GF 09 720x478 2x flipped

Cybersecurity Glossary

Cybersecurity is more important than ever. Organizations and individuals face increasingly dangerous risks from sophisticated attacks. Learn about the attack vectors and threat actors endangering your data, best practices, regulations, and more with the most relevant cybersecurity terms and definitions.

Bad Rabbit Ransomware

Bad Rabbit is a notable ransomware attack from 2017 where a file was maliciously installed through a bogus Adobe Flash installer. It encrypted user data and requested a Bitcoin ransom payment, with a similar code structure to the Petya attack. Bad Rabbit originated in Russia and Ukraine, and was spotted in several other countries.


A botnet (bot network) is a chain of Internet-connected devices centrally controlled by a hacker. Botnets are usually created by hijacking unsuspecting computers with malware, and they’re often used to send spam or DDoS attacks.

Compliance Monitoring

In cybersecurity, compliance monitoring refers to evaluating security processes for adherence to legal and internal regulations. Certain industries and regions have specific cybersecurity standards. Compliance monitoring helps organizations ensure they operate legally, protect their data, and avoid potential fines.

Computer Virus

A computer virus is a program, software, or piece of code designed to negatively affect the device or network it infects. They’re spread by malware, phishing scams, social engineering, or virtually any cyberattack method.


Cryptojacking is the use of a device to mine cryptocurrency, without the device owner’s knowledge or permission. It’s usually done by installing malware on an unsuspecting victim’s device, like a computer, phone, or tablet. Mining cryptocurrency requires substantial resources, which makes cryptojacking useful for criminals.


A cyberattack is a wide-ranging term for a malicious attempt to breach networks, systems, or computer infrastructure of an individual or organization. Cyberattacks can take a variety of forms and can come from single actors or organized groups.


Cybersecurity is a catch-all term for the practice of securing systems, networks, and technologies from attacks and unauthorized access. A strong cybersecurity policy is vital to every modern organization.

Denial-of-Service (DoS) Attack

A DoS attack is a common cyberattack where a server, machine, or network is maliciously rendered unusable by a service crash or a flood of requests. DoS attacks prevent legitimate users from accessing the service, usually by overloading it with bogus traffic. These attacks can quickly crash a website.

Distributed Denial-of-Service (DDoS) Attack

A DDoS attack is a cyberattack where a server, system, or network is overloaded with traffic and rendered nonfunctional. A DDoS attack is different from a regular DoS attack in that it is committed by multiple IP addresses or machines, rather than just one.


Encryption is the process of disguising data so it’s impossible to decipher without authorization. Encryption often involves changing information from plaintext to ciphertext. It’s a vital practice for strong data privacy and security.


A firewall is a type of network security that filters incoming and outgoing traffic. It acts as a barrier between a trusted, internal network and an unknown, external network–like the Internet.

GDPR (General Data Protection Regulation)

GDPR is a data privacy law in the European Union that regulates the collection and processing of personal data. Businesses that operate in the EU need a strong cybersecurity framework to comply with the GDPR to avoid substantial penalties.

HIPAA Compliance

In cybersecurity and IT, HIPAA (Health Insurance Portability and Accountability Act) compliance is a set of stringent regulations regarding privacy and security of protected health information (PHI). Not adhering to HIPAA compliance can lead to substantial fines.


Malware is a type of malicious software (hence the name) designed to disrupt a victim’s computer, server, or network. It’s a catch-all term for software like viruses, trojan horses, ransomware, spyware, worms, and more.

Packet Loss

Packet loss is a data transmission error when pieces of data (packets, in this case) don’t make it to their intended destination. Packet loss is usually caused by network congestion, software bugs, cyberattacks, or hardware issues.

Proxy Server

A proxy server acts as an intermediary or gateway between a user and the Internet. It’s the middleman between an end user and a network resource and it can provide an added layer of security.


A sandbox is a computer security term for an isolated environment where any suspicious or unknown code can run without putting the host device or network at risk. Sandboxes are vital in cybersecurity to vet and analyze potential threats.


Spam is unsolicited junk email sent in bulk. Most spam messages are sent with commercial interests in mind, but some more nefarious spam messages can include malware or phishing attempts.

Trojan Horse

A trojan horse is a catch-all term for malware that is disguised to look unsuspicious. Trojans usually spread via social engineering to give attackers unauthorized access to computers and networks.


A VPN—or virtual private network—allows you to maintain online anonymity while using the Internet. VPN’s often hide IP addresses and encrypt user data, making them useful for privacy enthusiasts or people who use public Wi-Fi.


WannaCry was a massive ransomware attack in 2017 that impacted over 200,000 computers across 150 countries, causing billions of dollars in damages. Several sources identified North Korea as the origin of the attack.

Watering Hole Attack

A watering hole attack is a threat vector that targets a specific group of users by compromising a website they frequently visit. The watering hole refers to predators who wait for prey by the watering hole—in this case, a compromised website.

See Abnormal in Action

Schedule a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
Integrates Insights Reporting 09 08 22