The online threat landscape evolves daily. New malware variants, phishing campaigns and attack techniques are constantly emerging, targeting businesses of all sizes.
Understanding the language of cybersecurity is the first step toward protecting your organisation. Below is a practical glossary of common IT threats your business should be prepared to face.
Advanced Persistent Threat (APT)
A stealthy, long-term network intrusion designed to remain undetected while attackers quietly gather data. APTs typically target specific organisations and aim for sustained access rather than immediate disruption.
Adware
Software that automatically displays advertisements, usually within web browsers. While often bundled with free programs, adware can degrade performance, create privacy concerns and sometimes introduce additional security risks.
Botnet
A network of compromised devices remotely controlled by a hacker. Botnets are used to send spam, launch Distributed Denial of Service attacks and distribute malware. Infected machines often operate without the owner’s knowledge.
Brute-Force Attack
An attack method where a system is repeatedly bombarded with password attempts until the correct combination is discovered. Weak or short passwords are especially vulnerable to this tactic.
Command and Control Server (C&C)
A central server used by attackers to communicate with compromised devices. Malware installed on infected systems receives instructions from the C&C server and may send stolen data back to it.
Dictionary Attack
A password-cracking method that uses common words, phrases or previously leaked credentials to guess login details. Often combined with brute-force techniques.
Distributed Denial of Service (DDoS)
An attack in which multiple systems flood a target server with traffic, overwhelming it and forcing it offline. DDoS attacks are commonly carried out using botnets.
Exploit
A tool or technique designed to take advantage of a known software vulnerability. Exploits can be used to steal data, install malware or gain unauthorised access.
Keylogging
The recording of keystrokes using malicious software or hardware. Keyloggers are often used to capture login credentials, financial information and sensitive communications without the victim’s awareness.
Malware
Short for malicious software, malware is a broad term covering any intrusive program designed to damage, disrupt or gain unauthorised access. This includes viruses, ransomware, spyware and trojans.
Phishing
A social attack that tricks users into revealing sensitive information through deceptive emails, messages or websites. Phishing often impersonates trusted organisations such as banks or government agencies.
Ransomware
Malware that encrypts files or systems and demands payment in exchange for a decryption key. Payment does not guarantee recovery. Ransomware can severely disrupt operations and cause data loss.
Social Engineering
Manipulative tactics that exploit human behaviour rather than technical vulnerabilities. Attackers may impersonate executives, IT staff or vendors to bypass security controls.
Spam
Unsolicited or unwanted email messages. While often viewed as a nuisance, spam frequently contains malicious links or attachments that can initiate attacks.
Spear Phishing
A targeted form of phishing tailored to a specific individual or organisation. These attacks use personalised details to appear legitimate and increase the likelihood of success.
Spoofing
The act of disguising malicious communications as legitimate ones. This can include fake email addresses, cloned websites or falsified caller IDs designed to deceive recipients.
Spyware
Malware that secretly collects information from a device and transmits it to an attacker. Spyware is designed to operate unnoticed, often harvesting credentials or monitoring activity.
Trojan
Also known as a Trojan horse, this malware disguises itself as legitimate software. Once installed, it creates a backdoor that allows attackers ongoing access to the system.
Virus
A self-replicating malicious program that spreads between systems and devices. Viruses can corrupt data, disrupt operations and degrade performance.
Vulnerability
A flaw or weakness in software or hardware that can be exploited by attackers. Vulnerabilities are typically addressed through security patches and updates.
Zero-Day Exploit
An attack that targets a vulnerability before the software vendor has released a fix. Because no patch exists at the time of exploitation, zero-day threats can be especially dangerous.
Stay Safe Online with eManaged
Cyber threats are constantly evolving. While this glossary covers many common terms, it only represents part of the broader threat landscape.
The most effective defence combines strong technology controls, proactive monitoring and informed users.
If you would like to strengthen your organisation’s cybersecurity posture or better understand how these threats impact your environment, contact eManaged on 1300 363 308.
Knowledge is the first layer of defence. Action is the second.