General Data Protection Regulation) is an EU privacy law that started applying on May 25th, 2018. It will replace the Data Protection Directive from 1995, and offer online users from the EU new privacy rights that protect their internet data. The regulation will also force both EU and non-EU companies that handle EU user data to adhere to new rules, and implement new processes in order to comply with the regulation.
Hypertext Transfer Protocol Secure (HTTPS) is the secured version of HTTP, which is tasked with “transferring” the code that makes up a website from a server to a client device. HTTPS websites are secured with the SSL/TLS encryption protocol.
IP (Internet Protocol) addresses identify Internet-connected devices. They allow those devices to communicate and share data over the web. There are 2 versions of IP addresses (IPv4 & IPv6), as well as 2 types (shared & static IP addresses).
IPv4 is the fourth revision of the Internet Protocol. It provides Internet-connected devices with a unique IP address that allows them to communicate over a network. An IPv4 address comes in a 32-bit and decimal format, like this: 22.214.171.124.
IPv6 is the successor to IPv4. It provides devices with a unique IP address that allows them to communicate over a network. IPv6 uses a hexadecimal and 128-bit format with 2 possible configurations: pure (y:y:y:y:y:y:y:y) and dual formats (y:y:y:y:y:y:x.x.x.x.).
A keylogger is a piece of hardware or software that records the keystrokes on a keyboard – to monitor user activity. They are mostly used to send sensitive data (credit card numbers, user passwords, etc.) to malicious third parties.
A VPN killswitch is a safety mechanism that stops all network traffic if the VPN server is experiencing connectivity issues, the user’s connection is unreliable, or when switching server countries. This prevents the user’s real IP from being discovered.
Malware (malicious software) is software or a piece of code that is designed with bad intentions in mind: hindering system performance, stealing sensitive user data, monitoring user activity, deleting personal and system files, hijacking the system altogether, and so on.
During a man-in-the-middle (MITM) attack, a malicious third party puts itself in-between a legitimate user and a website or online application through various means. This is to intercept and steal sensitive user data such as payment information and login details.
According to the principle of Net Neutrality, ISPs (Internet Service Providers) shouldn’t have the power to block, throttle, or charge more for any type of online content or apps.
OpenVPN is an open-source software and protocol widely used by VPN providers. It makes use of the OpenSSL encryption library – which is based on the highly secure SSL/TLS protocol – to secure its communication tunnels.
Peer-to-peer (P2P) is a type of networking that takes place directly between two or more devices (“peers”), without the need for a traditional client/server architecture. Peer-to-peer is most commonly used for file-sharing (e.g. torrents), cryptocurrency mining, and others.
A type of phishing attack. Victims are redirected to fake websites, either because their system was infected with malware or because their ISP’s/enterprise’s DNS was hacked. Users disclose personal details on the attackers’ website because it appears legitimate.
A type of attack where the attacker pretends to be part of a trusted organization – tricking victims into disclosing personal data. This can be done through phone calls, instant messages, emails, etc. Phishing tactics are also used to spread malware.
A denial of service (DoS) attack that occurs when the ping data packets sent from one device to another are too large. When the system tries to piece together these packets, a buffer overflow causes the system to crash.
Port numbers are considered an extension of the IP address. They allow multiple applications on the same device to access network resources at the same time. Ports are also used to identify what application or service is using the network.
Port forwarding allows communication between an external device – such as a home computer – and services on a private network. Manual port forwarding is commonly used to speed up peer-to-peer file sharing, host and connect to game servers, and more.
A protocol is a set of rules governing how the different parts of a network connection (called layers) interact with each other. There are many protocols used to dictate how the Internet works – such as TCP/IP, HTTP, HTTPS, and so on.
A proxy is a computer which acts as an intermediary between a user’s device and a target server. Most users rely on proxies to hide their IP address, access geo-blocked content and prevent malicious software from infecting their device.
Ransomware is a dangerous type of malware (malicious software) that can lock down a computer and/or encrypt a user’s files or the entire harddrive – all while demanding a ransom to unblock the system and regain access to the files.
A rootkit is a piece of software that allows full, remote access to a device, without the user having any knowledge that such software is running. Rootkits are often used by cyberattackers to hide other malware and traces of them.
A router is a piece of hardware or software which forwards information across a series of routers – usually between devices and websites. When connected to a modem, routers can transmit information to multiple devices on a single, local network.
Spam (or junk mail) is defined as messages that aren’t solicited, come in bulk, and from an anonymous source. It falls into 2 main categories: Usenet and email spam.
Spyware is a type of malware that can collect sensitive personal data (e.g. passwords or credit card information), record phone calls, and even track a smartphone owner’s location. Not all tracking software is considered spyware or used for malicious reasons.
An SQL injection is a cyber attack where a malicious third party sends malicious SQL queries to a database for various purposes, ranging from legitimate user impersonation, to stealing personal user information such as credit card details, bank accounts, etc.
SSL is an encryption protocol previously used for safe transfer of personal data over the Internet. TLS is an upgrade and has replaced SSL. Websites use SSL/TLS certificates to assure users that their information is transmitted over a secure channel.
Symmetric encryption uses a single cryptographic key to encode and decode data transmitted over a network. While more efficient than asymmetric encryption, it is less convenient. The key needs to be shared between the parties involved in the data transfer.
A Trojan horse is a type of malware that tricks users that it is useful. Trojans can hinder system performance, collect and steal personal data, hijack the computer for criminal activity, and even block the entire system for a ransom.
TUN/TAP are virtual network kernel devices, meaning they are essential components of any operating system. Instead of being backed by hardware network adapters, they are supported by software adapters. While TUN is responsible for routing and working with layer 3 data packets, TAP handles network bridging and works with layer 2 data frames. VPNs are an example of a TUN/TAP application. In order for the VPN to properly communicate with a device’s operating system, a TUN/TAP driver is necessary.
Records that are collected and stored by the VPN (or other online service) providers. They contain information such as browsing activity, visited websites, downloaded files, as well as any software that interacts with the VPN in some way.
A computer virus is a type of malware, meaning it performs malicious actions without the user’s knowledge. It “infects” data by modifying files and inserting its code into it. Viruses are self-replicating, which cannot be said about all malware.
A VPN (Virtual Private Network) is a private network that protects the online privacy of web users. It masks the user’s online behavior from any outsiders, including ISPs. VPNs are also used to access geo-restricted content and for other purposes.
Web Real-Time Communication (WebRTC) is a set of open-source APIs that give browsers the capability for seamless audio and video communication, as well as peer-to-peer file transfers – without the need for a third-party application or browser extension.
WEP (Wired Equivalent Privacy) is an encryption algorithm used to secure wireless networks (such as Wi-Fi). It uses an RC4 cipher for encryption, and passcodes called WEP keys for authentication. Nowadays, WEP is considered completely unsecure.
Wi-Fi is often used to refer to Wireless Local Area Network (WLAN) connections. Wireless routers transform data into radio signals through a wireless access point (WAP) and transmit it to Wi-Fi-compatible devices (e.g. phones) through one or more antennas.
A type of malware that lures people into running its malicious code – through infected email attachments, links, instant messages, and others. Once it infects a system, it scans the network for other devices and sends itself through those methods.
WPA and WPA2 (Wi-Fi Protected Access I and II) are two encryption algorithms used to secure Wi-Fi connections. WPA was created as a security upgrade for its predecessor, WEP. WPA2 improves WPA with superior AES encryption.