KnowBe4 - 词汇表

这是一个更新的词汇表,基于我们在 Sunbelt Software 作为防病毒开发人员以及在 KnowBe4 作为安全意识培训和模拟网络钓鱼领域的全球最大平台的多年经验。 我们在此将其作为资源共享。每个字母都以按字母顺序的首字母缩略词开头,然后是完整的单词。(最后更新于 2021 年 12 月 14 日)

中英对比

A

ACH
Automatic Clearing House, companies that do Electronic Funds Transfers. There is a tremendous amount of cybercrime and fraud connected to this area.
自动清算所,进行电子资金转账的公司。有大量的网络犯罪和欺诈与该领域相关。
ACL(访问控制列表)
Access Control List. Access Control is a system or technique for allowing or denying access. Passwords and other types of ID are access controls. In Windows, an access control list (ACL) is a list of access control entries (ACE). Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee.
访问控制是一种允许或拒绝访问的系统或技术。密码和其他类型的 ID 是访问控制。在 Windows 中,访问控制列表(ACL) 是访问控制条目 (ACE) 的列表。ACL 中的每个 ACE 都标识一个受托人,并为该受托人指定允许、拒绝或审核的访问权限。
AD(活动目录)
Active Directory. AD is a directory service (a database really) that a network administrator uses to control network security. A server running Active Directory is called a domain controller. AD authenticates and authorizes all users, computers and software in a Windows network—assigning and enforcing security policies for all computers and installing or updating software. See Wikipedia. If you want to have your own software communicate with Active Directory, you use the so called “Lightweight Directory Access Protocol” (See LDAP futher below ). In our case, we want to communicate with our customer’s AD (using LDAP) to synchronize changes in new users and people leaving the company with the database of users on our side so that there is much less or no user management left to do for the system admin at our customer.
活动目录。AD 是网络管理员用来控制网络安全的目录服务(实际上是一个数据库)。 运行Active Directory的服务器 称为域控制器。AD 对 Windows 网络中的所有用户、计算机和软件进行身份验证和授权——为所有计算机分配和实施安全策略以及安装或更新软件。参见维基百科. 如果您想让自己的软件与 Active Directory 通信,则可以使用所谓的“轻量级目录访问协议”(请参阅下面的 LDAP 进一步内容)。在我们的案例中,我们希望与客户的 AD 通信(使用 LDAP),以将新用户和离开公司的人员的更改与我们这边的用户数据库同步,以便为我们客户的系统管理员。
One other word related to Active Directory is “OU” or “Organizational Unit” since we allow our users to specify what they want to synchronize by both security group and OU. Here is a good definition: An organizational unit (OU) is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. You can create organizational units to mirror your organization’s functional or business structure.
与 Active Directory 相关的另一个词是“OU”或“组织单位”,因为我们允许我们的用户通过安全组和 OU 指定他们想要同步的内容。这是一个很好的定义: 组织单位 (OU) 是 Active Directory 中的一个细分,您可以在其中放置用户、组、计算机和其他组织单位。您可以创建组织单位来反映您组织的职能或业务结构。
AUP(可接受的使用政策
Acceptable Use Policy. A policy that defines the actions that network users are allowed to perform. Used both inside private organizations, ISPs and public entities like libraries.
可接受的使用政策。定义允许网络用户执行的操作的策略。在私人组织、ISP 和公共实体(如图书馆)中使用。
AV
In our world, short for Antivirus, not (Audio/Visual). A program that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents.
在我们的世界中,是 Antivirus 的缩写,而不是 (Audio/Visual)。一种监视计算机或网络以识别所有主要类型的恶意软件并防止或遏制恶意软件事件的程序。
API(应用程序接口)
Application Programming Interface. An application programming interface (API) is an interface given to a software program so that other software can interact with it, much in the same way that software has a user interface in order to allow humans to interact with it. Here is another way to look at it: “An API, short for application programming interface, is a series of rules. To be even clearer, it is an information middleman. APIs allow for an application to extract information from a piece of software and use that information in their own application, or sometimes for data analysis. In the plainest terms, an API is a blueprint that enables “your stuff” to talk to and work with “their stuff.” See Wikipedia.
应用程序接口。应用程序编程接口 (API) 是提供给软件程序的接口,以便其他软件可以与其交互,这与软件具有用户界面以允许人类与其交互的方式非常相似。这是另一种看待它的方式:“ API,应用程序编程接口的缩写,是一系列规则。更清楚地说,它是一个信息中间人。API允许应用程序从一个软件中提取信息并在他们自己的应用程序中使用这些信息,或者有时用于数据分析。 用最简单的术语来说,API 是一个蓝图,它使“你的东西”能够与“他们的东西”交谈和工作。 请参阅维基百科
APT
Short: Advanced Persistent Threat (APT) refers to prolonged, stealthy attacks that are generally difficult to detect and may go on for many months before they are discovered. An APT is a threat that is targeted, persistent, evasive and advanced. A key difference between most malware and an APT is the ATP’s ability to persist — that is, to evade detection by network security controls while still collecting and extracting data.
简而言之:高级持续性威胁 (APT) 是指长期、隐蔽的攻击,通常难以检测到,可能会持续数月才能被发现。APT 是一种具有针对性、持久性、规避性和高级性的威胁。大多数恶意软件和 APT 之间的一个主要区别是 ATP 的持久性——也就是说,在仍然收集和提取数据的同时逃避网络安全控制的检测。
Long: An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g., cyber, physical, etc.). These objectives typically include establishing and extending footholds within the information technology infrastructure of the targeted organizations for purposes of exfiltrating information, undermining or impeding critical aspects of a mission, program, or organization; or positioning itself to carry out these objectives in the future. The advanced persistent threat: (i) pursues its objectives repeatedly over an extended period of time; (ii) adapts to defenders’ efforts to resist it; and (iii) is determined to maintain the level of interaction needed to execute its objectives.
拥有复杂专业知识和重要资源的对手,使其能够通过使用多种攻击媒介(例如,网络、物理等)来创造机会来实现其目标。这些目标通常包括在目标组织的信息技术基础设施内建立和扩展立足点,以窃取信息、破坏或阻碍任务、计划或组织的关键方面;或定位自己以在未来实现这些目标。高级持续威胁:(i) 在很长一段时间内反复追求其目标;(ii) 适应捍卫者抵抗它的努力;(iii) 决心维持执行其目标所需的互动水平。
ASLR(Address Space Layout Randomization、地址空间布局随机化
Address Space Layout Randomization. A security feature in the Windows OS which randomly assigns executable code to 256 potential RAM locations, trying to protect against buffer overflow attacks.
地址空间布局随机化。Windows 操作系统中的一项安全功能,可将可执行代码随机分配给 256 个潜在的 RAM 位置,以防止缓冲区溢出攻击。
ActiveX
The brand name of a group of Microsoft technologies that allow for special additional features in HTML. You implement ActiveX with “controls”, but using these can open the door to hackers as it makes the attack surface a lot bigger.
一组允许在 HTML 中使用特殊附加功能的 Microsoft 技术的品牌名称。您可以使用“控件”来实现 ActiveX,但是使用这些控件可以为黑客打开大门,因为它会使攻击面变得更大。
Advance-fee fraud(预付费欺诈)
A type of scam in which a cybercriminal persuades a potential victim to help transfer a substantial amount of money to an account. The victim is offered a commission for facilitating the transaction or multiple transactions. Many Nigerian scams, also called the 419 scam, are a prime example of advance-fee fraud.
一种网络犯罪分子说服潜在受害者帮助将大量资金转入账户的骗局。向受害者提供佣金以促进交易或多项交易。许多尼日利亚骗局,也称为 419 骗局,是预付费欺诈的典型例子。
Agile Software Development(敏捷软件开发)
Fast and flexible software development methodology that is used by KnowBe4 for rapid development of our products. See Wikipedia.
KnowBe4 使用快速灵活的软件开发方法来快速开发我们的产品。参见维基百科
Adware(广告软件)
Adware is any software which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive, and can be used by cyber criminals to steal confidential information.
广告软件是在计算机上安装软件后或在使用应用程序时自动播放、显示或下载广告到计算机的任何软件。某些类型的广告软件也是间谍软件,可归类为侵犯隐私的软件,可被网络犯罪分子用来窃取机密信息。
Algorithm(算法)
A set of rules to be followed in problem-solving operations. You can use algorithms for practically any kind of computer debugging or handling malware. Here is a YouTube example of a very popular encryption algorithm: SHA-256.
在解决问题的操作中要遵循的一组规则。您可以将算法用于几乎任何类型的计算机调试或处理恶意软件。这是一个非常流行的加密算法的YouTube 示例:SHA-256。
Angler Phishing(Angler钓鱼)
Angler phishing is the practice of masquerading as a customer service account on social media, hoping to reach a disgruntled consumer.
钓鱼者网络钓鱼是一种在社交媒体上伪装成客户服务帐户的做法,希望能接触到心怀不满的消费者。
Anti-Phishing Working Group(反钓鱼工作组)
The Anti-Phishing Working Group (APWG) is an international consortium that brings together businesses affected by phishing attacks, security products and services companies, law enforcement agencies, government agencies, trade association, regional international treaty organizations and communications companies. See Wikipedia.
反网络钓鱼工作组 (APWG) 是一个国际联盟,汇集了受网络钓鱼攻击影响的企业、安全产品和服务公司、执法机构、政府机构、贸易协会、区域性国际条约组织和通信公司。参见维基百科
ASC(反间谍软件联盟、Anti-Spyware Coalition)
The Anti-Spyware Coalition (ASC) is a group dedicated to building a consensus about definitions and best practices in the debate surrounding spyware and other potentially unwanted technologies.
反间谍软件联盟 (ASC) 是一个致力于在围绕间谍软件和其他潜在有害技术的辩论中就定义和最佳实践达成共识的组织。
Attack surface(攻击面)
The “attack surface” of a software environment is all the points (the “attack vectors”) where an attacker can try to penetrate the network. More at Wikipedia. An organization’s “phishing attack surface” is all the email addresses of that domain that can be found by the bad guys.
软件环境的“攻击面”是攻击者可以尝试渗透网络的所有点(“攻击向量”)。更多在维基百科。组织的“网络钓鱼攻击面”是该域的所有电子邮件地址,可以被坏人找到。
Attack vector(攻击向量)
An “attack vector” in simple terms is any way, direction or method to get into a network. Some examples of attack vectors can be un-patched software, badly written code that allows for buffer overflows, or social engineering using infected phishing attachments.
简单来说,“攻击向量”是进入网络的任何方式、方向或方法。攻击媒介的一些示例可能是未打补丁的软件、允许缓冲区溢出的编写不当的代码或使用受感染的网络钓鱼附件的社会工程。
Authentication(验证)
A process that provides proof that the person who is trying to log in is in fact legit and authorized to access the network.
提供证据证明尝试登录的人实际上是合法的并被授权访问网络的过程。
AV-test.org
An organization in Germany run by Andreas Marx, which provides independent antivirus testing for AV Vendors and for magazines like PCWorld. They are here.
由 Andreas Marx 在德国经营的一个组织,为 AV 供应商和 PCWorld 等杂志提供独立的防病毒测试。他们在这里

B

BEC
Short for Business Email Compromise, which is also known as CEO Fraud. Also See EAC and VEC.
Business Email Compromise 的简称,也称为CEO Fraud。另见 EAC 和 VEC。
BIC
The FBI has coined a this “deepfake attack vector” name: Business Identity Compromise, it is BEC on steroids.
联邦调查局创造了一个这个“深度伪造攻击媒介”的名字:商业身份妥协,它是类固醇(?)上的 BEC。
BGP(边界网关协议)
Border Gateway Protocol. BGP is often likened to a GPS navigation service for the internet, enabling infrastructure players to swiftly and automatically determine routes for sending and receiving data across the complex digital topography. And like your favorite GPS mapping tool, BGP has quirks and flaws that don’t usually cause problems, but can occasionally land you in major traffic jams.
边界网关协议。BGP 通常被比作互联网的 GPS 导航服务,使基础设施参与者能够快速、自动地确定在复杂的数字地形中发送和接收数据的路线。和您最喜欢的 GPS 映射工具一样,BGP 也有一些怪癖和缺陷,通常不会引起问题,但偶尔会让您陷入严重的交通拥堵。
BGP hijack(BGP劫持)
BGP hijacks (Border Gateway Protocol) take place when an ISP announces the wrong Internet route to a specific destination. In most cases, BGP hijacks are accidents, such as typos, and result in worldwide Internet providers sending large swaths of traffic to the wrong servers.
BGP 劫持(边界网关协议)发生在 ISP 宣布到特定目的地的错误 Internet 路由时。在大多数情况下,BGP 劫持是意外,例如拼写错误,并导致全球互联网提供商将大量流量发送到错误的服务器。
But there are also incidents when malicious ISPs intentionally announce a wrong BGP route in order to hijack traffic meant for particular targets, such as crucial DNS servers, financial services, government sites, military domains, and more. The purpose of these malicious BGP hijacks is the have traffic meant for those targets flow through the malicious ISP’s network, where it can sniff its content or carry out Man-in-the-Middle attacks. For instance, this really happened. all traffic for Washington DC was routed to China for a few hours. Guess who was sniffing the data…
但也有恶意 ISP 故意宣布错误的 BGP 路由以劫持特定目标(例如关键 DNS 服务器、金融服务、政府站点、军事领域等)的流量时发生的事件。这些恶意 BGP 劫持的目的是让这些目标的流量流经恶意 ISP 的网络,在那里它可以嗅探其内容或进行中间人攻击。例如,这真的发生了。华盛顿特区的所有交通都在几个小时内被路由到中国。猜猜谁在嗅探数据……
BHO(浏览器帮助对象)
Browser Helper Object. Designed by Microsoft with the best of intentions, BHO’s were intended as ‘plug-ins’ to add functionality (like toolbars) to Internet Explorer. Unfortunately, malware authors have also exploited the power of BHO’s for other purposes such as spreading malware.
浏览器帮助对象。由 Microsoft 出于最好的意图设计的 BHO 旨在作为“插件”向 Internet Explorer 添加功能(如工具栏)。不幸的是,恶意软件作者还利用 BHO 的强大功能用于其他目的,例如传播恶意软件。
BYOD(自带设备)
Bring Your Own Device. It’s your network, but it’s their personal device, either a phone, tablet or laptop. What could go wrong? Mobile devices are a fabulous way for hackers to penetrate the network using social engineering techniques. Mobile device security has not kept up with mobile device malware and if hackers can infect a mobile device, it’s an easy way to hack into the network.
自带设备。这是您的网络,但它是他们的个人设备,无论是手机、平板电脑还是笔记本电脑。什么可能出错?移动设备是黑客使用社会工程技术渗透网络的绝佳方式。移动设备安全没有跟上移动设备恶意软件的步伐,如果黑客可以感染移动设备,这是入侵网络的简单方法。
Baiting(诱饵)
Baiting means dangling something in front of a victim so that they take action. It can be through a peer-to-peer or social networking site in the form of a (porn) movie download or it can be a USB drive labeled “Q1 Layoff Plan” left out in a public place for the victim to find. Once the device is used or malicious file is downloaded, the victim’s computer is infected allowing the criminal to take over the network.
诱饵意味着在受害者面前晃来晃去的东西,以便他们采取行动。它可以是通过点对点或社交网站以(色情)电影下载的形式进行的,也可以是标有“Q1 裁员计划”的 USB 驱动器,被遗弃在公共场所供受害者找到。一旦设备被使用或恶意文件被下载,受害者的计算机就会被感染,从而使犯罪分子能够接管网络。
Backdoor(后门)
A backdoor in a PC is a method of bypassing normal authentication, obtaining remote access to a PC, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or malware could modify existing software on the PC creating a backdoor that way. Here is an overview of the threat types, categories and their descriptions.
PC 中的后门是一种绕过正常身份验证,获取对 PC 的远程访问,同时试图保持不被发现的方法。后门可能采用已安装程序(例如 Back Orifice)的形式,或者恶意软件可以修改 PC 上的现有软件,从而创建后门。以下是威胁类型、类别及其描述的概述
Backlog(积压)
Term from Agile software development. Also called ‘Sprint Backlog’. It is a list of items left to be done. See ‘Agile’, ‘Burndown’, and ‘Sprint’.
敏捷软件开发的术语。也称为“Sprint Backlog”。这是一个尚待完成的项目列表。参见“敏捷”、“燃尽”和“冲刺”。
Battlecard(战斗卡)
A document that Sales uses internally, which lists the strengths and the weaknesses of a specific competitor combined with the strengths of our own product.
销售人员在内部使用的文件,其中列出了特定竞争对手的优势和劣势以及我们自己产品的优势。
Banker Trojan(银行木马)
Banker Trojans, designed to steal financial information entered into browser-based online forms are the cybercriminals’ answer to the crackdown on keylogging. In addition to snatching form input, Banker Trojans are also designed to trick users into visiting web sites designed to look authentic. Once there, users are prompted for personal information causing identity theft.
旨在窃取基于浏览器的在线表格的金融信息的银行家木马是网络犯罪分子对打击键盘记录的回应。除了抢夺表单输入之外,银行家木马还旨在诱使用户访问旨在看起来真实的网站。到达那里后,系统会提示用户输入个人信息,从而导致身份盗用。
Bayesian filtering(贝叶斯过滤)
An old-ish statistical method mainly used as a baseline to filter out spam which does not work very well. The bad guys have found many ways around it.
一种古老的统计方法,主要用作过滤垃圾邮件的基线,效果不佳。坏人已经找到了很多方法来解决它。
Behavioral Detections(行为检测)
Antivirus detects malware using signatures, heuristics and behavior. The behavior-based method varies by product.
防病毒软件使用签名、启发式方法和行为检测恶意软件。基于行为的方法因产品而异。
Behavioral Economics(行为经济学)
Behavioral economics studies the effects of psychological, cognitive, emotional, cultural and social factors on the decisions of individuals and institutions. It wasn’t until 1970 that behavioral economics came of age thanks to the work of Israeli social scientists, Nobel Prize winning economist, Daniel Kahneman and Amos Tversky. Kahneman and Tversky found significant evidence that humans, in certain circumstances, show a systematic pattern of deviation from the norm or rational judgment.
行为经济学研究心理、认知、情感、文化和社会因素对个人和机构决策的影响。直到 1970 年,由于以色列社会科学家、诺贝尔经济学奖获得者 Daniel Kahneman 和 Amos Tversky 的工作,行为经济学才成熟。Kahneman 和 Tversky 发现了重要的证据,表明人类在某些情况下会表现出偏离规范或理性判断的系统模式。
Beta Testing(测试版)
Testing performed by a group of customers in a live application of the software, at one or more end user sites, in an environment not controlled by the developer.
由一组客户在软件的实时应用程序中、在一个或多个最终用户站点、在不受开发人员控制的环境中执行的测试。
Blacklist/black list(黑名单)
A list of known bad files, bad domains or bad email addresses you do not want mail from. The first two are blocked by Antivirus when the user tries to access them. Bad email addresses (senders) can be blocked in a variety of ways. Also see Whitelist.
您不希望收到邮件的已知错误文件、错误域或错误电子邮件地址的列表。当用户尝试访问前两个时,防病毒软件会阻止它们。可以通过多种方式阻止错误的电子邮件地址(发件人)。另请参阅白名单。
Blended Malware(混合恶意软件)
Malware often contains more than one malicious technology. It can have the characteristics of a worm, but use virus technology to infect other machines, and behave like a Trojan. The malicious code is a blend of technologies. This is the thing that system administrators fear the most, by survey.
恶意软件通常包含不止一种恶意技术。它可以具有蠕虫的特性,但利用病毒技术感染其他机器,表现得像木马。恶意代码是多种技术的混合。根据调查,这是系统管理员最害怕的事情。
Bloatware(膨胀软件)
Software that takes a lot of CPU and Memory resources while running on the computer. Antivirus companies have been adding more and more code over the years to protect against increasingly sophisticated malware. But they are using LOTS of CPU and RAM to do it, and so system admins call these traditional AV vendors as creating ‘bloatware’.
在计算机上运行时会占用大量 CPU 和内存资源的软件。多年来,防病毒公司一直在添加越来越多的代码,以防范日益复杂的恶意软件。但是他们使用了大量的 CPU 和 RAM 来做到这一点,因此系统管理员将这些传统的 AV 供应商称为创建“膨胀软件”。
Bogus Redirection(虚假重定向)
A process that captures traffic addressed to a legitimate website and sends (redirects) it to a different website instead. Some malware does automatic redirection to fool users into thinking they’re interacting with a valid and legitimate site rather than a malicious one.
捕获发送到合法网站的流量并将其发送(重定向)到其他网站的过程。一些恶意软件会自动重定向,以欺骗用户认为他们正在与有效且合法的站点而不是恶意站点进行交互。
Boot Virus(启动病毒)
A virus that infects the Master Boot Record (MBR) of a hard disk drive.
一种感染硬盘驱动器主引导记录 (MBR) 的病毒。
Buffer overflow(缓冲区溢出)
Also called “buffer overrun”. Simplified, it’s a case of sloppy coding which allows an attacker to write data to a memory buffer, overruns that buffer’s boundary, and overwrites the memory next to it with executable code that they can then use to hack into the system.
也称为“缓冲区溢出”。简而言之,这是一种草率编码的情况,它允许攻击者将数据写入内存缓冲区,超出该缓冲区的边界,并用可执行代码覆盖旁边的内存,然后他们可以使用这些代码入侵系统。
A more technical explanation is as follows: In computer security, a buffer overrun, or buffer overflow, is an unwanted condition where a process stores data in a memory buffer outside the memory the programmer set aside for it. This extra data overwrites adjacent memory, which may result in a variety of errors, including a breach of system security. Hackers try to trigger buffer overflows with inputs that are designed to execute malicious code. Here is a short video on Youtube explaining that process.
更技术性的解释如下:在计算机安全中,缓冲区溢出或缓冲区溢出是一种不需要的情况,其中进程将数据存储在程序员为其预留的内存之外的内存缓冲区中。这些额外的数据会覆盖相邻的内存,这可能会导致各种错误,包括破坏系统安全。黑客试图通过旨在执行恶意代码的输入来触发缓冲区溢出。这是Youtube 上解释该过程的简短视频
Bug
A fault in a program which causes the program to perform in an unintended or unanticipated manner.
程序中导致程序以意外或意外方式执行的故障。
Burndown(烧掉)
A term used in ‘agile’ software development, a method that KnowBe4 uses. The burndown chart is a publicly displayed chart showing remaining work in the sprint backlog. Updated every day, it gives a simple view of the sprint progress. It also provides quick visualizations for reference. See ‘Scrum’, and ‘Sprint’.
“敏捷”软件开发中使用的一个术语,KnowBe4 使用的一种方法。燃尽图是一个公开显示的图表,显示冲刺待办事项中的剩余工作。每天更新,它提供了冲刺进度的简单视图。它还提供快速可视化以供参考。参见“Scrum”和“Sprint”。
Bot, spam bot, ddos bot(机器人、垃圾邮件机器人、ddos 机器人)
Software, owned and controlled by the bad guys, that lives on infected PCs and runs autonomously. See ‘Botnet’ and ‘DDOS’.
由坏人拥有和控制的软件存在于受感染的 PC 上并自主运行。请参阅“僵尸网络”和“DDOS”。
Botnet, also called ‘Bot army’(僵尸网络,也称为“僵尸军队”)
Botnet is a jargon term for a collection of software robots, or ‘bots’, that live on infected PCs and run autonomously. While botnets are often named after their malicious software name, there are typically multiple botnets in operation using the same malicious software families, but operated by different criminal entities. Botnets do many bad things, like spew out spam, attack other PCs or web servers, or send back confidential data to the botnet command-and-control (C&C) servers. They are managed by a “Bot Herder”.
僵尸网络是一组软件机器人或“机器人”的行话,它们存在于受感染的 PC 上并自主运行。虽然僵尸网络通常以其恶意软件名称命名,但通常有多个僵尸网络在运行,使用相同的恶意软件系列,但由不同的犯罪实体操作。僵尸网络会做很多坏事,例如发出垃圾邮件、攻击其他 PC 或 Web 服务器,或者将机密数据发送回僵尸网络命令和控制 (C&C) 服务器。它们由“Bot Herder”管理。
Bot Herder(机器人牧羊人)
The bad guy, who attacks other systems with the botnet(s) that he owns.
使用他拥有的僵尸网络攻击其他系统的坏人。
Browser Hijacker(浏览器劫持者)
A malicious piece of software that changes the web browser’s settings without the permission of the user.
一种恶意软件,可在未经用户许可的情况下更改 Web 浏览器的设置。
Examples: change the Home page to another site, changes the search engine default page and other activities, generally attempting to force hits to a certain website to boost that site’s advertising revenue.
示例:将首页更改为其他站点,更改搜索引擎默认页面等活动,一般是试图强制点击某个网站以增加该网站的广告收入。
Brute force attack(暴力破解攻击)
A Brute Force Attack is a relatively simple, automated method to gain access to a system. The brute force software tries usernames and passwords, over and over again, until it gets in. It’s not very sophisticated, but when users have passwords like ‘123456’ and usernames like ‘admin’, it’s very effective. They are an attack on the weakest link in IT security: the user.
暴力破解攻击是一种相对简单的自动化方法来访问系统。蛮力软件一遍又一遍地尝试用户名和密码,直到它进入。它不是很复杂,但是当用户有像“123456”这样的密码和像“admin”这样的用户名时,它非常有效。它们是对 IT 安全中最薄弱环节:用户的攻击。

C

C&C server aka “C2” server(C&C 服务器又名“C2”服务器)
Command & Control Server used to run botnets. See ‘Botnet’.
用于运行僵尸网络的命令和控制服务器。请参见“僵尸网络”。
CVE
The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities) and exposures. The United States’ National Cybersecurity FFRDC, operated by The Mitre Corporation, maintains the system, with funding from the US National Cyber Security Division of the US Department of Homeland Security.[1] The system was officially launched for the public in September 1999.[2]The Security Content Automation Protocol uses CVE, and CVE IDs are listed on Mitre’s system as well as in the US National Vulnerability Database.[3] More at WIKIPEDIA
通用漏洞披露CVE)系统提供的公知的参考法信息安全漏洞)和暴露。美国国家网络安全 FFRDCThe Mitre Corporation运营,在美国国土安全部美国国家网络安全部的资助下维护该系统。[1]该系统正式对公众在1999年9月推出[2]安全内容自动化协议利用CVE和CVE ID是上斜的系统,以及在美国上市的国家漏洞数据库[3] 更多见维基百科
CARA(合规审计准备评估)
Compliance Audit Readiness Assessment. CARA is a free tool that helps you gauge your organization’s readiness in meeting compliance requirements for the CMMC.
合规审计准备评估。CARA 是一款免费工具,可帮助您评估组织在满足 CMMC 合规性要求方面的准备情况。
CEO Fraud(首席执行官欺诈)
Spear phishing attacks focusing on people in Accounting, claiming they are the CEO and to urgently transfer large amounts of money. CEO fraud is a form of social engineering that took flight during 2015.
针对会计人员的鱼叉式网络钓鱼攻击,声称他们是首席执行官并紧急转移大量资金。CEO 欺诈是2015 年流行的一种社会工程形式。
CDSBA(加州数据库安全违规法案)
California Database Security Breach Act. CA State law which requires disclosure to CA residents if their PII or PHI has been stolen or is believed to have been stolen (See PII and/or PHI). If more than 500 records are stolen, lawyers almost immediately file a class-action lawsuit.
加州数据库安全违规法案。如果加州居民的 PII 或 PHI 被盗或被认为被盗(参见 PII 和/或 PHI),加利福尼亚州法律要求向他们披露。如果超过 500 条记录被盗,律师几乎会立即提起集体诉讼。
CDW
CDW is the world’s largest high-tech reseller. They are a DMR, a Direct Market Reseller also known as an e-tailer which is a company that sells directly to consumers online without operating storefront operations of any kind.
CDW 是世界上最大的高科技经销商。他们是 DMR,直接市场经销商,也称为电子零售商,是一家直接在线向消费者销售产品的公司,无需经营任何形式的店面业务。
CIA
Information Security term meaning Confidentiality, Integrity, and Availability. It is a model designed to guide policies for information security within an organization. Confidentiality is a set of rules that limits access to information. Integrity is the assurance that the information is relevant, accurate and trustworthy. Availability is a guarantee of ready access to the information by authorized people.
信息安全术语意味着机密性、完整性和可用性。 它是一种旨在指导组织内信息安全策略的模型。 机密性是一组限制信息访问的规则。 完整性是对信息相关、准确和可信的保证。 可用性是授权人员随时访问信息的保证。
CISO(首席信息安全官)
Chief Information Security Officer
CSO(首席安全官)
Chief Security Officer
CMMC
Cybersecurity Maturity Model Certification (CMMC) framework, required by the US Department of Defense (DoD).
美国国防部 (DoD) 要求的网络安全成熟度模型认证 (CMMC)框架。
COPPA(儿童在线隐私保护法)
Children’s Online Privacy Protection Act. A U.S. Federal Law that requires owners of social media sites and websites directed at children under 13 to get parental consent before the site collects and uses the child’s personal information.
儿童在线隐私保护法。美国联邦法律要求面向 13 岁以下儿童的社交媒体网站和网站的所有者在网站收集和使用儿童的个人信息之前获得父母的同意。
Catfishing
A scheme in which a person uses social media to pretend to be someone they’re not, typically to engage in misleading online romances. To “catfish” is to “lure someone into a relationship by adopting a fictional online persona.” The person doing the deceiving is the catfish.
一个人使用社交媒体假装不是他们的人的计划,通常是为了参与误导性的在线恋情。 “鲶鱼”是“通过采用虚构的在线角色来引诱某人建立关系”。欺骗的人是鲶鱼。
Channel(渠道)
Companies often have partners that help them get to market and sell to the ultimate end user. These companies are called channel partners or often just for short: ‘The Channel”.
公司通常有合作伙伴来帮助他们进入市场并向最终用户销售产品。这些公司被称为渠道合作伙伴或简称:“渠道”。
Ciphertext(密文)
Data that has been encrypted and cannot be read by a human, as opposed to cleartext.
与明文相反,已加密且人类无法读取的数据。
Cleartext(明文)
Data that has not been encrypted and can be read by a human, as opposed to cyphertext. Sending credit card data over the Internet in cleartext is an invitation to disaster. Storing confidential information on hard disk without encrypting it is making a hacker’s life easy.
与密文相反,未经加密且可以被人类读取的数据。在 Internet 上以明文形式发送信用卡数据是灾难的诱因。将机密信息存储在硬盘上而不对其进行加密使黑客的生活变得轻松。
Clickbait(点击诱饵)
En eyecatching link or controversial story on a website which encourages people to read on. Can also be used to get users to click on links to malware.
鼓励人们继续阅读的网站上引人注目的链接或有争议的故事。还可用于让用户点击指向恶意软件的链接。
Cloud computing(云计算)
The name ‘cloud computing’ was inspired by the cloud symbol that is often used to represent the Internet in flow charts and diagrams. It means using applications that live on the Internet instead of on your PC or your corporate server. SalesForce.com is a good example, but there are many others. The advantage is that someone else takes care of the hardware and software, (for a fee). There are different categories of cloud computing, here are a few: Software as a Service (SaaS), Utility Computing, and Managed Service Providers (MSP).
“云计算”这个名字的灵感来自于通常用于在流程图和图表中表示 Internet 的云符号。这意味着使用位于 Internet 上的应用程序,而不是位于您的 PC 或公司服务器上的应用程序。SalesForce.com 是一个很好的例子,但还有很多其他例子。优点是其他人负责硬件和软件(收费)。云计算有不同的类别,这里有一些:软件即服务 (SaaS)、实用计算和托管服务提供商 (MSP)。
Cloud-based(基于云)
A computing model where a company does not have its own servers, but rents server space in large datacenters. KnowBe4 lives in the Amazon cloud.
一种公司没有自己的服务器,而是在大型数据中心租用服务器空间的计算模型。KnowBe4 存在于亚马逊云中。
Code Complete(代码完成)
A stage of the software release life cycle when all the features are coded. At this point lots of testing and a Beta test is needed before the software would be ready for release. See ‘PMD’. See Wikipedia.
软件发布生命周期的一个阶段,所有功能都已编码。此时,在软件准备好发布之前需要进行大量测试和 Beta 测试。参见“PMD”。参见维基百科
Code Signing Certificate(代码签名证书)
When a software company releases a software product they should sign the application with a code signing certificate that identifies the application as created by them and that the application has not been modified by anyone else. Antivirus companies use this for whitelisting of good applications by the company that signed the application, for example DELL, Microsoft, Apple, etc. They also use this for blacklisting all applications from certain companies like known to create unwanted software.
当软件公司发布软件产品时,他们应该使用代码签名证书对应用程序进行签名,该证书标识由他们创建的应用程序并且该应用程序未被其他任何人修改。防病毒公司使用此功能将签署应用程序的公司(例如 DELL、Microsoft、Apple 等)的良好应用程序列入白名单。他们还使用此功能将某些公司的所有应用程序(例如已知会创建不需要的软件)列入黑名单。
Cognitive Bias(认知偏差)
Cognitive biases are systematic errors in human thinking and decision making (Tversky & Kahneman, 1974). Exploited by social engineering, but is also the cause of bad business decisions. Great article here. And there is a very useful KnowBe4 blog post by Perry Carpenter with useful links here.
认知偏差是人类思维和决策中的系统性错误(Tversky & Kahneman,1974)。被社会工程学利用,但也是导致错误商业决策的原因。很棒的文章在这里。Perry Carpenter 有一篇非常有用的 KnowBe4 博客文章,这里有有用的链接。
Company Extinction Event (CEE)(公司灭绝事件)
A bug so severe that it would cripple the service you provide so bad, that it would kill the whole company. For instance, antivirus are very powerful engines, so it has the power to bite very hard and make a brick out of people’s workstations instantly, by the millions. It almost happens now and then to most antivirus companies who regularly dodge bullets like this.
一个严重到会严重削弱您提供的服务的错误,甚至会杀死整个公司。例如,杀毒软件是非常强大的引擎,因此它有能力狠狠地咬住人们的工作站并立即将数以百万计的人变成砖头。大多数经常像这样躲避子弹的防病毒公司几乎不时发生这种情况。
Compatibility Testing(兼容性测试)
The process of determining the ability of two or more systems to exchange information. In a situation where the developed software replaces an already working program, an investigation should be conducted to assess possible comparability problems between the new software and other programs or systems.
确定两个或多个系统交换信息的能力的过程。在开发的软件取代已经运行的程序的情况下,应进行调查以评估新软件与其他程序或系统之间可能存在的可比性问题。
Compliance(遵守)
The action or fact of complying with a wish or command. From “comply” – act in accordance with a wish or command. From Latin “complire” – to fill or fulfill.
遵守愿望或命令的行为或事实。从“服从”——按照愿望或命令行事。源自拉丁语“complire”——填充或完成。
A compliance report is a report to the originator of an order that the order has been done and is a completed cycle. When a compliance officer receives a “done” as a single statement without any evidence, noncompliance can slip through. That is why every compliance report must be accompanied with evidence that shows the cycle is indeed a real “done”. or at the very least an attestation from the Directly Responsible Individual that the task has been completed.
合规报告是向订单发起人报告该订单已完成并且是一个完整的周期。当合规官在没有任何证据的情况下收到“完成”作为单一声明时,违规行为可能会漏掉。这就是为什么每份合规报告都必须附有证明该周期确实是真正“完成”的证据 。 或者至少是直接负责人的证明,任务已经完成。
In the context of KnowBe4 Compliance Manager it means having an (IT) environment that is up to the standards of the regulations of that industry one is in. Many industries are regulated by one law or another and need to comply with that law, for instance HIPAA for Health Care organizations, Sarbanes-Oxley for public companies and many others. Also applicable to PCI compliance which are rules laid down by the Payment Card Industry Data Security Standard (PCI DSS). More here onour website. Here is the graph of the word use over the centuries.
KnowBe4 合规管理器的上下文中,这意味着拥有一个符合所在行业法规标准的 (IT) 环境。例如,许多行业都受到一项或多项法律的监管,需要遵守该法律HIPAA 适用于医疗保健组织,Sarbanes-Oxley 适用于上市公司和许多其他机构。也适用于支付卡行业数据安全标准 (PCI DSS) 规定的 PCI 合规性。更多信息请访问我们的网站。这是几个世纪以来使用这个词的图表。
Computational Propaganda(计算宣传)
The use of algorithms, automation, and big data to shape public life – is becoming a pervasive and ubiquitous part of everyday life.
使用算法、自动化和大数据来塑造公共生活——正在成为日常生活中无处不在的一部分。
Computer Forensics(计算机取证)
Forensic Science dealing with legal evidence found in computers and digital storage media. Computer forensics is also known as digital forensics. It’s simply using special software tools to search for and preserve evidence of a crime. See Wikipedia.
处理在计算机和数字存储介质中发现的法律证据的法医科学。计算机取证也称为数字取证。它只是使用特殊的软件工具来搜索和保存犯罪证据。参见维基百科。
Conficker
Also known as Downup, Downadup and Kido, is a computer worm targeting the Windows operating system, and was first detected in November 2008. It uses flaws in Windows software to make PCs into zombies and link them into a botnet that can be commanded remotely by its criminal owners. Conficker at its peak had more than seven million computers under its control. The worm uses a combination of advanced malware techniques which has made it difficult to counter, and has since spread rapidly into what is now believed to be the largest computer worm infection since the 2003 SQL Slammer. Antivirus catches and quarantines Conficker, but we have to keep on top of this one, as it is being run by very smart bad guys.
也称为 Downup、Downadup 和 Kido,是一种针对 Windows 操作系统的计算机蠕虫,于 2008 年 11 月首次被检测到。它利用 Windows 软件中的缺陷使 PC 成为僵尸并将其链接到一个僵尸网络,该僵尸网络可以由它的犯罪所有者。Conficker 在其巅峰时期拥有超过 700 万台计算机在其控制之下。该蠕虫结合了先进的恶意软件技术,使其难以反击,并迅速蔓延到目前被认为是自 2003 年 SQL Slammer 以来最大的计算机蠕虫感染。防病毒软件会捕获并隔离 Conficker,但我们必须控制住它,因为它是由非常聪明的坏人运行的。
Container(容器)
A simplified look at a container is a set of processes that are isolated from the rest of the system. All the files necessary to run a container are provided from a distinct image. This means that containers are portable and consistent as they move from development, to testing, and finally to production, and you can quickly get a new AWS instance up & running. Here is a sysadmin guide to containers.
容器的简化视图是一组与系统其余部分隔离的进程。 运行容器所需的所有文件都是从一个不同的镜像中提供的。这意味着该 容器 ,因为他们从发展移动,到测试,最后到生产,可以快速得到一个新的AWS实例高达&运行是便携式的,一致的。这是容器的系统管理员指南
Cookie
In its basic form, a short line of text that a web site puts on your computer’s hard drive when you access that web site. That way when you return, that web site knows you were there before and can automate some things for you. But then there are Flash Cookies, invented by Adobe. Those can be described as the cookie trail you probably never knew existed. And because those cookies are held off-site, by Adobe, even clearing your browser cache won’t stop you from being tracked. Flash cookies often share the same values as HTTP cookies. Privacy policies rarely disclose the presence of Flash cookies, and user controls for effectuating privacy preferences are lacking. See ‘Privacy Policy’.
在其基本形式中,当您访问该网站时,该网站放在您的计算机硬盘驱动器上的一小行文本。这样,当您返回时,该网站就会知道您之前在那里,并且可以为您自动执行一些操作。但是还有由 Adobe 发明的 Flash Cookie。那些可以被描述为你可能永远不知道存在的 cookie 踪迹。由于这些 cookie 由 Adobe 保存在场外,即使清除浏览器缓存也不会阻止您被跟踪。Flash cookie 通常与 HTTP cookie 共享相同的值。隐私政策很少披露 Flash cookie 的存在,并且缺乏实现隐私偏好的用户控制。请参阅“隐私政策”。
Crash(碰撞)
The sudden and complete failure of a computer system or component.
计算机系统或组件的突然和完全故障。
Credential-stuffing attacks(凭证填充攻击)
In which hackers rapidly test email and password combinations at a given site or service. These are typically automated processes that prey especially on people who reuse passwords across multiple sites on the internet. Here is an article.
黑客在给定站点或服务上快速测试电子邮件和密码组合。这些通常是自动化流程,特别针对在 Internet 上的多个站点上重复使用密码的人。这是一篇文章
Crimeware(犯罪软件)
Malware intended to steal money from an individual or financial institution.
恶意软件旨在从个人或金融机构窃取资金。
Cybercrime(网络犯罪)
The term Cyber- or Computer crime encompass a broad range of potentially illegal activities. In KnowBe4’s context, we mean crimes that target computer networks or devices and their users directly. A few examples out of many more possible:

  • Malware, including viruses
  • Denial-of-service attacks via Botnets
  • Spear phishing scams, resulting in identity theft, data breaches and other major damage.

网络或计算机犯罪一词涵盖范围广泛的潜在非法活动。在 KnowBe4 的上下文中,我们指的是直接针对计算机网络或设备及其用户的犯罪。举几个例子:

  • 恶意软件,包括病毒
  • 通过僵尸网络的拒绝服务攻击
  • 鱼叉式网络钓鱼诈骗,导致身份盗用、数据泄露和其他重大损失。

Cybercrime Attack Map(网络犯罪攻击地图)
Kaspersky has a live map that shows all cyber attacks going on in real time. You can see it here.
卡巴斯基有一个实时地图,可以实时显示所有网络攻击。你可以在这里看到它
Cyberheist(网络抢劫犯)
Organized crime penetrating the network of an organization and emptying their bank accounts via the Internet. Also the title of a book by KnowBe4’s CEO Stu Sjouwerman for executives of enterprises explaining the dangers of cybercrime. See this.
有组织的犯罪渗透到一个组织的网络并通过互联网清空他们的银行账户。也是 KnowBe4 的首席执行官 Stu Sjouwerman 为企业高管编写的一本书的书名,解释了网络犯罪的危险。看到这个
Cyberterrorist(网络恐怖分子)
An attacker who is motivated by some idealogy and tries to destroy computers, networks and physical infrastructure like water plants, energy plants and commercial infrastructure like stock markets.
受某种理念驱动并试图破坏计算机、网络和物理基础设施(如水厂、能源厂)和商业基础设施(如股票市场)的攻击者。

D

DACH(德语国家)
Short for the combination of german-speaking countries Germany, Austria, and Switzerland.
德语国家德国、奥地利和瑞士组合的简称。
DDoS
A distributed denial of service attack (DDoS). A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Done in various ways, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all.
分布式拒绝服务攻击 (DDoS)。拒绝服务攻击(DoS 攻击)或分布式拒绝服务攻击(DDoS 攻击)是企图使计算机资源对其目标用户不可用。以各种方式完成,它通常包括一个或多个人的共同努力,以防止 Internet 站点或服务有效运行或根本无法运行。
DEP(数据执行保护)
Data Execution Prevention. A security feature in the Windows OS which tries to prevent hackers from using buffer overflow attacks.
数据执行保护。Windows 操作系统中的一项安全功能,旨在防止黑客使用缓冲区溢出攻击。
DHCP(动态主机控制协议)
Dynamic Host Control Protocol. It’s a standardized protocol that dynamically provides IP address assignment from a pool of available IP addresses from an ISP or a network router. A “DHCP lease” is the lease of an IP address to a network user. DHCP is part of the Internet’s TCP/IP protocol suite.
动态主机控制协议。它是一种标准化协议,可从 ISP 或网络路由器的可用 IP 地址池中动态提供 IP 地址分配。“DHCP 租用”是向网络用户租用 IP 地址。DHCP 是 Internet 的 TCP/IP 协议套件的一部分。
DKIM(域密钥识别邮件)
DomainKeys Identified Mail is an important authentication mechanism to help protect both email receivers and email senders from forged and phishing email. Forged email is a serious threat to all parties in an email exchange. See DKIM.org
域密钥识别邮件是一种重要的身份验证机制,可帮助保护电子邮件收件人和电子邮件发件人免受伪造和网络钓鱼电子邮件的侵害。伪造的电子邮件对电子邮件交换中的所有各方都构成严重威胁。见DKIM.org
DLP(数据处理程序)
Data Loss Prevention. DLP is a computer security term referring to systems that identify, monitor, and protect corporate data. The systems are designed to detect and prevent the unauthorized use and transmission of confidential information. See Wikipedia.
数据丢失预防。DLP 是一个计算机安全术语,指的是识别、监控和保护公司数据的系统。这些系统旨在检测和防止未经授权使用和传输机密信息。参见维基百科
DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email-validation system designed to detect and prevent email spoofing. … DMARC is built on top of two existing mechanisms, Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). See Wikipedia.
基于域的消息身份验证、报告和一致性 ( DMARC ) 是一种电子邮件验证系统,旨在检测和防止电子邮件欺骗。… DMARC 建立在两种现有机制之上,即发件人策略框架(SPF) 和域密钥识别邮件 (DKIM)。参见维基百科
DMR
Direct Market Reseller, also known as an e-tailer which is a company that sells directly to consumers online without operating storefront operations of any kind.
Direct Market Reseller,也称为电子零售商,是一家直接在网上向消费者销售产品而无需经营任何店面业务的公司。
DMZ(非军事区)
Demilitarized Zone. A separate computer host or even a small network placed as a “neutral zone” between an organization’s secure private network and the outside insecure Internet. The DMZ does two things:

  1. prevents outside users from getting direct access to a system which has confidential information,
  2. provides Internet access to users in that organization.

非军事区。一个单独的计算机主机,甚至是一个小型网络,作为组织的安全专用网络和外部不安全 Internet 之间的“中立区域”。DMZ 做两件事:

  1. 防止外部用户直接访问包含机密信息的系统,
  2. 为该组织中的用户提供 Internet 访问。

DNS(域名系统 )
Domain Name System: It’s is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. In very simple terms, it translates domain names like www.example.com to a number like 93.184.216.34 that corresponds with a computer on the internet somewhere.
域名系统:它是一种 分层的分散的 命名系统,用于连接到Internet 或专用网络的计算机、服务或其他资源 。用非常简单的术语来说,它将域名(如www.example.com)转换为与互联网上某处计算机对应的数字(如 93.184.216.34)。
DNS Hijacking
DNS hijacking, also known as silent server swaps, is a malicious attack vector that can be used to forcibly redirect web traffic to websites that are either fake or different from the ones you’ve requested. Here is a blog post that explains DNS Hijacking.
DNS 劫持,也称为静默服务器交换,是一种恶意攻击媒介,可用于将 Web 流量强行重定向到虚假网站或与您请求的网站不同的网站。这是一篇解释DNS 劫持的博客文章
DPI(深度包检测)
Deep Packet Inspection. A form of computer network packet filtering. DPI is performed as the packet passes an inspection point, searching for non-compliance, viruses, spam, intrusions or predefined criteria to decide what actions to take on the packet, including collecting statistical information. This is in contrast to shallow packet inspection (usually called Stateful Packet Inspection) which just checks the header portion of a packet. See Wikipedia
深度包检测。计算机网络包过滤的一种形式。DPI 在数据包通过检查点时执行,搜索不合规性、病毒、垃圾邮件、入侵或预定义标准,以决定对数据包采取哪些操作,包括收集统计信息。这与仅检查数据包头部分的浅数据包检查(通常称为状态数据包检查)形成对比。参见维基百科
Data Breach(数据泄露)
A data breach is the intentional or unintentional release of secure information to an untrusted environment. Other terms for this phenomenon include unintentional information disclosure, data leak and also data spill. More at Wikipedia
数据泄露是有意或无意地将安全信息发布到不受信任的环境。这种现象的其他术语包括无意的信息泄露、数据泄漏和数据泄漏。更多在维基百科
Deal Registration(交易登记)
A channel partner (See Channel) does not like to do a lot of marketing and then lose their deal to someone else. The way to prevent this is registering a deal through the channel partner portal where the channel partner can make sure they are protected and get their deal.
渠道合作伙伴(请参阅渠道)不喜欢进行大量营销,然后将交易输给其他人。防止这种情况的方法是通过渠道合作伙伴门户注册交易,渠道合作伙伴可以确保他们受到保护并获得交易。
Decryption(解密)
The process of changing (encrypted) ciphertext back into cleartext.
将(加密的)密文改回明文的过程。
Deepfake(深度伪造)
A video of a person in which their face or body has been digitally altered so that they appear to be someone else, typically used maliciously or to spread false information. Another way to put it is: deepfakes are synthetic media in which a person in an existing image or video is replaced with someone else’s likeness. See Wikipedia.
一个人的面部或身体被数字化改变,使他们看起来像其他人的视频,通常被恶意使用或传播虚假信息。另一种说法是:deepfakes 是合成媒体,其中现有图像或视频中的人被替换为其他人的肖像。参见维基百科
Defense-in-Depth(纵深防御)
Defense in Depth is a security discipline that protects all six levels of an IT infrastructure. including policies, procedures & awareness, perimeter, internal network, host, application and data.
深度防御是一门保护 IT 基础架构所有六个级别的安全学科。包括政策、程序和意识、边界、内部网络、主机、应用程序和数据。
Dictionary Attack(字典攻击)
An automated attack on a password that uses common words from dictionaries and compares these to the password being attacked. If you use a common word from a dictionary as your (very weak) password it’s an invitation to be hacked.
对密码的自动攻击,使用字典中的常用词并将这些词与被攻击的密码进行比较。如果您使用字典中的常用词作为您的(非常弱的)密码,那就是被黑客入侵的邀请。
Digital Certificate(数字证书 )
A digital stamp or electronic document that verifies the identity of a person or organization. The certificate includes a very secure password issued by a reputable certificate authority, such as VeriSign or Thawte.
用于验证个人或组织身份的数字图章或电子文档。该证书包括由信誉良好的证书颁发机构(例如 VeriSign 或 Thawte)颁发的非常安全的密码。
Disinfection(消毒)
Cleaning up a PC that is infected with malware. Disinfection can be done automatically by Antivirus, but sometimes needs to be done manually by our Security Response Team.
清理感染恶意软件的 PC。消毒可以由 Antivirus 自动完成,但有时需要由我们的安全响应团队手动完成。
Disinformation(虚假信息)
False information which is intended to mislead, especially propaganda issued by a government organization to a rival power or the media. These are also called influence campaigns or manipulation campaigns. Disinformation is often forwarded to friends and family and at that point it is called misinformation. Russia invented disinformation under the leadership of Joseph Stalin who created a special agency that took propaganda campaigns to w shole new level called Dezinformatsiya.
旨在误导的虚假信息,尤其是政府组织向敌对势力或媒体发布的宣传。这些也称为影响活动或操纵活动。虚假信息经常被转发给朋友和家人,此时它被称为错误信息。俄罗斯在约瑟夫·斯大林 (Joseph Stalin) 的领导下发明了虚假信息,他创建了一个专门机构,负责开展宣传活动,以建立名为 Dezinformatsiya 的新级别。
Distributor(经销商)
An IT channel distributor is a business that acts as an intermediary between vendors like KnowBe4, resellers like VARS or system integrators (SIs) in the distribution of software or hardware. Here is a more detailed definition.
IT 渠道分销商是在软件或硬件分销中充当 KnowBe4 等供应商、VARS 等经销商或系统集成商 ( SI)之间中介的企业。这里有一个更详细的定义
Disposition [PhishER](处置 [PhishER])
The way in which something is placed or arranged, especially in relation to other things. For PhishER, we mean taking “unknown” emails and arranging them into “clean/spam/threat”.
放置或安排某物的方式,尤其是与其他事物相关的方式。对于 PhishER,我们的意思是接收“未知”电子邮件并将它们整理成“干净/垃圾邮件/威胁”。
DNS Server(DNS服务器)
Domain Name System (DNS) servers map a human-recognizable identifier (e.g. www.KnowBe4software.com) to a computer-recognizable numeric identification (e.g. 64.128.133.188 which is KnowBe4’s Terminal Services machine). See Wikipedia.
域名系统 (DNS) 服务器将人类可识别的标识符(例如 www.KnowBe4software.com)映射到计算机可识别的数字标识(例如,KnowBe4 的终端服务机器 64.128.133.188)。参见维基百科
DST(Domain Spoof Test、域欺骗测试)
A service that KnowBe4 provides, which sends an email to a prospect that is spoofed to come from their own domain. This is not supposed to be able to get through to them. Their mail server needs to be configured so that these emails from the outside that have an inside email address are deleted. Request a free DST here.
KnowBe4 提供的一项服务,它向潜在客户发送一封电子邮件,该电子邮件被伪装成来自他们自己的域。这不应该能够通过他们。他们的邮件服务器需要进行配置,以便删除这些来自外部且具有内部电子邮件地址的电子邮件。在此处申请免费夏令时
Doppelgänger (Domain)(分身(域))
Is an “evil twin” domain that looks very much like your own domain but is malicious. It uses punycode (see below) and homographs (see below) to deceive the end-user they are clicking on a legit domain. bad guys are using punycode and homographs to create domains that look almost identical to the original. KnowBe4 has a free tool you can run to see if your domain has evil twins. It’s called Domain Doppelgänger and you can find it here.
是一个“邪恶双胞胎”域,它看起来非常像您自己的域,但却是恶意的。它使用punycode(见下文)和同形异义词(见下文)来欺骗他们点击合法域的最终用户。坏人正在使用 punycode 和同形异义词来创建看起来与原始域几乎相同的域。KnowBe4 有一个免费工具,您可以运行它来查看您的域是否有邪恶的双胞胎。它称为 Domain Doppelg ä nger,您可以在此处找到它
Downloader, also Rogue Downloader(下载器,也是流氓下载器)
Scam applications often are not the first unwanted program to land on a person’s system. A Downloader, such as Trojan.Zlob infect the system first and then download the misleading application to the computer. Once the downloaded application is installed and ready, the malware that installed it will inform the user that they are infected with a new, previously unknown threat. This can be done through a “balloon message” that appears in the lower right-hand side of the system. The misleading application will then present itself and either pretend to download or run a scan of the system.
诈骗应用程序通常不是第一个登陆个人系统的有害程序。下载程序,例如 Trojan.Zlob,首先感染系统,然后将误导性应用程序下载到计算机。一旦下载的应用程序安装完毕并准备就绪,安装它的恶意软件会通知用户他们感染了一种新的、以前未知的威胁。这可以通过出现在系统右下方的“气球消息”来完成。然后,误导性应用程序会出现并假装下载或运行系统扫描。
Drive-by-download, also called Drive-by-install(驱动下载,也称为驱动安装)
Something bad got installed on a user’s PC without their knowledge or consent. It is a transfer of software from a web server to an unsuspecting user’s computer. It occurs in the background, with no notification, when a user visits a particular web page. A user need only access the web page to be subject to the download. Such downloads usually include malware when some kind of scam or attack is under way. The expression is used in four increasingly strict technical meanings. See Wikipedia for those.
在用户不知情或未同意的情况下,在用户的 PC 上安装了一些不好的东西。它是将软件从 Web 服务器传输到毫无戒心的用户计算机的过程。当用户访问特定网页时,它发生在后台,没有通知。用户只需访问要进行下载的网页。当某种骗局或攻击正在进行时,此类下载通常包含恶意软件。该表达有四种越来越严格的技术含义。有关这些,请参阅维基百科
Dumpster diving(垃圾箱潜水)
Dumpster diving involves looking in the trash for any valuable information, like data written on pieces of paper or computer printouts. The hacker can often find passwords, filenames, or other pieces of confidential information.
垃圾箱潜水涉及在垃圾桶中寻找任何有价值的信息,例如写在纸上的数据或计算机打印输出。黑客通常可以找到密码、文件名或其他机密信息。

E

EAC(电子邮件帐户泄露)
EAC is short for Email Account Compromise, a close relative of BEC. The primary difference is with EAC, criminals target individuals rather than businesses to initiate fraudulent wire transfers.
EAC 是Email Account Compromise 的缩写,是BEC 的近亲。主要区别在于 EAC,犯罪分子针对个人而非企业发起欺诈性电汇。
EDR(端点检测和响应)
Endpoint Detection and Response (also see XDR)
端点检测和响应(另见 XDR)
EFT(电子转帐)
Electronic Funds Transfer
电子转帐
EEC(电子邮件暴露检查)
Email Exposure Check. KnowBe4 provides a free Email Exposure Check for prospects. We do a ‘deep search’ in the Internet’s search engines for all email addresses that belong to a certain domain. We are able to look into PDFs, Word and Excel files as well. IT security specialists call it the ‘phishing attack surface’. Customers that buy the GOLD package get sent an EEC every month. The EEC has been upgraded to EEC Pro spring 2018 and delivers more information.
电子邮件暴露检查。KnowBe4为潜在客户提供免费的电子邮件暴露检查。我们在 Internet 的搜索引擎中对属于某个域的所有电子邮件地址进行“深度搜索”。我们还可以查看 PDF、Word 和 Excel 文件。IT 安全专家将其称为“网络钓鱼攻击面”。购买 GOLD 套餐的客户每个月都会收到一个 EEC。EEC 已升级为 EEC Pro spring 2018 并提供更多信息。
EICAR
The EICAR virus (pronounced eye-car) was developed as a sample virus that is used in the IT security industry to see if antivirus is working. It’s completely safe, it’s only used to test the basic functionality of antivirus.
EICAR 病毒(发音为 eye-car)是作为样本病毒开发的,用于 IT 安全行业以查看防病毒软件是否正常工作。它是完全安全的,仅用于测试杀毒软件的基本功能。
EOL(停产)
End Of Life. Software industry lingo meaning a product will be retired and no longer supported.
生命的尽头。软件行业行话意味着产品将被淘汰且不再受支持。
ERP(企业资源规划)
ERP stands for Enterprise Resource Planning and refers to software and systems used to plan and manage all the core supply chain, manufacturing, services, financial and other processes of an organization.
ERP 代表企业资源规划,是指用于规划和管理组织的所有核心供应链、制造、服务、财务和其他流程的软件和系统。
EULA(终止用户许可协议)
End-User License Agreement. (That thing no one ever reads…) A software license agreement is a contract between the “licensor” and purchaser of the right to use computer software. The license may define ways under which the copy can be used, in addition to the automatic rights of the buyer. Many EULAs are only presented to a user as a click-through where the user must “accept” and is then allowed to install the software.
终止用户许可协议。(没人读过的那件事……)(😂😂😂)软件许可协议是“许可方”和计算机软件使用权购买者之间的合同。除了买方的自动权利外,许可证还可以定义可以使用副本的方式。许多 EULA 仅作为点击呈现给用户,用户必须“接受”,然后才能安装软件。
Email Antivirus Scanning(电子邮件防病毒扫描)
Scanning enterprise email for antivirus can be done in four (!) different spots.

  • At an email hosting company, where enterprise email is outsourced
  • At the perimeter by a dedicated gateway product
  • On the Exchange or Linux mailserver itself, Antivirus Email Security products do this and scan the Exchange Store for malware
  • On the workstation, where Antivirus Enterprise Agents can scan incoming email for malware.

可以在四个 (!) 不同的位置扫描企业电子邮件的防病毒软件。

  • 在电子邮件托管公司,企业电子邮件外包
  • 在外围通过专用网关产品
  • 在 Exchange 或 Linux 邮件服务器本身上,防病毒电子邮件安全产品会执行此操作并扫描 Exchange 商店中的恶意软件
  • 在工作站上,Antivirus Enterprise Agent 可以扫描传入电子邮件中的恶意软件。

Endpoint(端点)
Another word for the workstation that is used by an end-user in an organization. Refers to a computer or device at the end of a network cable. The PC you are reading this from is called an ‘endpoint’ by system administrators. Symantec calls their corporate antivirus Symantec Endpoint Protection (SEP).
组织中最终用户使用的工作站的另一种说法。指网络电缆末端的计算机或设备。您正在阅读本文的 PC 被系统管理员称为“端点”。赛门铁克将其企业防病毒软件称为 Symantec Endpoint Protection (SEP)。
Enrich [PhishER](丰富 [PhishER])
Improve or enhance the quality or value of. When adding additional data about reported emails we are giving the admin more at a glance information about what they are looking at, thus we are enriching the messages.
改善或提高质量或价值。添加有关报告电子邮件的其他数据时,我们会向管理员提供有关他们正在查看的内容的更多信息,因此我们正在丰富消息。
Ethics Policy(道德政策)
A policy created for employees in an organization which is supposed to be a guide and a reference for said employees that helps them make day-to-day decisions which are “the greatest good for the greatest number”. Also known as a “Code of Ethics”. As opposed to “Acceptable Use Policy” which is more like a Moral Code with hard “survival” rules about do’s and dont’s to keep the organization alive.
为组织中的员工制定的政策,应该为上述员工提供指南和参考,帮助他们做出“对大多数人来说最大的好处”的日常决策。也称为“道德准则”。与“可接受的使用政策”相反,后者更像是一种道德准则,其中包含关于该做什么和不该做什么的硬“生存”规则,以保持组织的活力。
Exchange(交换)
Short for ‘Microsoft Exchange Server’ which handles corporate email (and more). There are Antivirus Security Products for Exchange which protect the Exchange server against viruses and spam. MS-Exchange is out there in five versions, 2003, 2007, 2010, 2012 and 2014.
处理企业电子邮件(及更多)的“Microsoft Exchange Server”的缩写。有用于 Exchange 的防病毒安全产品可保护 Exchange 服务器免受病毒和垃圾邮件的侵害。MS-Exchange 有五个版本,2003、2007、2010、2012 和 2014。
Exploit, sometimes called zero-day exploit(漏洞利用,有时称为零日漏洞利用)
An exploit (French, meaning “achievement”) is (usually malicious) software that takes advantage of a bug, glitch or vulnerability in other code in order to cause unintended or unanticipated behavior to occur, and control of a computer system can be gained. See ‘Zero-day’.
漏洞利用(法语,意思是“成就”)是(通常是恶意的)软件,它利用其他代码中的错误、故障或漏洞来导致意外或意外行为的发生,从而获得对计算机系统的控制。参见“零日”。
Exploit Kit(漏洞利用工具包 )
An Exploit Kit (EK) is a malicious piece of code installed on a compromised web server designed to find vulnerabilities (flaws, weaknesses or mistakes in software apps) in the systems (clients) that request data from the server, and use the vulnerabilties to gain access into that (client) system. EKs are used in the first stages of a cyber attack, because they have the ability to download malicious files and feed the attacked system with malicious code after infiltrating it. Example: The owner of A PC with old versions of Flash and the Firefox browser was social engineered to go to a legit but compromised website. The EK discovered the old software versions, looked in its database of known vulnerabilties, and used exploits to take over the PC and infect it with ransomware.
漏洞利用工具包 (EK) 是安装在受感染 Web 服务器上的一段恶意代码,旨在查找向服务器请求数据的系统(客户端)中的漏洞(软件应用程序中的缺陷、弱点或错误),并利用这些漏洞访问该(客户端)系统。EK 用于网络攻击的第一阶段,因为它们有能力下载恶意文件,并在渗透后向受攻击系统提供恶意代码。示例:装有旧版 Flash 和 Firefox 浏览器的 PC 的所有者经过社会工程改造,可以访问合法但遭到破坏的网站。EK 发现了旧软件版本,查看了已知漏洞的数据库,并使用漏洞来接管 PC 并用勒索软件感染它。

F

419 Scam(419 骗局)
Scams originating from Nigeria are called 419 scams as the number “419” refers to the article of the Nigerian Criminal Code dealing with fraud. Most of the scams are very old, have been used earlier with fax and snail mail, and are now used on the Internet. There is a whole industry in Nigeria around these scams.
源自尼日利亚的诈骗被称为 419 诈骗,因为数字“419”指的是尼日利亚刑法中关于诈骗的条款。大部分骗局都非常古老,早先在传真和蜗牛邮件中使用过,现在在互联网上使用。尼日利亚有一个整个行业围绕这些骗局。
Fake News(假新闻)
Fake news is the promotion and propagation of news articles via social media. These articles are promoted in such a way that they appear to be spread by other users, as opposed to being paid-for advertising. The news stories distributed are designed to influence or manipulate users’ opinions on a certain topic towards certain objectives.
假新闻是通过社交媒体宣传和传播新闻文章。这些文章的宣传方式似乎是由其他用户传播,而不是付费广告。发布的新闻故事旨在影响或操纵用户对特定主题的意见,以实现特定目标。
FEDRAMP
In many areas of information security the federal government lags behind private industry. But FedRAMP is where the federal government used its buying power to drive higher levels of security in the broader commercial markets and led the way in adopting more secure use of the Internet and Internet-based services. FedRAMP provides a level playing field for assessing the security of cloud services to a known standard, including ongoing monitoring and visibility to issues and responses.
在许多信息安全领域,联邦政府落后于私营企业。但 FedRAMP 是联邦政府利用其购买力在更广泛的商业市场中推动更高安全水平的地方,并率先采用更安全的互联网和基于互联网的服务。FedRAMP 为根据已知标准评估云服务的安全性提供了一个公平的竞争环境,包括持续监控以及对问题和响应的可见性。
FP(假阳性)
False Positive. In the antivirus world this means a file is flagged as malicious (and possibly quarantined) when it isn’t. This can cause the computer to malfunction. In the antispam world an FP means that a legit email was flagged as spam and quarantined.
假阳性。在防病毒世界中,这意味着文件被标记为恶意(并且可能被隔离),而实际上并非如此。这可能会导致计算机出现故障。在反垃圾邮件世界中,FP 意味着合法电子邮件被标记为垃圾邮件并被隔离。
Feature Complete(功能完成)
A product build is called feature complete when the product team agrees that functional requirements of the system are met and no new features will be put into the release, but significant software bugs may still exist. This happens at the Beta stage in the Software Development Life Cycle (SDLC).
当产品团队同意满足系统的功能要求并且不会在发布中加入新功能,但可能仍然存在重大软件错误时,产品构建被称为功能完成。这发生在软件开发生命周期 (SDLC) 的 Beta 阶段。
Firewall(防火墙)
Short: A device or software product that can block attacks by filtering data packets.
简称:可以通过过滤数据包来阻止攻击的设备或软件产品。
Long: A firewall is designed to block unauthorized access while permitting authorized communications. Either hardware or software, it is configured to permit or deny all (in and out) computer traffic based upon a set of rules and other criteria. There are several types of firewalls. See Wikipedia. In KnowBe4 we use the term ‘human firewall’ to indicate all users are trained to a point where they do not fall for any social engineering tricks.
Long:防火墙旨在阻止未经授权的访问,同时允许授权的通信。无论是硬件还是软件,它都被配置为根据一组规则和其他标准允许或拒绝所有(进出)计算机流量。有几种类型的防火墙。参见维基百科。在 KnowBe4 中,我们使用术语“人类防火墙”来表示所有用户都接受过培训,以至于他们不会陷入任何社会工程技巧。
Flashing(闪烁)
The process you use to rewrite the contents of EPROM like the BIOS. An EPROM is a read-only memory chip whose contents can be erased and reprogrammed.
用于像 BIOS 一样重写 EPROM 内容的过程。EPROM 是一种只读存储器芯片,其内容可以被擦除和重新编程。
Forensics(取证)
In our context, “digital forensic science” that deals with legal evidence found in computers and digital storage media. The goal is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting evidence of a cybercrime.
在我们的上下文中,“数字取证科学”处理在计算机和数字存储介质中发现的法律证据。目标是以法医上合理的方式检查数字媒体,目的是识别、保存、恢复、分析和提供网络犯罪的证据。

G

GLBA(自己总结:金融个人隐私保护法案)
The Gramm-Leach-Bliley Act (GLBA, pronounced “glibba”), also known as the Financial Modernization Act of 1999, is a U.S. federal law that requires banks and financial institutions to protect private information of individuals.
Gramm-Leach-Bliley 法案(GLBA,读作“glibba”),也称为 1999 年的金融现代化法案,是一项美国联邦法律,要求银行和金融机构保护个人的私人信息。
GRC(治理、风险和合规)
Governance, risk and compliance (GRC) refers to a strategy for managing an organization’s overall governance, enterprise risk management and compliance with regulations. Think of GRC as a structured approach to aligning IT with business objectives, while effectively managing risk and meeting compliance requirements.
治理、风险和合规 ( GRC ) 是指管理组织的整体治理、企业风险管理和法规遵从性的策略。将 GRC 视为使 IT 与业务目标保持一致的结构化方法,同时有效管理风险并满足合规性要求。
Gamification(游戏化)
Gamification is the addition of gaming features or principles to something that typically does not have a gaming element—in our case, security awareness training and e-learning content. Gamification has been shown to improve user engagement by increasing people’s inherent ambition to compete, achieve, or master. Studies have shown that when people are intrinsically motivated to complete a task, they learn better and retain more information.
游戏化是将游戏功能或原则添加到通常没有游戏元素的东西上——在我们的例子中,是安全意识培训和电子学习内容。游戏化已被证明可以通过增加人们竞争、实现或掌握的内在野心来提高用户参与度。研究表明,当人们有完成任务的内在动机时,他们会学得更好并保留更多信息。
Gaslight(煤气灯)
Manipulate (someone) by psychological means into questioning their own sanity. “in the first episode, Karen Valentine is being gaslighted by her husband”
通过心理手段操纵(某人)质疑他们自己的理智。“在第一集中,凯伦瓦伦丁被她的丈夫点燃了”
Gateway(网关)
Device or software that is between the internal network and the external network.
位于内部网络和外部网络之间的设备或软件。
Grey IT(灰色 IT)
Employees in the organization installing and implementing technology without going through normal channels, getting no approval, and no IT and/or InfoSec buy-in. It is not allowed as per the KnowBe4 Acceptable Use Policy.
组织中的员工在没有通过正常渠道、没有获得批准、没有 IT 和/或信息安全支持的情况下安装和实施技术。根据 KnowBe4 可接受使用政策,这是不允许的。
Greyware(灰色软件)
A Potentially Unwanted Program, also called “PUP”.
潜在不需要的程序,也称为“PUP”。

H

HIBP(我有没有被骗过)
Have I Been Pwned. The name of a service run by Troy Hunt, where you can check if your credentials are part of a data breach. Some KnowBe4 tools like Password Exposure Test integrate with this site.
我有没有被骗过。由Troy Hunt运行的服务的名称,您可以在其中检查您的凭据是否属于数据泄露的一部分。一些 KnowBe4 工具(如密码暴露测试)与此站点集成。
HIPAA
The Health Insurance Portability and Accountability Act, was enacted by the United States Congress and signed by President Bill Clinton in 1996. It requires healthcare organizations to protect personal health information. (See PHI)
《健康保险流通与责任法案》由美国国会颁布,并于 1996 年由比尔克林顿总统签署。它要求医疗保健组织保护个人健康信息。(见 PHI)
HIPS(主机入侵防御系统)
Host Intrusion Prevention System. Intrusion prevention systems (IPS) are a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. See Wikipedia
主机入侵防御系统。入侵防御系统 (IPS) 是一种网络安全设备,可监控网络和/或系统活动是否存在恶意或不需要的行为,并可实时做出反应以阻止或阻止这些活动。参见维基百科
HDR(人体检测和响应)
Human Detection and Response. Combining KnowBe4’s leading platform for security awareness training and simulated phishing testing with real-time behavior analysis and micro-learning results in the creation of a new cybersecurity category called “Human Detection and Response (HDR)”. See Press Release
人体检测和响应。将 KnowBe4 领先的安全意识培训和模拟网络钓鱼测试平台与实时行为分析和微学习结果相结合,创建了一个新的网络安全类别,称为“人类检测和响应 (HDR)”。 见新闻稿
Hacker(黑客)
Originally: A person who has advanced computer skills, is enthusiastic and skillful. If they attack computers it is not done with malicious intent. Recently though the definition has changed and means anyone who illegally breaks into or tries to break into networks and/or computers.
原文:计算机技术高超的人,热心、善巧。如果他们攻击计算机,则并非出于恶意。最近虽然定义发生了变化,指的是任何非法闯入或试图闯入网络和/或计算机的人。
Ham(火腿)
About 90% of email that goes through the internet is spam. In the antispam business, the other (good) 10% is called ‘ham’. (no joke)
通过 Internet 发送的电子邮件中约有 90% 是垃圾邮件。在反垃圾邮件业务中,其他(好的)10% 称为“火腿”。(可不是闹着玩的)
Heuristics(启发式)
Heuristic comes from the Greek for “find” or “discover”. They are experience-based techniques that help in problem solving. Heuristics are “rules of thumb”, or educated guesses. Antivirus uses heuristics in the form of dynamic pattern assessment to determine if a code sample is malware.
启发式来自希腊语,意为“查找”或“发现”。它们是基于经验的技术,有助于解决问题。启发式是“经验法则”,或有根据的猜测。防病毒软件以动态模式评估的形式使用启发式方法来确定代码样本是否为恶意软件。
Heuristic Detections(启发式检测)
Antivirus detects malware using signatures, heuristics and behavior.
防病毒软件使用签名、启发式方法和行为检测恶意软件。
Homograph(同形异义词)
A term used to describe when two or more characters have shapes that are similar or identical. A simple example is the number zero and a capital letter “o”, it’s easy to confuse an O a 0.
用于描述两个或多个字符具有相似或相同形状时的术语。一个简单的例子是数字零和大写字母“o”,很容易将 O 与 0 混淆。
Honeyclient(蜜客户端)
These are like honeypots, but instead of lying totally dormant, they emulate user’s surfing behavior and can catch malware that way.
它们就像蜜罐,但不是完全处于休眠状态,而是模拟用户的上网行为,并可以通过这种方式捕获恶意软件。
Honeydoc(蜜博士)
A file on a PC or server that sits equipped with a beacon, waiting to be stolen and then calls home to tell its owner where it is and who stole it.
PC 或服务器上装有信标的文件,等待被盗,然后打电话回家告诉所有者它在哪里以及谁偷了它。
Honeypot(蜜罐)
A PC that sits, unprotected, on the Internet waiting to get infected through the FTP and HTTP threat vectors.
位于 Internet 上的未受保护的 PC,等待通过 FTP 和 HTTP 威胁媒介感染。
Honeytrap(蜜饯)
A social engineering trick that makes men interact with a fictitious attractive female online. From old spy tactics where a real female was used.
一种社交工程技巧,可让男性在网上与虚构的有吸引力的女性互动。来自使用真正女性的旧间谍策略。
Hotfix(修补程序)
A new version of the software that fixes a bug or adds a new feature.
修复错误或添加新功能的软件的新版本。
Human Firewall(人体防火墙)
With our information systems under aggressive attack, we cannot ignore any layer of the defense-in-depth model. The human element of cyber security is too often overlooked. Workforce cyber preparedness is urgently needed. Security Awareness Training can pay off by training users on what they can do to prevent malicious activity and what to do in the event of such activity. It helps people to see their identity as an important part of keeping their organization secure and that what they do matters.
由于我们的信息系统受到攻击性攻击,我们不能忽视纵深防御模型的任何层。网络安全的人为因素经常被忽视。迫切需要劳动力网络准备。安全意识培训可以通过培训用户如何防止恶意活动以及在发生此类活动时该怎么做来获得回报。它帮助人们将自己的身份视为保持组织安全的重要组成部分,并且他们所做的事情很重要。
Hijacker, also called ‘Homepage hijacking’(劫持者,也称为“主页劫持”)
Spyware that changes the default homepage someone has, to a site that displays ads, a different search engine, or worse, porn. They are very hard to get rid of for the average consumer.
间谍软件将某人拥有的默认主页更改为显示广告的网站、不同的搜索引擎,或者更糟糕的是,色情内容。对于普通消费者来说,它们很难摆脱。

I

IC3
The FBI’s Internet Crime Complaint Center. They are here.
FBI 的互联网犯罪投诉中心。 他们在这里
IAB
Initial Access Brokers. IABs are threat actors who sell access to malicious services and play a crucial role in the ransomware-as-a-service economy. IABs facilitate network intrusions by selling remote access to a computer in a compromised organization and link opportunistic campaigns with targeted attacks, often ransomware operators. IABs don’t undertake ransomware attacks but sell access to a compromised network that is then used by ransomware gangs and others. More here.
初始访问代理。IAB 是威胁参与者,他们出售对恶意服务的访问权限,并在勒索软件即服务经济中发挥着至关重要的作用。IAB 通过出售对受感染组织中计算机的远程访问权限来促进网络入侵,并将机会主义活动与有针对性的攻击(通常是勒索软件运营商)联系起来。IAB 不进行勒索软件攻击,而是出售对受感染网络的访问权,然后该网络被勒索软件团伙和其他人使用。 更多在这里
ICSA Labs
ICSA Labs provides vendor-neutral testing and certification for security products and solutions. Here they are.
ICSA Labs 为安全产品和解决方案提供供应商中立的测试和认证。他们在这里
IDN(国际化域名)
Internationalized Domain Name - A domain name that contains at least one language-specific set of characters. A “normal” domain name, such as KnowBe4.com, uses only Latin characters (those normal ABCs that America thinks are normal). A domain like KnöwBe4.com (see the “o”?) would be an example of an Internationalized Domain Name.
国际化域名 - 包含至少一组特定于语言的字符的域名。“正常”域名,例如 KnowBe4.com,仅使用拉丁字符(美国认为正常的那些正常 ABC)。像KnöwBe4.com这样的域 (见“o”?)将是国际化域名的一个例子。
IDS(入侵检测系统)
Intrusion Detection System. An Intrusion detection system (IDS) is a network security device (or software) that monitors network and/or system activities for malicious or unwanted behavior. Also see ‘HIPS’
入侵侦测系统。入侵检测系统 (IDS) 是一种网络安全设备(或软件),用于监控网络和/或系统活动是否存在恶意或不需要的行为。另见“HIPS”
IoC(入侵指标)
Indicators of compromise (IoCs) are “pieces of forensic data, such as data found in system log entries or files, that identify potentially malicious activity on a system or network.” Indicators of compromise aid information security and IT professionals in detecting data breaches, malware infections, or other threats.
入侵指标 (oOC) 是“取证数据片段,例如在系统日志条目或文件中发现的数据,用于识别系统或网络上的潜在恶意活动。” 危害指标有助于信息安全和 IT 专业人员检测数据泄露、恶意软件感染或其他威胁。
ISP
Internet Service Provider.
互联网服务提供商。
ItW(在野)
In The Wild. ItW is the name for malware that is supposed to be out there in the wild. Opposed to the ‘Wildlist’ which is the official CURRENT actual list. That list can change every month. Something that is on the Wildlist is ALWAYS ItW but something that is ItW listed doesn’t necessarily have to be in the actual Wildlist.
在野外。ItW 是应该存在于野外的恶意软件的名称。反对“Wildlist”,这是官方当前的实际列表。该列表可能每个月都在变化。Wildlist 上的东西总是 ItW,但 ItW 列出的东西不一定必须在实际的 Wildlist 中。
Identity Theft(身份盗窃)
Taking someone else’s Social Security Number, Address and other important personal information to establish false credentials and commit fraud. A good example is the creation of fraudulent credit card accounts, racking up charges which are then left unpaid, leaving the identity theft victim with the credit card debt and a ruined credit rating.
使用他人的社会安全号码、地址和其他重要的个人信息来建立虚假凭据并实施欺诈。一个很好的例子是创建欺诈性信用卡账户,累积费用,然后未付,让身份盗窃受害者背负信用卡债务和信用评级。
Incident Response (IR、事件响应)
In the event that the security of a system has been compromised, a quick incident response is necessary. It is the responsibility of the security team to respond to the problem quickly and effectively. An example would be a security team’s actions against a hacker who has penetrated a firewall and is currently sniffing internal network traffic. The incident is the breach of security. The response depends upon how the security team reacts, what they do to minimize damages, and when they restore resources, all while attempting to guarantee data integrity. (See Forensics).
如果系统的安全性受到损害,则需要快速的事件响应。快速有效地响应问题是安全团队的责任。一个例子是安全团队对已经穿透防火墙并且当前正在嗅探内部网络流量的黑客采取的行动。该事件是违反安全的。响应取决于安全团队的反应方式、他们采取的措施以最大限度地减少损害,以及他们何时恢复资源,同时试图保证数据完整性。(见取证)。
Information Security(信息安全)
Information security is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
信息安全是保护信息和信息系统免受未经授权的访问、使用、披露、中断、修改、阅读、检查、记录或破坏。
Ingest [PhishER](摄取 [PhishER])
Take into the body by swallowing or absorbing it. In the case of PhishER, email messages are ingested—taken into— into the system and arrive in the PhishER console for processing.
通过吞咽或吸收进入体内。在 PhishER 的情况下,电子邮件消息被摄取 - 进入 - 系统并到达 PhishER 控制台进行处理。

J

JSON
Once upon a time there was one computer. Then someone built a second one and wanted some code off the first computer. That meant we needed a way to move information without dependencies on the underlying hardware. Since then, there have been many character encoding and interchange standards (ASCII, EBCIDIC, SGML, XML, etc.) that have had their time in the spotlight. For the past few years, JavaScript Object Notation (JSON) has been the most popular. More.
从前有一台电脑。然后有人建造了第二台计算机并希望从第一台计算机上获取一些代码。这意味着我们需要一种在不依赖底层硬件的情况下移动信息的方法。从那时起,出现了许多备受关注的字符编码和交换标准(ASCII、EBCIDIC、SGML、XML 等)。在过去的几年里,JavaScript Object Notation (JSON) 一直是最受欢迎的。更多
Java
A fully developed programming language which can be used to create standalone applications.
一种完全开发的编程语言,可用于创建独立的应用程序,
Java Applet
A separate program that you see inside a browser adding special functionality to a website (HTML page).
您在浏览器中看到的一个单独的程序,为网站(HTML 页面)添加特殊功能。
JavaScript
A programming language specifically created to add features to HTML pages. Note that JavaScript is different from Java.
一种专门为向 HTML 页面添加功能而创建的编程语言。请注意,JavaScript与 Java 不同

K

Kevin Mitnick
During the mid-nineties, Kevin Mitnick was the ‘World’s Most Wanted Hacker’, and now is a very successful Fortune 500 Security Consultant: Based on his 30+ years of first-hand experience with hacking and social engineering, KnowBe4 created its Security Awareness Training. Kevin is part owner of KnowBe4.
在 90 年代中期,Kevin Mitnick是“世界上最想要的黑客”,现在是一位非常成功的财富 500 强安全顾问:基于他 30 多年的黑客和社会工程第一手经验,KnowBe4 创建了安全意识训练。凯文是 KnowBe4 的部分所有者。
Kernel Level(内核级别)
The foundation of the Operating System is called the Kernel. It provides basic, low-level services like hardware-software interaction and memory management. If a product works at the kernel level, this has many advantages.
操作系统的基础称为内核。它提供基本的低级服务,例如软硬件交互和内存管理。如果产品在内核级别工作,这有很多优点。
Keylogger aka Keystroke logger(键盘记录器又名击键记录器)
A form of malware or device that observes what someone types on their keyboard and sends this data back to the bad guys. There are several ways to do this, using either software or hardware.
一种恶意软件或设备,可观察某人在键盘上键入的内容并将此数据发送回坏人。有几种方法可以做到这一点,使用软件或硬件。
KnowBe4 Product Abbreviations(KnowBe4 产品缩写)
Kevin Mitnick Security Awareness Training = KMSAT (with year indication)
KnowBe4 Compliance Manager = KCM GRC Platform
Here is an overviewof KnowBe4 Training Modules
Kevin Mitnick 安全意识培训 = KMSAT(带年份指示)
KnowBe4 合规管理器 = KCM GRC 平台
以下是KnowBe4 培训模块的概述
Kill Chain(杀伤链)
The kill chain, a military term, is defined as: “The sequence of events that must succeed to destroy a target.” Actively defending across the cyber kill chain may enable a company to detect an attack sooner and potentially disrupt or block it before the real damage occurs. At a minimum, it will force a company to take a closer look at their network and understand how to recognize and defend at various points along a hacker’s methodology.
杀伤链是一个军事术语,定义为:“必须成功摧毁目标的一系列事件。” 积极防御整个网络杀伤链可能使公司能够更快地检测到攻击,并可能在真正的损害发生之前破坏或阻止它。至少,它将迫使公司仔细查看他们的网络,并了解如何在黑客方法的各个点上进行识别和防御。

L

LAMP
LAMP is a software bundle, assembled to make an open source web platform consisting of Linux, Apache, MySQL and Perl/PHP/Python.
LAMP 是一个软件包,组装起来构成一个由 Linux、Apache、MySQL 和 Perl/PHP/Python 组成的开源 Web 平台。
LDAP
Lightweight Directory Access Protocol is an open, vendor-neutral, industry standard protocol to access and maintain directory information services like Active Directory. If you want to have your own software communicate with Active Directory, you use the so called “Lightweight Directory Access Protocol” (See Wikipedia).
轻量级目录访问协议是一种开放的、供应商中立的行业标准协议, 用于访问和维护 Active Directory 等目录信息服务。如果您想让自己的软件与 Active Directory 通信,您可以使用所谓的“轻量级目录访问协议”(请参阅维基百科)。
LMS(学习管理系统 )
A Learning Management System (LMS) is software for the administration, documentation, tracking, reporting and delivery of e-learning education courses or training programs. Organizations can have their own LMS in-house or use a cloud-based LMS like Knowbe4 provides.
学习管理系统 (LMS) 是用于管理、记录、跟踪、报告和交付电子学习教育课程或培训计划的软件。组织可以在内部拥有自己的 LMS,也可以使用像 Knowbe4 提供的基于云的 LMS。
Laserphishing(激光钓鱼)
Diana Kelley, Microsoft’s Cybersecurity Field CTO reached in a discussion with Tech Republic. “Phishing is an old threat, but it remains a major one. Kelley points out that it’s evolved to become better crafted and more tightly targeted. She wouldn’t even call it “spearphishing” any more. “Laserphishing” might, she thinks, be more descriptive and evocative.
微软网络安全领域 CTO Diana Kelley 与 Tech Republic 进行了讨论。“网络钓鱼是一种古老的威胁,但它仍然是一个主要威胁。Kelley 指出,它已经发展成为更好的设计和更严格的目标。她甚至不再称其为“鱼叉式网络钓鱼”。“激光钓鱼”可能,她认为,更具描述性和唤起性。
Lifetime Subscription(终身订阅)
Q4 2009, as the first antivirus company ever, Sunbelt Software began to offer VIPRE Antivirus as a “PC Lifetime Subscription” via the Home Shopping Network. Priced at $99.95, Sunbelt calculated the average lifetime of a PC to be four to five years. Other AV companies started this type of subscription in following years.
2009 年第四季度,作为有史以来第一家防病毒公司,Sunbelt Software 开始通过家庭购物网络提供 VIPRE Antivirus 作为“PC 终身订阅”。Sunbelt 以 99.95 美元的价格计算出一台 PC 的平均寿命为四到五年。其他 AV 公司在接下来的几年开始了这种类型的订阅。
Linux
An extremely popular open-source Unix operating system variant. It comes in many flavors.
一种非常流行的开源 Unix 操作系统变体。它有多种口味。
Logic Bomb(逻辑炸弹)
A malicious computer program (or part of a program) that is asleep until it gets woken up by a specific logical event. Examples are pieces of code hidden by Chinese military hackers in a U.S. power plant that can disable the plant at a certain time. An example of this is a sleeper ransomware strain that infected workstations but only woke up at a certain time.
一种恶意计算机程序(或程序的一部分),它在被特定逻辑事件唤醒之前一直处于休眠状态。例如,中国军事黑客在美国电厂中隐藏的代码片段可以在特定时间禁用该电厂。这方面的一个例子是一种睡眠勒索软件 菌株,它感染了工作站,但只在特定时间醒来。

M

MASA(多因素身份验证安全评估)
Multi-Factor Authentication Security Assessment. KnowBe4’s new Multi-Factor Authentication Security Assessment (MASA) is a complimentary IT security tool that helps you gauge your organization’s MFA security readiness and identifies your specific risks so you can better defend against MFA hacks.
多因素身份验证安全评估。KnowBe4 的全新多因素身份验证安全评估 ( MASA ) 是一种免费的 IT 安全工具,可帮助您评估组织的 MFA 安全准备情况并识别您的特定风险,以便您更好地防御 MFA 黑客攻击。
MBR
Master Boot Record. Specifically designated area on a hard disk drive where the instructions sit for the PC to start up and describes how the drive is set up.
主引导记录。硬盘驱动器上专门指定的区域,用于指示 PC 启动并描述驱动器的设置方式。
MEME(模因)

  • An element or “unit of culture” of transmission that may be considered to be passed from one individual to another.
  • 可以被认为是从一个人传给另一个人的传播要素或“文化单位”。
  • A humorous image, video, piece of text, etc., that is copied (often with slight variations) and spread rapidly by Internet users. From Greek mimēma ‘that which is imitated’, on the pattern of gene .
  • 被网民复制(常有细微改动)并迅速传播的幽默图片、视频、文字等。˚F ROM希腊mimēma“那这是模仿”,对基因的格局。

MSP(托管服务提供商)
A Managed Service Provider (MSP) is a company that manages information technology services for other companies via the Web.
托管服务提供商 (MSP) 是一家通过 Web 为其他公司管理信息技术服务的公司。
MSSP
A managed security service provider (MSSP) is an IT service provider that provides an organization with agreed upon levels of cybersecurity monitoring and management, which may include virus and spam blocking, intrusion detection, firewalls and virtual private network (VPN) management.
托管安全服务提供商 ( MSSP ) 是一家 IT 服务提供商,可为组织提供商定的网络安全监控和管理级别,其中可能包括病毒和垃圾邮件拦截、入侵检测、防火墙和虚拟专用网络 (VPN) 管理。
MTBF(平均无故障时间)
Mean TIme Between Failure. Short for mean time between failures, the average time a device will function before failing. MTBF ratings are measured in hours and indicate the sturdiness of hard disk drives and printers. Typical disk drives for personal computers have MTBF ratings of about 500,000 hours. This means that of all the drives tested, one failure occurred every 500,000 hours of testing. See Webopedia for more.
平均故障间隔时间。故障平均间隔时间的缩写,即设备在出现故障之前运行的平均时间。MTBF 等级以小时为单位,表示硬盘驱动器和打印机的坚固程度。个人计算机的典型磁盘驱动器的 MTBF 额定值约为 500,000 小时。这意味着在所有测试的驱动器中,每测试 500,000 小时就会发生一次故障。有关更多信息,请参阅 Webopedia 。
Machine Learning(机器学习)
Think of it simply as a branch of statistics, designed for a world of big data. The most common application of machine learning tools is to make predictions. Here are a few examples of prediction problems in a business. Good article here.

  • Making personalized recommendations for customers
  • Forecasting long-term customer loyalty
  • Anticipating the future performance of employees
  • Rating the credit risk of loan applicants

将其简单地视为统计学的一个分支,专为大数据世界而设计。 机器学习工具最常见的应用是进行预测。 以下是一些业务中预测问题的示例。好文章在这里

  • 为客户提供个性化推荐
  • 预测长期客户忠诚度
  • 预测员工未来的表现
  • 对贷款申请人的信用风险进行评级

Macro(宏)
A list of (usually text-based) commands and/or instructions that are grouped together and can be run as a single command.
一组(通常是基于文本的)命令和/或指令的列表,它们组合在一起并且可以作为单个命令运行。
Macro Virus(宏病毒)
A virus that was written in a scripting language like JavaScript.
一种用 JavaScript 等脚本语言编写的病毒。
Malware(恶意软件)
Malware is a shorter version of the term “Malicious Software”. It is an umbrella term used to refer to a wide range of viruses, worms, Trojans and other programs that a hacker can use to damage, steal from, or take control of endpoints and servers. Most malware is installed without the infected person ever realizing it.
恶意软件是术语“恶意软件”的较短版本。它是一个总称,用于指代范围广泛的病毒、蠕虫、特洛伊木马和其他程序,黑客可以利用这些程序来破坏、窃取或控制端点和服务器。大多数恶意软件是在感染者没有意识到的情况下安装的。
Maintenance aka Renewal(维护、更新)
The period that a customer gets tech support, updates and new software versions.
客户获得技术支持、更新和新软件版本的时间段。
Malvertising(恶意广告)
Malvertising is malicious advertising that contains active scripts designed to download malware or force unwanted content onto your computer. Exploits in Adobe PDF and Flash are the most common methods used in malvertisements. See ‘Exploit’.
恶意广告是包含活动脚本的恶意广告,旨在下载恶意软件或将不需要的内容强加到您的计算机上。Adobe PDF 和 Flash 中的漏洞利用是恶意广告中最常用的方法。参见“利用”。
Managed Service(托管服务)
A Service Provider (MSP) that maintains all the computers and networks for a company, often via the Internet. See Cloud Computing.
服务提供商 (MSP),通常通过 Internet 维护公司的所有计算机和网络。请参阅云计算。
Man-in-the-middle attack(中间人攻击)
An attack in which data sent and received between two parties in an ongoing connection is intercepted. The attacker can record, read, or even alter the contents of that traffic.
截获正在进行的连接中的两方之间发送和接收的数据的攻击。攻击者可以记录、读取甚至更改该流量的内容。
Media Drop(媒体投放)
Technique used by hackers who load malware on a USB drive, CD/DVD, or other readable form of media, and then leave the infected media where it can easily be found. In some cases, thieves actually give the media away at public venues or trade shows. Once the victim loads the drive or disk, the malware does its work and will allow the hacker to do a number of things, including take remote control of the victim’s computer.
黑客使用的技术将恶意软件加载到 USB 驱动器、CD/DVD 或其他可读形式的媒体上,然后将受感染的媒体留在易于找到的地方。在某些情况下,窃贼实际上会在公共场所或贸易展览上泄露媒体。一旦受害者加载驱动器或磁盘,恶意软件就会开始工作,并允许黑客做很多事情,包括远程控制受害者的计算机。
Metadata(元数据)
Relatively abstract data about other data. Example: records of what cell phone number calls what other number at what time. There are many different kinds of metadata.
关于其他数据的相对抽象的数据。示例:记录什么手机号码在什么时间拨打什么其他号码。有许多不同类型的元数据。
Metamorphic Virus(变形病毒)
Typical polymorphic malware will only rewrite part of its computer code to evade detection. Metamorphic malware goes even further by completely recompiling its code during each infection when it first connects to the internet.
典型的多态恶意软件只会重写其部分计算机代码以逃避检测。变形恶意软件通过 在每次感染期间 首次连接到互联网时完全重新编译其代码而走得更远。
Middleware(中间件)
Middleware is software that exists between an operating system or database and the applications running on it, especially on a network or in a distributed environment. It enables data management and communications between the OS and applications by functioning as a hidden translation layer.
中间件是存在于操作系统或数据库与其上运行的应用程序之间的软件,尤其是在网络或分布式环境中。它通过充当隐藏的转换层来实现操作系统和应用程序之间的数据管理和通信。
Milware(密件)
Malcious software (aka warware) created by the military and/or intelligence agency to cause damage to an adversary’s infrastructure. Milware is stealthy to the extreme and often does not get detected for years. Normal antivirus products seem to not find this type of code. Stuxnet is a good example.
由军方和/或情报机构创建的恶意软件(又名战争软件),可对对手的基础设施造成损害。Milware 非常隐蔽,而且通常多年都不会被发现。一般的杀毒产品好像找不到这种代码。Stuxnet 就是一个很好的例子。
Misinformation(误传)
False or inaccurate information, especially that which is deliberately intended to deceive. Often forwarded to friends and family, not knowing it is false. See Disinformation.
虚假或不准确的信息,尤其是故意欺骗的信息。经常转发给亲朋好友,不知道是假的。见虚假信息。
Money Mules(钱骡)
A person recruited by a criminal or criminal organization to quickly receive and turn around funds involved in scams. The scams are often related to ACH, credit cards, or similar online transactions. The money mule is often unaware of his or her actual role.
被犯罪或犯罪组织招募以快速接收和转回涉及诈骗的资金的人。诈骗通常与 ACH、信用卡或类似的在线交易有关。金钱骡子通常不知道他或她的实际角色。
Multi-factor authentication(多重身份验证 )
A method of validating the identity of a user by using two or more security mechanisms. For example, a valid user name and password combination along with a fingerprint scan is a form of multi-factor authentication. Modern cybercrime has developed malware to evade some forms of multi-factor authentication.
一种通过使用两种或多种安全机制来验证用户身份的方法。例如,有效的用户名和密码组合以及指纹扫描是多因素身份验证的一种形式。现代网络犯罪已经开发出恶意软件来逃避某些形式的多因素身份验证

N

NADM
Never A Dull Moment. The motto of the business we are in.
从来没有闷的时候。 我们从事的业务的座右铭。
NAT(网络地址转换)
Network Address Translation. A security technology that hides all IP addresses in a network so attackers cannot get to specific machines.
网络地址解读。一种隐藏网络中所有 IP 地址的安全技术,因此攻击者无法访问特定机器。
NAS(NAS)
Network Attached Storage. A network hardware technology that uses a strand-alone storage device that is dedicated to centralized disk storage.
网络附加存储。一种网络硬件技术,它使用专用于集中磁盘存储的独立存储设备。
NAC(网络访问控制)
Network Access Control. A piece of technology that controls access to a network. See Wikipedia
网络访问控制。一种控制网络访问的技术。参见维基百科
NAP(网络访问保护)
Network Access Protection is a Microsoft technology for controlling network access of a computer host based on the system health of that computer. With NAP, system admins can define policies for system health requirements. I.e. are the most recent operating system updates installed? Are the anti-virus software definitions updated? Has that computer a firewall installed and enabled? You get the idea. Computers not in compliance with system health requirements have restricted or no access to the network.
网络访问保护是一项 Microsoft 技术,用于根据计算机主机的系统健康状况控制计算机主机的网络访问。使用 NAP,系统管理员可以为系统健康要求定义策略。即是否安装了最新的操作系统更新?是否更新了防病毒软件定义?那台计算机是否安装并启用了防火墙?你明白了。不符合系统健康要求的计算机限制或无法访问网络。
NCSAM
National Cyber Security Awareness Month
全国网络安全意识月
NW3C
National White Collar Crime Center. They are here
国家白领犯罪中心。他们在这里
NESSUS
Software being used to scan a network from the outside in to search for vulnerabilities. KnowBe4 uses Nessus for the Vulnerability Scan service we provide.
用于从外向内扫描网络以搜索漏洞的软件。KnowBe4 将Nessus用于我们提供的漏洞扫描服务。
NIPS(网络入侵防御系统)
Network Intrusion Prevention System. Intrusion prevention systems (IPS) are a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. See Wikipedia
网络入侵防御系统。入侵防御系统 (IPS) 是一种网络安全设备,可监控网络和/或系统活动是否存在恶意或不需要的行为,并可实时做出反应以阻止或阻止这些活动。参见维基百科
NIST
The National Institute of Standards and Technology (NIST) has an excellent publication with templates and guides for what should go into a security awareness training program. The 70-page document is available for free in PDF format from the institute’s Web site.
美国国家标准与技术研究院 ( NIST ) 有一份出色的出版物,其中包含安全意识培训计划应包含的内容的模板和指南。这份 70 页的文件可以从研究所的网站上免费获得 PDF 格式。

O

OEM(原始设备制造商)
Original Equipment Manufacturer. An OEM manufactures products or components which are purchased by another company and retailed under the purchasing company’s brand name. OEM refers to the company that originally manufactured the product. See Wikipedia.
原始设备制造商。OEM 生产的产品或组件由另一家公司购买并以该采购公司的品牌名称进行零售。OEM 是指最初制造产品的公司。参见维基百科
ON-ACCESS Scanning
Malware scans that are monitoring the system in real-time for any changes and will prevent immediate infection.
恶意软件扫描实时监控系统的任何变化,并防止立即感染。
ON-DEMAND Scanning, also called ‘drive scan’
Malware scans that are set to run on a scheduled basis, like 3am every night.
设置为按计划运行的恶意软件扫描,例如每晚凌晨 3 点。
OU(ORGANIZATIONAL UNIT、组织单位 )
A word related to Active Directory is “OU” or “Organizational Unit” since we allow our users to specify what they want to synchronize by both security group and OU. Here is a good definition: An organizational unit (OU) is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. You can create organizational units to mirror your organization’s functional or business structure. See Active Directory “AD”.
与 Active Directory 相关的一个词是“OU”或“组织单位”,因为我们允许用户通过安全组和 OU 指定他们想要同步的内容。这是一个很好的定义:组织单位 (OU) 是 Active Directory 中的一个细分,您可以在其中放置用户、组、计算机和其他组织单位。您可以创建组织单位来反映您组织的职能或业务结构。请参阅活动目录“AD”。

P

P/E Ratio(市盈率)
The price-to-earnings ratio, or P/E ratio, helps you compare the price of a company’s stock to the earnings the company generates. The P/E ratio is derived by dividing the price of a stock by the stock’s earnings. Think of it this way: The market price of a stock tells you how much people are willing to pay to own the shares, but the P/E ratio tells you whether the price accurately reflects the company’s earnings potential, or it’s value over time. If a company’s stock is trading at $100 per share, for example, and the company generates $4 per share in annual earnings, the P/E ratio of the company’s stock would be 25 (100 / 4). To put it another way, given the company’s current earnings, it would take 25 years of accumulated earnings to equal the cost of the investment. More here.
市盈率或市盈率可帮助您将公司股票的价格与公司产生的收益进行比较。市盈率是通过将股票价格除以股票收益得出的。可以这样想:股票的市场价格告诉你人们愿意支付多少来拥有这些股票,但市盈率告诉你价格是否准确地反映了公司的盈利潜力,或者随着时间的推移它的价值。例如,如果一家公司的股票交易价格为每股 100 美元,而该公司的年收益为每股 4 美元,则该公司股票的市盈率为 25 (100 / 4)。换句话说,考虑到公司当前的收益,需要 25 年的累积收益才能等于投资成本。更多在这里
P2P(点对点)
Peer-To-Peer software allows end-users to up- and download software (movies, music, games) via a distributed computing architecture, not using centralized servers. There is a significant risk as child porn is also moving through these networks, and can result in SWAT teams busting down your door if a neighbor illegally piggybacks on your Wi-Fi. (no joke).
点对点软件允许最终用户通过分布式计算架构上传和下载软件(电影、音乐、游戏),而不是使用集中式服务器。由于儿童色情也通过这些网络传播,因此存在重大风险,如果邻居非法搭载您的 Wi-Fi,可能会导致特警队闯入您的门。(可不是闹着玩的)。
PCI
Payment Card Industry
支付卡行业
PCI Security Standards Council
Organization that publishes standards (rules) on how to securely handle credit card processing.
发布有关如何安全处理信用卡处理的标准(规则)的组织。
PCI-DSS
The PCI Data Security Standard – a document published by the Payment Card Industry; it lists all the requirements for securely handling credit cards and credit card information. Organizations that accept credit cards need to be PCI compliant. This includes Security Awareness Training and many other requirements.
PCI 数据安全标准——支付卡行业发布的文件;它列出了安全处理信用卡和信用卡信息的所有要求。接受信用卡的组织需要符合 PCI 标准。这包括安全意识培训和许多其他要求。
PHI(受保护的健康信息)
Protected Health Information. PHI is all recorded information about an identifiable individual that relates to that person’s health, health care history, provision of health care to an individual, or payment to health care. The U.S. Health Insurance Portability and Accountability Act (HIPAA) governs the protection of Private Health Information.
受保护的健康信息。PHI 是关于可识别个人的所有记录信息,这些信息与该人的健康、医疗保健历史、向个人提供的医疗保健或医疗保健支付有关。美国健康保险流通与责任法案 (HIPAA) 管理私人健康信息的保护。
PII(个人身份信息)
Personally Identifiable Information. PII is defined as any instance of an individual’s first name or first initial, plus the last name, and any more than thirty additional confidential items. If it can be used to uniquely identify a specific individual using non-public information, it’s PII and must be protected.
个人身份信息。PII 被定义为个人的名字或名字首字母的任何实例,加上姓氏,以及任何超过 30 个附加机密项目。如果它可以用于使用非公开信息唯一标识特定个人,那么它就是 PII,必须受到保护。
PM(产品经理)
Product Manager. A product manager researches, selects, develops, and places a company’s products, performing the activity of product management.
产品经理。产品经理研究、选择、开发和放置公司的产品,执行产品管理活动。
PMD(大功告成)
Pretty Much Done. One of our old colleagues’ favorite expressions, and indicated that the final product might still be months away from completion.
大功告成。我们老同事最喜欢的表达之一,并表示最终产品可能还需要几个月的时间才能完成。
POP
Period of Performance. How long the customer has paid for maintenance on their product.
表演期。客户为其产品的维护支付了多长时间。
PSD
Product Services Delivery. The team, part of the Accounting Department, that processes orders and does Roll-Out calls for KnowBe4 Products with the customers. PSD also refers to the in-house process that routes orders from quote acceptance through the delivery process.
产品服务交付。该团队是会计部门的一部分,负责处理订单并与客户一起推出 KnowBe4 产品。PSD 还指将订单从报价接受到交付流程的内部流程。
PST(网络钓鱼安全测试)
Phishing Security Test. This is a simulated phishing attack done by KnowBe4 on email addresses that a prospect or customer upload to our site. We have dozens of templates that existing customers can use on their employees. You can do a one-time free PST to all your employees
网络钓鱼安全测试。这是KnowBe4 对潜在客户或客户上传到我们网站的电子邮件地址进行的模拟网络钓鱼攻击。我们有许多现有客户可以在其员工身上使用的模板。您可以对所有员工进行一次性免费 PST
Patch
A software (security) update intended to repair a vulnerability that was discovered after the product was released for general use.
一种软件(安全)更新,旨在修复产品发布供一般使用后发现的漏洞。
Patch Tuesday(星期二补丁)
Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches. That week, system administrators need to do the testing of these patches in their own environments and then deploy the patches which usually requires a reboot. Sometimes systems are mission critical and cannot be rebooted, which causes them to stay vulnerable and then get infected with a zero-day threat.
补丁星期二是每个月的第二个星期二,也是微软发布安全补丁的日子。那一周,系统管理员需要在他们自己的环境中测试这些补丁,然后部署补丁,这通常需要重新启动。有时系统是关键任务,无法重新启动,这导致它们容易受到攻击,然后感染零日威胁。
Payload(有效载荷)
Malware often comes in different parts. That is where the term ‘blended malware’ originates. An example is an email claiming to be from the ‘Better Business Bureau’ having a complaint for you about your company. Attached is a PDF. The PDF is the payload and has malware in it, or downloads malware from a compromised server somewhere. Here is a bit of history of the word and where it came from.
恶意软件通常有不同的部分。这就是术语“混合恶意软件”的起源。例如,一封声称来自“商业改善局”的电子邮件,向您投诉您的公司。附上一个PDF。PDF 是有效载荷,其中包含恶意软件,或者从某个地方的受感染服务器下载恶意软件。这是这个词的一些历史以及它的来源
Peer-to-peer
See P2P
见 P2P
Performance Testing(性能测试)
(IEEE) Functional testing conducted to evaluate the compliance of a system or component with specified performance requirements.
(IEEE) 为评估系统或组件是否符合指定性能要求而进行的功能测试。
Perimeter (security)(周长(安全))
Perimeter security refers to routers, firewalls, and intrusion detection systems implemented to tightly control access to networks from outside sources. More Here
外围安全是指实施路由器、防火墙和入侵检测系统以严格控制从外部来源对网络的访问。更多在这里
Phish-prone Percentage(网络钓鱼倾向百分比)
A term coined by KnowBe4 that indicates the percentage of employees that are prone to click on dangerous phishing links. You can find out what the Phish-prone percentage of your organization is with this free test.
KnowBe4 创造的一个术语,表示容易点击危险网络钓鱼链接的员工百分比。您可以通过此免费测试了解您的组织中的网络钓鱼倾向百分比是多少。
PhishER网络钓鱼者
A KnowBe4 product for managing potentially malicious email messages reported by users. Key features include: prioritization, disposition, automated workflows, automated responses, SIEM integration, data enrichment.
用于管理用户报告的潜在恶意电子邮件的 KnowBe4 产品。主要功能包括:优先级排序、处置、自动化工作流、自动化响应、SIEM 集成、数据丰富。
Phishing(网络钓鱼)
Phishing is the process in which bad guys try to trick you into giving out sensitive information or taking a potentially dangerous action, like clicking on a link or downloading an infected attachment. They do this using emails disguised as contacts or organizations you trust so that you react without thinking first. It’s a form of criminally fraudulent social engineering. Also see Spear Phishing.
网络钓鱼 是不法分子试图诱骗您提供敏感信息或采取潜在危险操作(例如单击链接或下载受感染的附件)的过程。他们使用伪装成您信任的联系人或组织的电子邮件来执行此操作,以便您不假思索地做出反应。这是一种犯罪欺诈的社会工程形式。另请参阅鱼叉式网络钓鱼。
Phishing Attack Surface(网络钓鱼攻击面)
Are you aware that many of the email addresses of your organization are exposed on the Internet and easy to find for cybercriminals? With these addresses they can launch spear phishing attacks on your organization. This type of attack is very hard to defend against, unless your users get next-generation security awareness training. IT Security specialists call it your ‘phishing attack surface‘. The more email addresses that are exposed, the bigger your attack footprint is, and the higher the risk. It’s often a surprise how many of your addresses are actually out there, whose, and where they were found. Here is a datasheet with some more information.
您是否知道您组织的许多电子邮件地址都暴露在 Internet 上并且很容易被网络犯罪分子找到?使用这些地址,他们可以对您的组织发起鱼叉式网络钓鱼攻击。这种类型的攻击很难防御,除非您的用户接受下一代安全意识培训。IT 安全专家将其称为“网络钓鱼攻击面”。暴露的电子邮件地址越多,您的攻击足迹就越大,风险也越高。您的地址中有多少实际上在那里,它们是谁的以及在哪里找到的,这常常令人惊讶。这是包含更多信息的数据表
Phrase techniques(短语技巧)
Methods of producing strong passwords. One technique involves creative transformations for a sentence so that, for example, “I never eat rye bread” becomes iN3V3RtaeWRYdearb
生成强密码的方法。一种技术涉及对句子进行创造性转换,例如,“我从不吃黑麦面包”变成 iN3V3RtaeWRYdearb
Phreaking(偷窃)
A form of fraud that involves directly hacking telecommunications systems, one of the things Kevin Mitnick used to do in the early days.
一种涉及直接入侵电信系统的欺诈形式,这是 Kevin Mitnick 早期经常做的事情之一。
Plaintext(纯文本)
Also known as cleartext and is used as input for encryption.
也称为明文,用作加密的输入。
Point-of-failure Training(故障点培训)
An end user that has fallen for a phishing test and clicked on the link or opened up an attachment is given a short remedial training on the spot to make sure they understand the risks and stop doing that. Relying on just this tactic is not sufficient for truly effective security awareness training.
被网络钓鱼测试并单击链接或打开附件的最终用户当场接受了简短的补救培训,以确保他们了解风险并停止这样做。仅仅依靠这种策略并不足以进行真正有效的安全意识培训
Point Release(点发布)
A minor software release that increments with a decimal point. I.e. from V3.0 to V3.1
使用小数点递增的次要软件版本。即从 V3.0 到 V3.1
Polymorphism(多态性)
A feature of a programming language that allows routines to use variables of different types at different times. Here is where this word comes from:
允许例程在不同时间使用不同类型变量的编程语言的一种特性。这个词的出处是这样的:

  • Poly = many: polygon = many-sided, polystyrene = many styrenes (a), polyglot = many languages, and so on.
  • 多 = 多:多角 = 多面,聚苯乙烯 = 多苯乙烯(a),多语言 = 多语言,等等。
  • Morph = change or form: morphology = study of biological form, Morpheus = the Greek god of dreams able to take any form.
  • Morph = 变化或形式:形态 = 研究生物形式,Morpheus = 希腊梦之神,可以采取任何形式。

Polymorphic threat(多态威胁)
Malware, spam or phishing attacks that change themselves very frequently to try to prevent detection by filters.
恶意软件、垃圾邮件或网络钓鱼攻击会频繁更改自身以试图阻止过滤器检测。
Polymorphic virus(多态病毒)
Malware that shape-shifts to avoid detection by encrypting parts of its own content differently all the time.
恶意软件会变形,通过始终以不同方式加密其自身内容的一部分来避免检测。
Policy(政策)
A set of rules that specify what requirements must be met.
一组规则,指定必须满足哪些要求。
POP(流行音乐)
Post Office Protocol, the email protocol that handles incoming email.
邮局协议,处理传入电子邮件的电子邮件协议。
Popup(弹出)
Small web browser Window that literally pops up over the browser window you are looking at. Our training uses this technology to present the user with their training session so they need to turn popup blockers off for our website.
在您正在查看的浏览器窗口上弹出的小型 Web 浏览器窗口。我们的培训使用此技术向用户展示他们的培训课程,因此他们需要为我们的网站关闭弹出窗口阻止程序。
Present Value(目前价值)
Forrester creates TEI reports (Total Economic Impact) for customers like KnowBe4. Within that report they use the term “Present Value (PV)”. So, we wanted to simply provide a clear definition for everyone. From Investopedia: “Present value is the concept that states an amount of money today is worth more than that same amount in the future. In other words, money received in the future is not worth as much as an equal amount received today. Receiving $1,000 today is worth more than $1,000 five years from now. Why? An investor can invest the $1,000 today and presumably earn a rate of return over the next five years. Present value takes into account any interest rate an investment might earn.”
Forrester 为 KnowBe4 等客户创建 TEI 报告(总体经济影响)。在该报告中,他们使用术语“现值 (PV)”。因此,我们只想为每个人提供一个清晰的定义。来自 Investopedia:“现值是这样一种概念,即今天的金额比未来的相同金额更有价值。换句话说,未来收到的钱不如今天收到的等量钱多。收到 1,000 美元“今天的价值在五年后价值超过 1,000 美元。为什么?投资者今天可以投资 1,000 美元,并且可能在未来五年内获得回报率。现值考虑了投资可能获得的任何利率。”
Pretexting(借口)
The act of creating an invented scenario in order to persuade a targeted victim to release information or perform some action. Pretexting can also be used to impersonate people in certain jobs and roles, such as technical support or law enforcement, to obtain information. It usually takes some back-and-forth dialogue either through email, text or the phone. It is focused on acquiring information directly from the actions taken by the targets, who are usually in HR or Finance.
创建虚构场景以说服目标受害者发布信息或执行某些操作的行为。借口也可用于冒充从事某些工作和角色(例如技术支持或执法)的人员以获取信息。通常需要通过电子邮件、短信或电话进行一些来回对话。它专注于直接从目标(通常在人力资源或财务部门)采取的行动中获取信息。
Principle of least privilege(最小特权原则)
Giving users the least amount of access required for them to complete their jobs. Also referred to as separation of duties.
为用户提供完成工作所需的最少访问权限。也称为职责分离。
Prioritize [PhishER](优先考虑 [PhishER])
Determine the order of dealing with a series of items according to their relative importance. Different organizations have a different idea of priority; some might think digging into threats is priority #1, others might feel that responding to end users letting know that PO they reported is not a threat is more important. In either case it’s important to get rid of the junk that doesn’t matter so the important items are addressable.
根据一系列项目的相对重要性确定处理它们的顺序。不同的组织对优先级有不同的看法;有些人可能认为深入研究威胁是第一要务,其他人可能认为回应最终用户让他们知道他们报告的 PO 不是威胁更重要。在任何一种情况下,重要的是摆脱无关紧要的垃圾,以便重要的项目是可寻址的。
Privacy Policy(隐私政策)
A privacy policy is a legal document that discloses some or all of the ways a party gathers, uses, discloses and manages a customer’s data. There is a lot of background data about this on Wikipedia.
隐私政策是披露一方收集、使用、披露和管理客户数据的部分或全部方式的法律文件。维基百科上有很多关于此的背景数据。
Propaganda(宣传)
Information, especially of a biased or misleading nature, used to promote or publicize a particular political cause or point of view. Interestingly enough, although it has a negative connotation today, it has ostensibly noble origins. In 1622 in an effort to spread Christianity around the world, Pope Gregory XV established in Rome the Sacred Congregation of the Propagation of the Faith, to be entrusted to a handpicked group of cardinals. Just ane xample of how the meaning of words can radically change over time.
用于宣传或宣传特定政治事业或观点的信息,尤其是带有偏见或误导性质的信息。有趣的是,尽管它在今天具有负面含义,但它表面上却有着高贵的起源。1622 年,为了将基督教传播到世界各地,教皇格雷戈里十五世在罗马建立了信仰传播圣座,委托给一群精心挑选的红衣主教。这只是单词含义如何随着时间发生根本变化的一个例子。
PROM(可编程只读存储器)
Programmable Read Only Memory. A computer chip with content that can be re-written from the outside.
可编程只读存储器。具有可从外部重写的内容的计算机芯片。
Protocol(协议)
In short, a set of standards to get a specific function done. Example: TCP/IP.
简而言之,完成特定功能的一组标准。示例:TCP/IP。
Proxy server(代理服务器)
A proxy server is a server (a computer system or an application program) that acts as an intermediary for requests from clients seeking resources from other servers. Mostly used in the context of using a proxy server to connect to the Internet. See Wikipedia.
代理服务器是一种服务器(计算机系统或应用程序),它充当客户端请求从其他服务器寻求资源的中介。主要用于使用代理服务器连接到 Internet 的上下文中。参见维基百科
Punycode(密码)
SHORT: The name of the technology used when a domain name uses language-specific characters. A significant portion of computing systems only expect to see and use Latin characters. When you start introducing fancy letters there has to be an a way to tell the system “get ready, these letters are going to be fancy”. Punycode is how that is done.
简短内容:域名使用特定语言字符时所使用的技术名称。很大一部分计算系统只希望看到和使用拉丁字符。当你开始引入花哨的字母时,必须有一种方法告诉系统“准备好,这些字母会很花哨”。Punycode 就是这样做的。
LONG: The global Domain Name System (DNS), is responsible for turning human-friendly server names into computer-friendly network numbers, but it’s restricted to the limited subset of ASCII characters in domain names. The curiously-named system known as punycode is a way of converting words that can’t be written in ASCII, such as the Ancient Greek phrase ΓΝΩΘΙΣΕΑΥΤΟΝ (know yourself), into an ASCII encoding, like this: xn—mxadglfwep7amk6b.
LONG:全球域名系统 (DNS) 负责将人类友好的服务器名称转换为计算机友好的网络编号,但它仅限于域名中有限的 ASCII 字符子集。 被称为 punycode 的奇怪命名系统是一种将无法用 ASCII 书写的单词(例如古希腊短语 ΓΝΩΘΙΣΕΑΥΤΟΝ(了解你自己))转换为 ASCII 编码的方法,例如:xn—mxadglfwep7amk6b。
Some letters in the Roman alphabet are the same shape (if not always the same sound) as letters in the Greek, Cyrillic and other alphabets, such as the letters I, E, A, Y, T, O and N in the example above. So you may be able to register a punycode domain name that looks nothing like a well-known ASCII company name, but nevertheless displays very much like it. For example, consider the text string consisting of these lower-case Greek letters: alpha, rho, rho, iota, epsilon. In punycode you get xn—mxail5aa, but when displayed (depending on the fonts you have installed), you get: αρριϵ. And that is a trick the bad guys can use to create a domain name that looks like the real thing but isn’t.
罗马字母中的某些字母与希腊字母、西里尔字母和其他字母中的字母具有相同的形状(如果不总是相同的声音),例如上面示例中的字母 I、E、A、Y、T、O 和 N . 因此,您也许可以注册一个看起来一点也不像著名的 ASCII 公司名称的 punycode 域名,但看起来却非常相似。 例如,考虑由这些小写希腊字母组成的文本字符串:alpha、rho、rho、iota、epsilon。 在 punycode 中你得到 xn—mxail5aa,但是当显示时(取决于你安装的字体),你得到:αρριϵ。 这是坏人可以用来创建一个看起来像真的但不是真的域名的技巧。
*Pwned

In hacker jargon, ‘pwn’ means to compromise or control, specifically another computer (server or PC), web site, gateway device, or application. (it’s ‘own’ with a typo in it) It is synonymous with one of the definitions of hacking or cracking. The Pwnie Awards are awarded by a group of security researchers.
在黑客行话中,“pwn”的意思是妥协或控制,特别是另一台计算机(服务器或 PC)、网站、网关设备或应用程序。(它是“自己的”,其中有一个错字)它与黑客或破解的定义之一同义。Pwnie 奖由一组安全研究人员颁发。

Q

QA(质量保证)
Quality Assurance. In KnowBe4 the team that is responsible to find bugs in our code and work with Development to deliver world-class quality to our customers.
质量保证。在 KnowBe4 中,团队负责查找我们代码中的错误并与开发人员合作,为我们的客户提供世界一流的质量。
QBR(QBR)
Quarterly Business Review. A meeting of a company’s execs to determine strategy.
季度业务回顾。公司高管会议以确定战略。
Quality Control(质量控制)
The operational techniques and procedures used to achieve quality requirements. This is typically handled during the development process.
用于达到质量要求的操作技术和程序。这通常在开发过程中处理。
Quarantine(隔离)
Antivirus, after it detects malware, can move that malware to a protected space on disk where it cannot do any further harm, and from where it can either be deleted or restored in case it was a false positive. See ‘False Positive’.
防病毒软件在检测到恶意软件后,可以将该恶意软件移动到磁盘上的受保护空间,在那里它不会造成任何进一步的伤害,并且可以从那里删除或恢复它,以防它是误报。请参阅“误报”。

R

RCA(根本原因分析)
Root Cause Analysis. Asking “Why” a number of times until you get to the bottom of an issue. Having the correct and hence the final “Why”, you can fix the situation.
RCA根本原因分析。多次询问“为什么”,直到找到问题的根源。有了正确的“为什么”,你就可以解决这个问题。

RDP(远程桌面协议)
RDP Remote Desktop Protocol is a proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.
Microsoft 开发 的 专有协议,它为用户提供 图形界面 以通过网络连接连接到另一台计算机。用户为此使用 RDP 客户端软件,而另一台计算机必须运行 RDP 服务器软件。
RBL(实时黑洞列表)
RBL stands for Realtime Blackhole Listing. RBLs are used for Antivirus Exchange and Antivirus Gateway. It’s a list of domains that are blocked because they are a source of spam. You can find a complete definition of RBL at Webopedia.
RBL 代表实时黑洞列表。RBL 用于 Antivirus Exchange 和 Antivirus Gateway。这是一个被阻止的域列表,因为它们是垃圾邮件的来源。您可以在 Webopedia 中找到 RBL 的完整定义。
RMA(退货授权)
Return Materials Authorization. As in: “Shipments without a valid RMA number will not be accepted.”
退货授权。如:“不接受没有有效 RMA 编号的货物。”
RSN(注册号)
Real Soon Now,a technical term that software developers use to indicate when they expect to deliver shippable code. Also see PMD.
‘真正很快’。软件开发人员用来表示他们希望何时交付可交付代码的技术术语。另请参阅PMD
RTM(发布到制造)
Released To Manufacturing. The day that the final code is shipped out the door to the factory to be duplicated. In KnowBe4’s case, the day that we released the final product on our website.
发布到制造。最终代码运出工厂进行复制的那一天。在 KnowBe4 的案例中,我们在我们的网站上发布最终产品的那一天。
RAP Testing(RAP测试)
Virus Bulletin is the world’s most prestigious antivirus lab. Apart from their VB100 certification, they have another interesting test called RAP. It’s for “Reactive and Proactive”, and helps you form an impression of the heuristic -and- generic proactive detection capability of security software products – in particular how well products perform against malware that appears after vendors have submitted their products to Virus Bulletin for testing. They create a quadrant a few times a year, and compare all products they have tested. The antivirus industry is not promoting this website, as it’s not a pretty picture.
Virus Bulletin 是世界上最负盛名的防病毒实验室。除了他们的 VB100 认证,他们还有另一个有趣的测试叫做 RAP。它适用于“反应性和主动性”,帮助您对安全软件产品的启发式和通用主动检测能力形成印象——尤其是在供应商将其产品提交给 Virus Bulletin 进行测试后,产品对恶意软件的表现如何. 他们每年创建几次象限,并比较他们测试过的所有产品。防病毒行业没有宣传这个网站,因为它不是一个漂亮的图片。
The RAP system measures simple static detection rates, testing against common malware samples first seen by the VB lab team within ten days of running each stage of the test.
RAP 系统测量简单的静态检测率,针对 VB 实验室团队在 运行每个测试阶段后的十天内首次发现的常见恶意软件样本 进行测试。
The “Reactive” measure is the average of three test runs against samples seen in the ten days before the test date, allowing the products to use the latest updates and with full access to any cloud-based resources and reputation systems. For the “Proactive” measure, products and updates are frozen, then products are run offline, without access to cloud systems, against samples seen in the ten days following freezing.
“反应性”衡量标准是针对测试日期前十天内看到的样本进行三次测试运行的平均值,允许产品使用最新更新并完全访问任何基于云的资源和声誉系统。对于“主动”措施,产品和更新被冻结,然后产品离线运行,无需访问云系统,针对冻结后十天内看到的样本。
The RAP test aims to give an indication of how well product developers are able to keep up with the incoming flood of new malware using their standard file detection methods (including heuristic rules), and should also give some idea as to how much different products rely on cloud-based systems to supplement client-side technologies.
RAP 测试旨在表明产品开发人员使用他们的标准文件检测方法(包括启发式规则)跟上新恶意软件涌入的能力如何,并且还应该对不同产品依赖的程度有所了解在基于云的系统上以补充客户端技术。
Rainbow Tables(彩虹桌)
A password attack that uses a really large set of of hashes that were generated from almost every possible password.
使用从几乎所有可能的密码生成的大量哈希值的密码攻击。
RanSim(勒索软件模拟器)
RanSim stands for “Ransomware Simulator”. KnowBe4 released a free tool in October 2016 that people can download to check if their antivirus/endpoint protection is effective against ransomware infections. It takes several scenarios and emulates the things that real ransomware would do in a non-destructive way. You can find RanSim here.
RanSim 代表“勒索软件模拟器”。KnowBe4 于 2016 年 10 月发布了一个免费工具,人们可以下载该工具来检查他们的防病毒/端点保护是否对勒索软件感染有效。它需要多种场景并模拟真实勒索软件以非破坏性方式执行的操作。你可以在这里找到RanSim
Ransomware(勒索软件)
Ransomware denies access to a device or files until a ransom has been paid. Also called Cryptoware. Ransomware for PC’s is malware that gets installed on a user’s workstation using a social engineering attack where the user gets tricked in clicking on a link, opening an attachment, or clicking on malvertising.
在支付赎金之前,勒索软件会拒绝访问设备或文件。也称为加密软件。PC 勒索软件是一种恶意软件,它使用社会工程攻击安装在用户的工作站上,用户在点击链接、打开附件或点击恶意广告时被欺骗。
Once the malware is on the machine, it starts to encrypt all data files it can find on the PC itself and on any network shares the PC has access to. Next, when a user wants to access one of these files they are blocked and the system admin finds two files in the directory that indicate the files are taken ransom, and how to pay the ransom to decrypt the files. There are a number of free ransomware decryptors available, however it’s a constant battle with hackers then upgrading strains to get past decryption methods. There are many strains of ransomware, two infamous ones are CryptoLocker and CryptoWall. Many more exist and new ransomware strains are released regularly.
一旦恶意软件出现在机器上,它就会开始加密它可以在 PC 本身和 PC 可以访问的任何网络共享上找到的所有数据文件。接下来,当用户想要访问其中一个文件时,他们会被阻止,系统管理员会在目录中找到两个文件,表明这些文件已被勒索,以及如何支付赎金来解密文件。有许多免费的勒索软件解密器可用,但它是与黑客的持续战斗,然后升级菌株以通过解密方法。勒索软件有很多种,两个臭名昭著的勒索软件是CryptoLockerCryptoWall。还有更多的存在,并且定期发布新的 勒索软件菌株
Real Time Protection(实时保护)
Protecting a PC as it happens, as opposed to a scheduled scan that is done every 24 hours. See ‘Active Protection, ‘On Access protection.’
在 PC 发生时保护它,而不是每 24 小时进行一次计划扫描。请参阅“主动保护”,“关于访问保护”。
Regression Testing(回归测试)
(NIST) Rerunning test cases which a program has previously executed correctly in order to detect errors spawned by changes or corrections made during software development and maintenance.
(NIST) 重新运行程序先前正确执行的测试用例,以检测在软件开发和维护期间所做的更改或更正所产生的错误。
Renewal(续订)
Used mainly in the IT space to indicate that a customer extends their subscription for another year.
主要用于 IT 领域,表示客户将订阅延长一年。
Remote Console(远程控制台)
System Administrators often manage several geographically dispersed sites. In those cases, they need software to be able to manage the remote site as if they were physically present. For that, they use what is called a ‘remote console’. For instance, a remote console allows them to manage a machine or a whole network when they are in New York and the physical network being managed is in Atlanta.
系统管理员通常管理多个地理上分散的站点。在这些情况下,他们需要软件来管理远程站点,就像他们在现场一样。为此,他们使用所谓的“远程控制台”。例如,当他们在纽约并且被管理的物理网络在亚特兰大时,远程控制台允许他们管理机器或整个网络。
Removal(移动)
Deleting malware from a PC. See ‘Disinfection’.
从 PC 中删除恶意软件。见“消毒”。
Reporting(报告)
In the context of KnowBe4, reporting means the section of the cloud back-end where customers can see which employees have started their training, finished it or have not even started it. Also which Phishing security tests were sent, who opened, who clicked and a host of other data related to this.
在 KnowBe4 的上下文中,报告是指云后端的部分,客户可以在其中查看哪些员工已开始、完成或尚未开始培训。还发送了哪些网络钓鱼安全测试,谁打开了,谁点击了以及与此相关的许多其他数据。
Resident Virus(常驻病毒)
Malware that is loaded in random access memory and is able to interrupt an Operating System function and alter it to do damage.
加载在随机存取存储器中并能够中断操作系统功能并对其进行修改以造成损害的恶意软件。
Reverse Engineering(逆向工程)
To disassemble and examine some code in detail to discover how and what the creator, so it can be replicated or killed.
拆解并详细检查一些代码以发现创建者的方式和内容,以便可以复制或杀死它。
Rogue, also Rogue Scanner, rogue anti-spyware, rogue anti-malware or scareware(流氓,也流氓扫描器,流氓反间谍软件,流氓反恶意软件或恐吓软件)
Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing. It is a very popular social engineering tactic and there are literally dozens of these programs.
流氓安全软件是一种计算机恶意软件,它欺骗或误导用户为虚假或模拟的恶意软件移除付费。近年来,流氓安全软件已成为桌面计算领域日益严重的安全威胁。这是一种非常流行的社会工程策略,实际上有几十个这样的程序。
Rootkit
A rootkit is software that consists of one or more programs designed to obscure the fact that a PC or Server has been compromised. See Wikipedia
Rootkit 是由一个或多个程序组成的软件,这些程序旨在掩盖 PC 或服务器已被入侵的事实。参见维基百科
Router(路由器)
A router is hardware used to connect two or more computers (or other devices) to each other, and usually to the Internet, by wire or sometimes radio signals.
路由器是一种硬件,用于将两台或多台计算机(或其他设备)相互连接,通常通过有线或无线电信号连接到 Internet。
Ruby on Rails
Often shortened to Rails or RoR, is an open source web application framework for the Ruby programming language. It is intended to be used with an Agile development methodology that is used by KnowBe4 for rapid development.
通常缩写为 Rails 或 RoR,是 Ruby 编程语言的开源 Web 应用程序框架。它旨在与 KnowBe4 用于快速开发的敏捷开发方法一起使用。

S

SAC
Short for the Security Awareness Company, which was acquired by KnowBe4 in 2017.
Security Awareness Company 的简称,2017 年被 KnowBe4 收购。
SAML(安全断言标记语言)
Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP). What that jargon means is that you can use one set of credentials to log into many different websites. It’s much simpler to manage one login per user than it is to manage separate logins to email, customer relationship management (CRM) software, Active Directory, etc. More.
安全断言标记语言 (SAML) 是一种开放标准,允许身份提供商 (IdP) 将授权凭证传递给服务提供商 (SP)。该行话的意思是您可以使用一组凭据登录到许多不同的网站。管理每个用户的一次登录比管理电子邮件、客户关系管理 (CRM) 软件、Active Directory 等的单独登录要简单得多。更多
SAQ(问卷调查)
‘Self Assessment Questionnaire’. A form that merchants which accept credit cards complete to evaluate their compliance with PCI SCC rules. There are different SAQs, depending on the way(s) in which the merchant processes transactions and the transaction volume.
“自我评估问卷”。接受信用卡的商家填写的一种表格,用于评估他们对 PCI SCC 规则的遵守情况。根据商家处理交易的方式和交易量,有不同的 SAQ。
SAT(安全意识培训
Security Awareness Training. To be aware, you need to be able to confront (face things as they are). KnowBe4 helps employees confront the fact bad guys are trying to trick them. Once they confront that, they become aware and able to detect these scam emails and can take appropriate action like deleting the email or not clicking a link.More at Wikipedia [ISAT]
安全意识培训。要意识到,您需要能够面对(如实面对事物)。KnowBe4 帮助员工面对坏人试图欺骗他们的事实。一旦他们遇到这种情况,他们就会意识到并能够检测到这些诈骗电子邮件,并可以采取适当的措施,例如删除电子邮件或不单击链接。更多在维基百科[ISAT]
SHI
They are a DMR, a Direct Market Reseller also known as an e-tailer which is a company that sells directly to consumers online without operating storefront operations of any kind.
他们是 DMR,直接市场经销商,也称为电子零售商,是一家直接在线向消费者销售产品的公司,无需经营任何形式的店面业务。
SIM card(电话卡)
A subscriber-identity-module or alternatively a subscriber-identification-module which is a small card that fits in your smartphone and secure they key and identity of the owner.
一个用户身份模块或可替换地用户识别模块是一个小卡片,在智能手机配合和确保它们主人的关键和身份。
SIEM [PhishER](安全信息和事件管理)
Security Information and Event Management. A type of software that pulls together data from multiple sources—often event log files—analyses it, and then can take some sort of action like alerts someone or make a pretty report. Some of the common SIEM platforms are Splunk, QRadar, and LogRythm. (See XDR)
安全信息和事件管理。 一种从多个来源收集数据(通常是事件日志文件)的软件对其进行分析,然后可以采取某种行动,例如提醒某人或制作漂亮的报告。 一些常见的 SIEM 平台是 Splunk、QRadar 和 LogRythm。 (见 XDR)
SPF(发件人策略框架
Sender Policy Framework is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain’s administrators. See Wikipedia
发件人策略框架是一个简单的电子邮件验证系统,旨在通过提供一种机制来检测电子邮件欺骗,以允许接收邮件交换器检查来自域的传入邮件是否来自该域管理员授权的主机。 见维基百科
SSID(Service Set IDentifier、服务集标识符
The name assigned to a Wi-Fi (wireless) network. All devices in the network must use this case-sensitive name to communicate over Wi-Fi, which is a text string up to 32 bytes long. Out of the box, wireless routers and access points have a default SSID, which may be the manufacturer’s name, such as “linksys” or “netgear” or simply “default.”
分配给 Wi-Fi(无线)网络的名称。 网络中的所有设备都必须使用此区分大小写的名称通过 Wi-Fi 进行通信,这是一个最长 32 字节的文本字符串。 开箱即用的无线路由器和接入点有一个默认的 SSID,它可能是制造商的名称,例如“linksys”或“netgear”或简单的“默认”。
SSO
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials — for example, a name and password — to access multiple applications. SSO can be used by enterprises, smaller organizations and individuals to ease the management of various usernames and passwords. SSO uses SAML to its magic.
单点登录 (SSO) 是一种 会话和用户身份验证服务 ,它允许用户使用一组登录凭据(例如名称和密码)访问多个应用程序。企业、小型组织和个人可以使用 SSO 来简化各种用户名和密码的管理。SSO 使用SAML来发挥它的魔力。
Securable.io
A company acquired by KnowBe4 in 2017.
2017 年被 KnowBe4 收购的一家公司。
SCORM
Sharable Content Object Reference Model (SCORM) is a collection of Department of Defense created standards and specifications for web-based e-learning. It defines communications between client side content and a host system which is an LMS. (See LMS) KnowBe4’s courseware is SCORM compliant.
可共享内容对象参考模型 (SCORM) 是国防部为基于 Web 的电子学习创建的标准和规范的集合。它定义了客户端内容和作为 LMS 的主机系统之间的通信。(请参阅 LMS) KnowBe4 的课件符合 SCORM。
SDK(开发工具包)
Software Development Kit. A set of development tools that allows a software engineer to create an application. An Antivirus SDK allows someone to create their own antimalware software product, and pay the developer for the use of the SDK.
软件开发工具包。一组允许软件工程师创建应用程序的开发工具。Antivirus SDK 允许某人创建他们自己的反恶意软件产品,并为使用 SDK 的开发人员付费。
Session Cookie(会话 Cookie)
Webpages have no memories. A user going from page to page will be treated by the website as a completely new visitor. Session cookies enable the website you are visiting to keep track of your movement from page to page so you don’t get asked for the same information you’ve already given to the site. Cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit. All about cookies
网页没有记忆。用户从一个页面到另一个页面将被网站视为一个全新的访问者。会话 cookie 使您正在访问的网站能够跟踪您从一个页面到另一个页面的移动,这样您就不会被要求提供 您已经提供给该网站的相同 信息Cookie 允许您快速轻松地浏览站点的多个页面,而无需验证或重新处理您访问的每个新区域。关于Cookie
Short Squeeze(短挤压)
A short squeeze occurs when many investors short a stock, or bet that its price will go down, and the stock’s price shoots up instead.
当许多投资者做空一只股票,或押注其价格会下跌,而该股票的价格反而会上涨时,就会出现空头挤压。
SKU(单品)
Stock Keeping Unit. A number to specify a separate product.
库存单位。用于指定单独产品的编号。
SLA(服务水平协议)
Service Level Agreement. A service level agreement (SLA) is a commitment between a service provider and a client. Particular aspects of the service – quality, availability, responsibilities – are agreed between the service provider and the service user. Internal SLAs are used to maintain a level of service internally, with an organization, rather than with an external party. Internal SLAs may apply to help desk services, network or application availability and performance, and any other internal processes.
服务水平协议。服务级别协议 (SLA) 是 服务提供商和客户之间的承诺。服务的特定方面——质量、可用性、责任——在服务提供商和服务用户之间达成一致。内部 SLA 用于在内部与组织而不是与外部方保持服务水平。内部 SLA 可能适用于帮助台服务、网络或应用程序可用性和性能,以及任何其他内部流程。
SME, SMB(中小型企业)
Small and Medium Enterprises (usually up to 500 seats). Also called SMB (Small and Medium Business) Some industry analysts go up to 1,000 seats before they call it ‘Large Enterprise’.
中小型企业(通常最多 500 个席位)。也称为 SMB(中小型企业) 一些行业分析师在将其称为“大型企业”之前会增加 1,000 个席位。
SMTP(简单邮件传输协议)
Simple Mail Transfer Protocol (SMTP) is an Internet standard for e-mail transmission, and is the #1 protocol in use today. E-mail servers and other e-mail transfer agents use SMTP to send email.
简单邮件传输协议 (SMTP) 是用于电子邮件传输的 Internet 标准,并且是当今使用的#1 协议。电子邮件服务器和其他电子邮件传输代理使用 SMTP 发送电子邮件。
SOAR
Security Orchestration, Automation and Response defined: a coordination of automated security tasks across connected security applications and processes. (See XDR)
安全编排、自动化和响应定义:跨连接的安全应用程序和流程的自动化安全任务的协调。 (见 XDR)
SOC(电脑安全运营中心)
Security Operations Center (computing), in an organization, a centralized unit that deals with computer security issues
安全运营中心(电脑),在组织中,处理计算机安全问题的集中单位
SOC 2
SOC 2 (SOC stands for (Service Organization Controls) is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients. For security-conscious businesses, SOC 2 compliance is a minimal requirement when considering a SaaS provider
SOC 2(SOC 代表(服务组织控制)是一种审计程序,可确保您的服务提供商安全地管理您的数据,以保护您的组织的利益和客户的隐私。对于有安全意识的企业,SOC 2 合规性是最低要求 考虑 SaaS 提供商时的要求
SOW
Statement Of Work. A description of the work that needs to be done, and is agreed upon by the parties before the work starts.
工作陈述。对需要完成的工作的描述,并在工作开始前由双方商定。
Sandbox(沙盒)
In the computer security world, a ‘Sandbox’ means a safe space where malware can be analyzed. You could call it a virtual container in which untrusted programs can be safely run. Sometimes this is a separate computer that is kept off production networks, sometimes this is software that creates a safe space inside a computer. The Sandbox keeps the malware away from all other resources (like private data).
在计算机安全领域,“沙箱”意味着可以分析恶意软件的安全空间。您可以将其称为虚拟容器,不受信任的程序可以在其中安全运行。有时这是一台与生产网络隔离的独立计算机,有时这是在计算机内部创建安全空间的软件。沙箱使恶意软件远离所有其他资源(如私人数据)。
Scareware(恐吓软件)
Scam software, often with limited or no benefit, sold to consumers via unethical marketing practices. The selling approach is designed to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user. Some forms of spyware and adware also use scareware tactics. Read more about this at Wikipedia.
通过不道德的营销行为向消费者出售通常收益有限或没有收益的诈骗软件。销售方法旨在引起震惊、焦虑或对威胁的感知,通常针对毫无戒心的用户。某些形式的间谍软件和广告软件也使用恐吓软件策略。在维基百科上阅读更多相关信息。
Script Kiddie(脚本小子)
A relatively unskilled hacker who downloads and uses “point-and-click” attack software.
下载和使用“点击式”攻击软件的相对不熟练的黑客。
Scrum(Scrum)
A method intended for management of software development projects, it can also be used to run software maintenance teams, or as a general project/program management approach. KnowBe4 uses this method. See Wikipedia
一种用于管理软件开发项目的方法,也可用于运行软件维护团队,或作为一般项目/程序管理方法。KnowBe4 使用这种方法。参见维基百科
Security policy(安全政策)
A written document that states how an organization plans to protect its physical assets and information.
一份书面文件,说明组织计划如何保护其有形资产和信息。
Session hijacking(会话劫持)
An attack method that captures the attributes of a website session from one of the parties involved (usually on the client or user end). It then takes over (hijacks) the session from the legitimate user. The attacker keeps the session going and impersonates the user.
一种从相关方(通常在客户端或用户端)捕获网站会话属性的攻击方法。然后它接管(劫持)合法用户的会话。攻击者保持会话继续并冒充用户。
Security Vulnerability(安全漏洞)
The term vulnerability means a weakness which allows an attacker to penetrate a network. It’s also called ‘attack surface’. A Vulnerability has three elements:

  • a flaw in the network
  • attacker access to the flaw
  • attacker capability to exploit that flaw

A vulnerability with a known, working, implemented attack is called an exploit. Attackers have a limited window of exploiting the vulnerability: until their access was removed, or a security fix was deployed.
术语漏洞是指允许攻击者渗透网络的弱点。它也被称为“攻击面”。漏洞具有三个要素:

  • 网络缺陷
  • 攻击者访问漏洞
  • 攻击者利用该缺陷的能力

具有已知的、有效的、已实施的攻击的漏洞称为漏洞利用。攻击者利用该漏洞的时间有限:直到他们的访问权限被删除或部署了安全修复程序。
Sensitive Information(敏感信息)
Privileged or proprietary information which, if compromised through alteration, corruption, loss, misuse, or unauthorized disclosure, could cause serious harm to the organization owning it. NOTE: For our purposes, the words sensitive, confidential, and private all mean essentially the same thing.
特权或专有信息,如果因更改、损坏、丢失、滥用或未经授权的披露而受到损害,可能会对拥有该信息的组织造成严重损害。注意:就我们的目的而言,敏感、机密和私人这三个词的含义基本相同。
Sextortion(性勒索)
Contact a young girl on a social networking site using a fake identity, gain her trust, extract some highly personal information, and then threaten to expose her intimate exchanges if she doesn’t assent to escalating demands for sexually explicit pictures or videos. Example at the FBI website
使用假身份在社交网站上联系一个年轻女孩,获得她的信任,提取一些高度个人化的信息,然后威胁如果她不同意对色情图片或视频的不断升级的要求,就公开她的亲密交流。FBI网站上的示例
Shipstopper (Bug)(Shipstopper(错误))
A bug found that is severe enough to stop the product from shipping.
发现一个严重到足以阻止产品发货的错误。
Shoulder surfing(肩背冲浪)
Shoulder surfing is a visual technique of gathering passwords by watching over a person’s shoulder while they log in to the system. With some training, a hacker can observe a user log in and then use that password to gain access to the system.
肩部冲浪是一种通过在登录系统时监视一个人的肩膀来收集密码的视觉技术。通过一些培训,黑客可以观察用户登录,然后使用该密码访问系统。
Signature-Based Detection(基于签名的检测)
Antivirus detects malware using signatures, heuristics and behavior. The signature-based method is built on proprietary threat information, using multiple sources for the threat definition updates.
防病毒软件使用签名、启发式方法和行为检测恶意软件。基于签名的方法建立在专有威胁信息的基础上,使用多个来源进行威胁定义更新。
Smishing(短信钓鱼)
Phishing conducted via Short Message Service (SMS), a telephone-based text messaging service. A smishing text, for example, attempts to entice a victim into revealing personal information.
网络钓鱼通过短信服务 (SMS) 进行,这是一种基于电话的短信服务。例如,一条短信试图诱使受害者透露个人信息。
Sniffer(嗅探器)
Jargon for packet analyzer software that looks at (sniffs) data packets in a network and shows what is inside the packets. Can be used to troubleshoot networks but also to hack into the network.
数据包分析器软件的行话,它查看(嗅探)网络中的数据包并显示数据包内部的内容。可用于对网络进行故障排除,也可用于入侵网络。
Social Engineering(社会工程学)
Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim.
社会工程学是操纵人们采取行动或泄露机密信息的行为。虽然类似于信任欺骗或简单的欺诈,但该术语通常适用于以信息收集、欺诈或计算机系统访问为目的的欺骗或欺骗;在大多数情况下,攻击者从不与受害者面对面。
Spam(垃圾邮件)
Unsolicited, unwanted Email. About 90% of email that goes through the internet is spam. The other 10% is called ‘ham’. (no joke)
不请自来的、不需要的电子邮件。通过 Internet 发送的电子邮件中约有 90% 是垃圾邮件。剩下的 10% 被称为“火腿”。(可不是闹着玩的)
Spear Phishing(鱼叉式网络钓鱼)
Spear Phishing is a small, focused, targeted attack via email on a particular person or organization with the goal to penetrate their defenses. The spear-phishing attack is done after research on the target and has a specific personalized component designed to make the target do something against their own interest. Here is more about how they do it.
鱼叉式网络钓鱼是一种通过电子邮件针对特定个人或组织的小型、集中、有针对性的攻击,其目标是渗透他们的防御。鱼叉式网络钓鱼攻击是在对目标进行研究之后进行的,并且具有特定的个性化组件,旨在使目标做一些违背自己利益的事情。这里有更多关于他们如何做到的
Spoofing(欺骗)
Tricking or deceiving computer systems or other computer users. This is typically done by hiding one’s identity or faking the identity of another user on the Internet. E-mail spoofing involves sending messages from a bogus e-mail address or faking the e-mail address of another user. Since people are much more likely to read a message from an address they know, hackers will often spoof addresses to trick the recipient into taking action they would not normally take.
欺骗或欺骗计算机系统或其他计算机用户。这通常是通过在 Internet 上隐藏一个人的身份或伪造另一个用户的身份来完成的。电子邮件欺骗涉及从伪造的电子邮件地址发送消息或伪造其他用户的电子邮件地址。由于人们更有可能从他们知道的地址阅读邮件,因此黑客通常会欺骗地址以欺骗收件人采取他们通常不会采取的行动。
Sprint(短跑)
A term used in ‘agile’ software development, a method that KnowBe4 uses. A period of a month after which a deliverable product is ready for shipping. During this sprint, a list of items called ‘backlog’ is ‘burned down’ to completion. See ‘Backlog’ and ‘Burndown’.
“敏捷”软件开发中使用的一个术语,KnowBe4 使用的一种方法。可交付产品准备好发货后的一个月时间。在这个冲刺期间,一个名为“backlog”的项目列表被“烧掉”完成。请参阅“积压”和“燃尽”。
Spyware(间谍软件)
An umbrella term for many ‘families’ of malicious software which send a computer user’s confidential data back to (usually) cyber criminals. Some examples of spyware are Trojans, Adware, malicious toolbars, and many others. For a short history on spyware, check out this item on Wikipedia. It’s not complete but gives a reasonable overview.
许多恶意软件“家族”的总称,这些恶意软件将计算机用户的机密数据发送回(通常)网络犯罪分子。间谍软件的一些示例包括特洛伊木马、广告软件、恶意工具栏等。有关间谍软件的简短历史,请查看Wikipedia 上的此项。它并不完整,但提供了一个合理的概述。
SQL Injection Attack(SQL注入攻击)
SQL injection is a hacker technique that exploits a security vulnerability occurring in the database of an application. The vulnerability is present when user input fields are not checked well.
SQL 注入是一种黑客技术,它利用发生在应用程序数据库中的安全漏洞。当没有很好地检查用户输入字段时,就会出现该漏洞。
StopBadware.org
StopBadware works with its network of partner organizations and individuals to fight back against viruses, spyware, and other badware. You can find them here
StopBadware 与其合作伙伴组织和个人网络合作,共同对抗病毒、间谍软件和其他恶意软件。你可以在这里找到它们
Stress Testing(压力测试)
(IEEE) Testing conducted to evaluate a system or component at or beyond the limits of its specified requirements.
(IEEE) 为评估系统或组件达到或超出其指定要求的限制而进行的测试。
Stu’s Rules(Stu的规则)(额,催什么催😅)
KnowBe4 founder and CEO Stu Sjouwerman ends staff meetings with:

  • Do it right the first time
  • Do it fast
  • Have fun while you do it!

KnowBe4 创始人兼首席执行官 Stu Sjouwerman 在员工会议结束时说:

  • 第一次做对
  • 做快点

Stuxnet(震网)
Malware created by the U.S and Israel with the express goal to destroy Iran’s uranium enrichment facility in Natanz. It escaped and is now used by bad actors to attack sites. More Here
美国和以色列制造的恶意软件,其明确目标是摧毁伊朗在纳坦兹的铀浓缩设施。它逃脱了,现在被坏人用来攻击网站。更多在这里
Supply Chain Attack(供应链攻击)
A supply chain attack, also called a value-chain or third-party attack, occurs when someone infiltrates your system through an outside partner or provider that has access to your systems and data, or provides you with tools that bad actors can compromise and use those tools to penetrate your network.
一个 供应链的攻击,也被称为以价值链 或第三方 的攻击,发生当有人通过访问您的系统和数据的外部合作伙伴或供应商渗入你的系统,或者为你提供工具,恶意行为者可以妥协和使用那些渗透您网络的工具。
System Monitors(系统监视器)
Specialized software modules that look at the PC and make sure nothing gets changed by malware, and sometimes are able to either block changes or revert the system to its original state. See ‘Active Protection’.
专门的软件模块查看 PC 并确保恶意软件不会更改任何内容,有时能够阻止更改或将系统恢复到其原始状态。请参阅“主动保护”。

T

TOS(服务条款)
Terms Of Service (abbreviated as “ToS” or “TOS”) are rules by which one must agree to abide by in order to use a service. Usually, such terms are legally binding. Terms of service can cover a range of issues, including acceptable user behavior online, a company’s marketing policies, etc. Some organizations, such as Yahoo and Facebook, can change their terms of service without notice to the user base. Here is Knowbe4’s TOS
服务条款(缩写为“ToS”或“TOS”)是人们必须同意遵守才能使用服务的规则。通常,此类条款具有法律约束力。服务条款可以涵盖一系列问题,包括可接受的用户在线行为、公司的营销政策等。一些组织,例如雅虎和 Facebook,可以在不通知用户群的情况下更改其服务条款。这是Knowbe4 的 TOS
TCP/IP(TCP/IP)
Transmission Control Protocol/Internet Protocol. This is the protocol that the Internet uses to transport data packets from one computer to another.
传输控制协议/互联网协议。这是 Internet 用来将数据包从一台计算机传输到另一台计算机的协议。
Tabnabbing(标签页)
Uses browser tabs to impersonate legitimate websites and create fake login pages that trick victims into revealing private information. Tabnabbing works when you have two or more tabs open in a web browser. When a tab is left unattended for several minutes, a tabnabber can redirect the site in the unattended tab to a different, malicious login site.
使用浏览器选项卡来冒充合法网站并创建虚假登录页面,诱使受害者泄露私人信息。当您在 Web 浏览器中打开两个或多个选项卡时,选项卡会起作用。当某个选项卡在几分钟内无人看管时,tabnabber 可以将无人看管选项卡中的站点重定向到另一个恶意登录站点。
Tailgating(尾随)
A method used by social engineers to gain access to a building or other protected area. A tailgater waits for an authorized user to open and pass through a secure entry and then follows right behind.
通过使用一种方法,社会工程师,以获得进入建筑物或其他保护区。尾门等待授权用户打开并通过安全入口,然后紧随其后。
TELNET(远程登录)
Telnet was developed in 1969 and one of the first Internet standards. The name stands for “teletype network”. Telnet is a communications protocol for applications that use 2-way interactive text, using what is called a “virtual terminal” connection. Telnet runs on top of the Transmission Control Protocol (TCP).
Telnet 于 1969 年开发,是最早的 Internet 标准之一。该名称代表“电传网络”。Telnet 是一种通信协议,适用于使用 2 向交互文本的应用程序,使用所谓的“虚拟终端”连接。Telnet 运行在传输控制协议 (TCP) 之上。
Historically, Telnet provided access to a command-line interface (usually, of an operating system) on a remote computer. However, because of serious security concerns when using Telnet over an open network such as the Internet, its use for this purpose has waned significantly in favor of SSH.
历史上,Telnet 提供对远程计算机上的命令行界面(通常是操作系统)的访问。但是,由于在开放网络(例如 Internet)上使用 Telnet 时存在严重的安全问题,因此它用于此目的的用途已显着减少,而有利于 SSH。
The term telnet is also used to refer to the software that implements the client part of the protocol. Telnet client applications are available for virtually all computer platforms. Telnet is also used as a verb. To telnet means to establish a connection with the Telnet protocol as in “To change your password, telnet to the server, log in and run the passwd command.” More at WikiPedia
telnet 一词也用于指代实现协议客户端部分的软件。Telnet 客户端应用程序几乎可用于所有计算机平台。Telnet 也用作动词。To telnet 的意思是使用 Telnet 协议建立连接,如“要更改密码,telnet 到服务器,登录并运行 passwd 命令”。更多在维基百科
Test Harness(测试线束)
(IEEE) A software module used to invoke a module under test and, often, provide test inputs, control and monitor execution, and report test results.(IEEE) 用于调用被测模块的软件模块,通常提供测试输入、控制和监控执行以及报告测试结果。
Test Suite(测试套件)
A collection of test cases used to validate the behavior of a product. There may be several Test Suites for a particular product for example. In most cases however a Test Suite is a high level concept, grouping together possibly hundreds or even thousands of test cases related by what they are intended to test.
用于验证产品行为的测试用例集合。例如,一个特定产品可能有多个测试套件。然而,在大多数情况下,测试套件是一个高级概念,可能将数百甚至数千个与它们要测试的内容相关的测试用例组合在一起。
Tower Dump(塔转储)
Many law enforcement agencies use a surveillance tactic called “tower dump.” The method gives police access to “identity, activity and location” data of users and makes use of multiple [cell phone] towers, and wireless providers, and can net information from thousands of phones. Records show that at least 25 police departments own a Stingray device – which essentially operates as a fake cell phone tower in order to siphon data from nearby phones that connect to it. This was the method that ultimately caught Kevin Mitnick.
许多执法机构使用一种称为“塔式倾倒”的监视策略。该方法使警方能够访问用户的“身份、活动和位置”数据,并利用多个 [手机] 信号塔和无线提供商,并可以从数千部手机中获取信息。记录显示,至少有 25 个警察部门拥有 Stingray 设备——它本质上是一个假手机发射塔,目的是从附近连接到它的手机中提取数据。这是最终抓住凯文米特尼克的方法。
Tradecraft(手工艺)
The word “tradecraft” is most often associated with spies. But hackers hackers and social engineers also have their tradecraft: a set of techniques they use to get illegal access to hardware, software, or deceive humans.
“手艺”这个词最常与间谍联系在一起。但是黑客黑客和社会工程师也有他们的技巧:他们用来非法访问硬件、软件或欺骗人类的一套技术。
Trigger(扳机)
A condition that causes a virus payload to be executed, usually occurring through user interaction (e.g., opening a file, running a program, clicking on an e-mail file attachment).
导致执行病毒负载的条件,通常通过用户交互(例如,打开文件、运行程序、单击电子邮件文件附件)发生。
Trojan(木马)
A Trojan horse (shortened to trojan), is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user’s computer system. The term is derived from the Trojan Horse story in Greek mythology. It is the most prevalent form of malware in the timeframe 2010-2014, well over 50% of all malware are Trojans.
特洛伊木马(简称为特洛伊木马)是一种非自我复制的恶意软件,它似乎为用户执行了所需的功能,但却促进了对用户计算机系统的未授权访问。该术语源自希腊神话中的特洛伊木马故事。它是 2010 年至 2014 年期间最流行的恶意软件形式,超过 50% 的所有恶意软件是特洛伊木马程序。
Trojan downloader, also called ‘Trojan dropper’(特洛伊木马下载器,也称为“特洛伊木马植入程序”)
A Trojan Downloader is a program typically installed through an exploit or some other deceptive means and that facilitates the download and installation of other malware onto a victim’s PC. A Trojan Downloader may download adware, spyware or other malware from multiple servers or sources on the internet. See ‘Exploit’.
特洛伊木马下载程序是一种通常通过漏洞利用或其他一些欺骗手段安装的程序,它有助于将其他恶意软件下载并安装到受害者的 PC 上。特洛伊木马下载程序可能会从多个服务器或互联网上的来源下载广告软件、间谍软件或其他恶意软件。参见“利用”。
Typo Generator(错字生成器)
A software tool to generate a list of typos and common misspellings, for instance for domain names. (i.e. www.goofle.com) These domain names are then used to create a perfect copy of the original, and users tricked into leaving confidential information. This is only one example of typo generator use, many more are possible.
一种用于生成拼写错误和常见拼写错误列表的软件工具,例如域名。(即 www.goofle.com)然后这些域名被用来创建原始域名的完美副本,并且用户被诱骗留下机密信息。这只是错字生成器使用的一个例子,还有更多可能。
Typosquatting(抢注 )
Purchasing web domains that are a character or two different from a legitimate and well-known social or company website. When a person mistypes the web address, a website appears that looks very much like the intended site. Typosquatting is usually done for fraudulent purposes. Also called URL hijacking.
购买与合法且知名的社交或公司网站不同的一两个字符的 Web 域。当一个人输入错误的网址时,会出现一个与预期站点非常相似的网站。域名抢注通常是出于欺诈目的。也称为 URL 劫持。

U

URL shortening(网址缩短)
A method of reducing the size and complexity of web URLs, mainly for ease of use. However, URL shortening also disguises a website’s real domain name, and hinders detection of known malicious sites or destinations.
一种减少 Web URL 大小和复杂性的方法,主要是为了便于使用。但是,URL 缩短还会伪装网站的真实域名,并阻碍对已知恶意站点或目的地的检测。
USB-Stick(USB记忆棒)
A USB memory stick often used for penetration tests, with malware on it that exposes the network to the attacker. Also called Thumb-drive. The drive is left at common areas like a parking lot or the rest room, and had a label that make the user want to know more, e.g. “Q1 Layoff List”.
通常用于渗透测试的 USB 记忆棒,上面装有恶意软件,可将网络暴露给攻击者。也称为拇指驱动器。驱动器被放置在停车场或洗手间等公共区域,并有一个标签,让用户想要了解更多,例如“Q1 裁员清单”。
Unit Testing(单元测试)
Testing of a software module for typographic, syntactic, and logical errors, for correct implementation of its design, and for satisfaction of its requirements. Also called component testing.
测试软件模块的排版、句法和逻辑错误,以正确实现其设计并满足其要求。也称为组件测试。
Update(更新)
A software ‘update’ is usually a patch. A patch is a piece of software designed to fix problems with a computer program or its supporting data. It can include fixing security vulnerabilities and other bugs, and improving the usability or performance.
软件“更新”通常是一个补丁。补丁是一种软件,旨在解决计算机程序或其支持数据的问题。它可以包括修复安全漏洞和其他错误,以及提高可用性或性能。
Upgrade(升级)
The term ‘upgrade’ refers to the replacement of a product with a newer version of the same product. In software, it means a replacement with a newer or better version, in order to bring the system up to date or to improve it features. See (and contrast with) ‘Update’ above.
术语“升级”是指用同一产品的更新版本替换产品。在软件中,这意味着用更新或更好的版本替换,以使系统保持最新或改进其功能。请参阅(并与之对比)上面的“更新”。
Usability Testing(可用性测试)
Tests designed to evaluate the machine/user interface. Are the communication device(s) designed in a manner such that the information is displayed in an understandable fashion enabling the operator to correctly interact with the system?
旨在评估机器/用户界面的测试。通信设备的设计方式是否使信息以易于理解的方式显示,使操作员能够正确地与系统交互?

V

VAR(无功功率)
A value-added reseller (VAR) is a company that adds features or services to an existing product, then resells it (usually to end-users) as an integrated product or complete “turn-key” solution.
增值经销商 (VAR) 是一家为现有产品添加功能或服务,然后将其作为集成产品或完整“交钥匙”解决方案转售(通常向最终用户)的公司。
VB100(病毒公告 100% 通过)
This stands for “Virus Bulletin 100% Pass”. It means an Antivirus product catches all the malware that is on the WildList and also has NO False Positives. Getting awarded the VB100 is important in the industry and shows a product has attained a certain quality level. It does not mean it catches 100%, no antivirus product does. Here is the Virus Bulletin website.
这代表“病毒公告 100% 通过”。这意味着防病毒产品可以捕获 WildList 上的所有恶意软件,并且没有误报。获得 VB100 奖项在行业中很重要,表明产品已达到一定的质量水平。这并不意味着它可以 100% 捕获,没有防病毒产品可以做到。这是病毒公告网站。
VDI(虚拟桌面基础架构)
A Virtual Desktop Infrastructure (VDI) allows a user’s desktops and applications to run in a private virtual machine hosted on servers in a data center rather than locally on the user’s PCs. It’s technically complex and expensive, but it allows users to access their personalized desktop from any PC; and makes life easy for admins.
虚拟桌面基础架构 (VDI) 允许用户的桌面和应用程序在托管在数据中心服务器上的私有虚拟机中运行,而不是在用户 PC 本地运行。它在技术上既复杂又昂贵,但它允许用户从任何 PC 访问他们的个性化桌面;并使管理员的生活变得轻松。
VEC(供应商电子邮件入侵)
Vendor Email Compromise. This is a variety of business email compromise (see BEC) attack in which attackers gain access to email accounts at a company in the supply chain, and then use the accounts to target that company’s customers.
供应商电子邮件入侵,这是各种商业电子邮件入侵(参见 BEC)攻击,攻击者可以访问供应链中某家公司的电子邮件帐户,然后使用这些帐户瞄准该公司的客户。
VPN(虚拟专用网)
Virtual Private Network. VPN vocabulary: all the key terms and jargon explained
虚拟专用网络。VPN 词汇:所有关键术语和行话解释
VM(Virtual Machine、虚拟机)
A computer resource that runs programs inside a software created “virtual” operating environment rather than on a physical computer. Each virtual machine runs as a separate computing environment, allowing different operating systems to function simultaneously on the same “host” machine. VMs can even be used on the cloud to provide virtual application resources.
在软件创建的“虚拟”操作环境而不是物理计算机上运行程序的计算机资源。每个虚拟机都作为一个独立的计算环境运行,允许不同的操作系统在同一台“主机”机器上同时运行。甚至可以在云上使用 VM 来提供虚拟应用程序资源。
Virus, also called ‘File Infector’, or ‘File Virus’(病毒,也称为“文件感染者”或“文件病毒”)
A computer virus is a computer program that can copy itself and infect a computer. The term “virus” is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability. Since 2009, viruses in their traditional form are less than 10% of total malware. Microsoft in 2010 estimated it was only 4%. A true virus can only spread from one computer to another (in some form of executable code) when its host (infected file) is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it (via sneakernet) on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system. See ‘Worm’. See Wikipedia.
计算机病毒是一种可以自我复制并感染计算机的计算机程序。术语“病毒”也经常但错误地用于指代其他类型的恶意软件、广告软件和没有繁殖能力的间谍软件程序。自 2009 年以来,传统形式的病毒不到恶意软件总数的 10%。微软在 2010 年估计只有 4%。真正的病毒只有在其宿主(受感染的文件)被带到目标计算机时才能从一台计算机传播到另一台计算机(以某种形式的可执行代码);例如,因为用户通过网络或 Internet 发送它,或将它(通过运动鞋网)携带在软盘、CD、DVD 或 USB 驱动器等可移动介质上。病毒可以通过感染网络文件系统上的文件来增加传播到其他计算机的机会。见“蠕虫”。参见维基百科.
Virus Bulletin(病毒通报)
Virus Bulletin is the world’s first and foremost virus and malware authority, and the go-to place for the antivirus industry.
Virus Bulletin 是世界上第一个也是最重要的病毒和恶意软件权威,去到的地方杀毒行业。
They do three things:

  1. a monthly magazine,
  2. an annual conference,
  3. bimonthly product certifications.

他们做三件事:

  1. 月刊
  2. 年度会议
  3. 双月刊产品认证。
  4. Their name comes from the first thing they started with in 1989: a magazine dedicated to providing PC users with a regular source of intelligence about computer malware, its prevention, detection and removal, and how to recover programs and data following an attack. Virus Bulletin quickly became the leading specialist publication in the field of malware and spam and is today produced in an online format.

    他们的名字来源于他们在 1989 年创办的第一件事:一本致力于为 PC 用户提供有关计算机恶意软件、其预防、检测和删除以及如何在受到攻击后恢复程序和数据的常规情报来源的杂志。Virus Bulletin 迅速成为恶意软件和垃圾邮件领域领先的专业出版物,如今以在线格式制作。

  5. VB ConferenceVB 会议

    1. They first VB conference was in 1991 and the event has become a major highlight of the anti-malware calendar. They present factual information, demonstrate defensive procedures and countermeasures, and provide a platform for experts share their research and set new standards.
    2. 他们的第一次 VB 会议是在 1991 年,该活动已成为反恶意软件日历的一大亮点。他们提供事实信息,展示防御程序和对策,并为专家分享他们的研究和制定新标准提供平台。
  6. “VB100″ certification(“VB100”认证)
    1. For many years, Virus Bulletin has carried out independent comparative testing of anti-malware products. The unique VB100 certification is widely recognized within the industry. Virus Bulletin tests anti-malware products free of charge and, unlike other certification schemes, does not allow re-testing – performances are reported exactly as they are found.
    2. 多年来,Virus Bulletin 对反恶意软件产品进行了独立的对比测试。独特的VB100认证在行业内得到广泛认可。Virus Bulletin 免费测试反恶意软件产品,并且与其他认证计划不同,不允许重新测试 - 性能报告与发现时完全一样。

This third function is very interesting. Their VB100 stands for “Virus Bulletin 100% Pass”. It means an Antivirus product catches all the malware that is on the WildList (a varying list of around 800 malware samples that are ‘in the wild’, put together by the Virus Bulletin WildList committee. AV products are expected to catch all samples that are in the WildList), and also has NO False Positives. Getting awarded the VB100 is important in the AV industry and shows a product has attained a certain quality level. It does not mean it catches 100%, no antivirus product does.
这第三个功能非常有趣。他们的 VB100 代表“Virus Bulletin 100% Pass”。这意味着防病毒产品可以捕获 WildList 上的所有恶意软件(由病毒公告 WildList 委员会汇总的大约 800 个“在野外”恶意软件样本的不同列表。AV 产品有望捕获所有样本在 WildList 中),并且也没有误报。获得 VB100 奖项在 AV 行业中很重要,表明产品已达到一定的质量水平。这并不意味着它可以 100% 捕获,没有防病毒产品可以做到。
Virus Definitions, abbreviated to ‘Defs’, also called ‘Patterns’ or ‘Signatures’(病毒定义,缩写为“Defs”,也称为“Patterns”或“Signatures”)
The database of virus signatures (detections, patterns) that allows an antivirus product to recognize and disinfect viruses. These definitions are created by an AV Lab team and send to PC’s running that Antivirus very regularly.
允许防病毒产品识别和清除病毒的病毒签名(检测、模式)数据库。这些定义由 AV 实验室团队创建,并定期发送到运行该防病毒软件的 PC。
Virustotal
Virustotal is a website that delivers a service which analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by about 70 different antivirus companies that scan the file so you basically get the opinion of many different security companies at once. Both good guys and bad guys use Virustotal. The bad guys send their malware up there to see if it gets caught by antivirus engines. It’s got free and paid license versions and is owned by Google. You can find them here.
Virustotal 是一个提供分析可疑文件的服务的网站,并有助于快速检测由大约 70 家不同的反病毒公司检测到的病毒、蠕虫、木马和各种恶意软件,这些公司扫描文件,因此您基本上可以得到许多不同安全性的意见公司立即。 好人和坏人都使用Virustotal。坏人将他们的恶意软件发送到那里,看看它是否会被防病毒引擎捕获。 它有免费和付费的许可版本,归谷歌所有。 您可以在此处找到它们
Vishing(电话钓鱼)
A phishing attack conducted by telephone, usually targeting voice over IP (VoIP) users, such as Skype users. Vishing is the phone equivalent of a phishing attack. There are two forms of this, human and automated. In the human example a scam artist uses the anonymity of a phone call and pretends to be a representative of their target’s bank or credit card company. They manipulate the victim to enter their PIN, credit card number, or bank account (and routing number) with the phone keypad. This allows the scammer to get instant access to another person’s bank credentials.
通过电话进行的网络钓鱼攻击,通常针对 IP 语音 (VoIP) 用户,例如 Skype 用户。Vishing是相当于网络钓鱼攻击的电话。有两种形式,人工和自动化。在人类的例子中,骗子利用电话的匿名性并假装是目标银行或信用卡公司的代表。他们操纵受害者使用电话键盘输入他们的 PIN、信用卡号或银行帐户(和路由号码)。这允许诈骗者立即访问另一个人的银行凭证。
It’s also known as rogue “IVR” (Interactive Voice Response) and that is where it gets automated. The bad guys use an IVR system to impersonate a real-sounding financial institution’s IVR system. Using a phishing email, the victim is told to call “the bank” using their toll free number, so that the fake bank can “verify” some information. A normal trick is that the system is configured to throw fake error messages so that the victim will try several passwords to get in. More sophisticated scams even have a live body impersonating customer service in case the victim presses “0” for an operator.
它也被称为流氓“IVR”(交互式语音响应),这就是它实现自动化的地方。坏人使用 IVR 系统来冒充听起来真实的金融机构的 IVR 系统。使用网络钓鱼电子邮件,受害者被告知使用他们的免费电话号码致电“银行”,以便假银行可以“验证”一些信息。一个正常的伎俩是系统配置为抛出虚假的错误消息,以便受害者尝试多个密码才能进入。更复杂的骗局甚至有一个活体冒充客户服务,以防受害者按“0”寻找接线员。
Vulnerability Assessment / Vulnerability Scan(漏洞评估/漏洞扫描)
A scan through the whole network that looks for and reports on known vulnerabilities in endpoints and all other network devices. There are two types of scans, internal and external. Internal is run inside the network by an administrator or by a bad guy that has penetrated the network and looks for more ways to get and stay inside the network. External scans the company from the outside in and looks at the website and their web applications. KnowBe4 provides the external, outside-in type of scan as a service.
扫描整个网络,查找并报告端点和所有其他网络设备中的已知漏洞。有两种类型的扫描,内部和外部。内部由管理员或已渗透网络并寻找更多进入和留在网络内部的方法的坏人在网络内部运行。外部从外到内扫描公司并查看网站及其 Web 应用程序。KnowBe4提供外部的、由外到内类型的扫描即服务。
Voicemail overloading(语音信箱超载 )
Spamming over Internet telephony. Much like getting spam email, a voice over Internet Protocol (VoIP) user can get junk voicemails. Spammers simply send a voicemail messages to thousands of IP addresses at a time.
通过 Internet 电话发送垃圾邮件。就像收到垃圾邮件一样,互联网协议语音 (VoIP) 用户可能会收到垃圾语音邮件。垃圾邮件发送者只需一次向数千个 IP 地址发送语音邮件消息。

W

WYSIWYG(所见即所得)
What You See Is What You Get - A term in the computer world that means you are working in an environment that is visual. As an example, when you edit something in a WYSIWYG editor, you literally see the changes and how they look, (for example a word processor) as opposed to an HTML editor where you work in code, and you need to render the code into a webpage to see the changes you made in the code.
What You See Is What You Get-计算机世界中的一个术语,你在一个直观的环境中工作的手段。例如,当您在 WYSIWYG 编辑器中编辑某些内容时,您会从字面上看到更改及其外观(例如文字处理器),而不是您在其中处理代码的 HTML 编辑器,您需要将代码呈现为一个网页来查看您在代码中所做的更改。
Wake-on-LAN(局域网唤醒)
A Wake-on-LAN (WoL) is a networking standard that allows a computer to be turned on or awakened by a network message. That message is usually sent to the target computer by a program executed on a device connected to the same local area network, could even be an admin’s smartphone. This technology can also be used in Wide Area Networks, and even Wi-Fi, a standard called Wake on Wireless LAN (WoWLAN) More about this at Wikipedia.
LAN 唤醒 (WoL) 是一种网络标准,允许通过网络消息打开或唤醒计算机。该消息通常由在连接到同一局域网的设备上执行的程序发送到目标计算机,甚至可以是管理员的智能手机。这项技术还可以用于广域网,甚至是 Wi-Fi,这是一种称为无线局域网唤醒 (WoWLAN) 的标准。更多关于这方面的信息,请参见维基百科
War Dialing(战争拨号)
A technique by which a computer will dial a number repeatedly in a telephone exchange in an attempt to circumvent perimeter security.
计算机在电话交换机中反复拨打号码以试图绕过周边安全的一种技术。
Web, How it Works(网络,它是如何工作的)
I saw this post on twitter with a fun and educational infographic that shows it’s quite a complicated affair where lots of things can go wrong. Here is the infographic, and if you click on it, it will enlarge: https://blog.knowbe4.com/what-happens-when-you-type-in-a-url-in-an-address-bar-in-a-browser
我 在 twitter 上看到了这篇 文章,上面有一个有趣且有教育意义的信息图,表明这是一件非常复杂的事情,很多事情都可能出错。这是信息图,如果你点击它,它会放大:https : //blog.knowbe4.com/what-happens-when-you-type-in-a-url-in-an-address-bar-浏览器内
Web Filtering(网页过滤)
Stand-alone software or an appliance (hardware+software) that blocks access to specific Internet websites. A survey done by KnowBe4 shows that system administrators want web filtering on their network for the following reasons:

  • Block access to malware sites
  • Block access to inappropriate or damaging sites
  • Keep users “on task” meaning productivity
  • Adding another layer of defense second to AV
  • Reduce network bandwidth
  • Keeping HR happy

阻止访问特定 Internet 网站的独立软件或设备(硬件+软件)。KnowBe4 进行的一项调查显示,系统管理员希望在其网络上进行 Web 过滤,原因如下:

  • 阻止访问恶意软件站点
  • 阻止访问不当或破坏性网站
  • 让用户“专注于任务”意味着生产力
  • 为 AV 增加另一层防御
  • 减少网络带宽
  • 让人力资源部满意

Westcoast Labs(西海岸实验室)
A commercial organization that tests AV products to see if those products catch all the samples in the WildList. If a product gets all the samples, a certification gets awarded. Here is their website.
测试 AV 产品以查看这些产品是否捕获 WildList 中的所有样本的商业组织。如果产品获得所有样品,则获得认证。这是他们的网站
Whaling(捕鲸)
Phishing attacks that target high-ranking executives at major organizations or other highly visible public figures. Also known as CEO Fraud.
针对主要组织的高级管理人员或其他知名度高的公众人物的网络钓鱼攻击。也称为CEO欺诈
WhiteList/white list (also abbreviated as WL)(WhiteList/白名单(也缩写为WL))
The list of known good files that Antivirus knows do not have to be scanned and should not be quarantined. Can also apply to domain names, which are known to be good and allowed access to. Also, a list of known-good executable files that are allowed to continue to run in an environment that has Application Control enabled.
Antivirus 知道的已知良好文件列表不必扫描,也不应被隔离。也适用于已知良好且允许访问的域名。此外,还有一系列已知良好的可执行文件,这些文件允许在启用了应用程序控制的环境中继续运行。
WL(WildList)
A varying list of around 800 malware samples that are ‘in the wild’, put together by the Virus Bulletin WildList committee. AV products are expected to catch all samples that are in the WildList.
由病毒公告 WildList 委员会汇总的大约 800 个“野外”恶意软件样本的不同列表。AV 产品有望捕获WildList中的所有样本。
Windows System Files(Windows 系统文件)
System Files are the files that make up the Operating System. These files are protected from deletion or infection by System File Protection (WFP) in Windows 2000, renamed to Windows File Protection (WFP) in Windows XP, and then to Windows Resource Protection (WRP) in Vista and later. WRP introduces protection of the registry.
系统文件是构成操作系统的文件。Windows 2000 中的系统文件保护 (WFP) 保护这些文件不被删除或感染,在 Windows XP 中重命名为 Windows 文件保护 (WFP),然后在 Vista 和更高版本中重命名为 Windows 资源保护 (WRP)。WRP 引入了对注册表的保护。
Windows Update(Windows更新)
A free service from Microsoft that regularly updates your PC with the latest bugfixes and security patches and then reboots the PC. For consumers it is highly recommendable to have this set on automatic. Microsoft does this on the second Tuesday of the month, called Patch Tuesday. Businesses should use their own centralized update server, after they test the patches in their environment for compatibility issues.
Microsoft 提供的一项免费服务,可定期使用最新的错误修正和安全补丁更新您的 PC,然后重新启动 PC。对于消费者来说,强烈建议将此设置为自动。微软在本月的第二个星期二(称为补丁星期二)执行此操作。在测试环境中的补丁是否存在兼容性问题后,企业应该使用自己的集中式更新服务器。
Workstream (security workstream)(工作流(安全工作流))
OK, We are going from generic to specific here for this definition. First, a workstream (also known as workflow) is a core area of an activity or project. It’s a core process, it can be big and it can be small, depending on where you look. Here is an example to make this a bit more real. If you are planning for a wedding, that’s a project. It has a start and end date, it would involve multiple stakeholders and many workstreams. An important one is selecting a caterer. In this instance the workstream would be named ‘Catering’ which is the core process. The activities within this workstream would be the following:
好的,对于这个定义,我们将从通用到具体。首先,工作流(也称为工作流)是活动或项目的核心区域。这是一个核心过程,它可以大也可以小,这取决于你在哪里看。下面是一个例子,让这更真实一些。如果您正在计划婚礼,那是一个项目。它有一个开始和结束日期,它将涉及多个利益相关者和许多工作流。一个重要的是选择餐饮服务商。在这种情况下,工作流将被命名为“餐饮”,这是核心流程。此工作流中的活动如下:

  • Meet with caterer
  • 与餐饮服务商会面
  • Plan 5 course meal
  • 计划5道菜
  • First tasting session
  • 第一次品酒会
  • Second tasting session
  • 第二次品酒会
  • Finalize Menu
  • 完成菜单

Now, this is a workstream that has a start and a stop. In business, this is a continuous process or flow. A workstream example in KnowBe4 would be the core process from a quote to a PO to an invoice and deploying the platform. Now, in different departments , they have their own workstreams and many times dozens of them.
现在,这是一个有开始和结束的工作流。在商业中,这是一个持续的过程或流程。KnowBe4 中的一个工作流示例是从报价到采购订单再到发票和部署平台的核心流程。现在,在不同的部门,他们有自己的工作流程,而且很多时候有几十个。
The security team has a series of workstreams as well, and in the Security Operations Center (See SOC) one of those is handled by the Incident Response team which receives phishing email reports. The whole process of an employee seeing a phishing email, clicking the PAB, this being received in PhishER, looked at by an analyst, and then processed is a great example of a security workstream. If an organization does not have this security workstream, they should!
安全团队也有一系列工作流,在安全运营中心(参见SOC)中,其中一个由接收网络钓鱼电子邮件报告的事件响应团队处理。员工看到网络钓鱼电子邮件、单击PAB、这在 PhishER 中收到、分析师查看然后处理的整个过程是安全工作流的一个很好的例子。如果一个组织没有这个安全工作流,他们应该!

Worm(蠕虫)
A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing file. Worms almost always cause at least some harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. Worms can spread with lightning speed. One worm was able to infect hundreds of thousands of servers worldwide in less than 10 minutes.
计算机蠕虫是一种自我复制的计算机程序。它使用网络将自身的副本发送到其他节点(网络上的计算机),并且可以在没有任何用户干预的情况下这样做。与病毒不同的是,它不需要将自身附加到现有文件中。蠕虫几乎总是对网络造成至少一些损害,即使只是通过消耗带宽,而病毒几乎总是破坏或修改目标计算机上的文件。蠕虫可以以闪电般的速度传播。一种蠕虫能够在不到 10 分钟的时间内感染全球数十万台服务器。

X

XDR(扩展检测和响应)
Extended Detection and Response (also see EDR) XDR is a newish approach to threat detection and response that Gartner called a top security and risk management trend of 2020. It combines elements of Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint Detection and Response (EDR), and Network Traffic Analysis (NTA) in a software-as-a-service (SaaS) platform to centralize security data and incident response. This improves and speeds up detection and response because it correlates threat intelligence across security products and visibility across networks, clouds, and endpoints. (Read this article for more)
扩展检测和响应(另见 EDR)XDR 是一种新的 威胁 检测和响应方法,Gartner 将其称为2020 年顶级安全和风险管理趋势。它结合的元素小号ecurity载文信息和Ë排气中号anagement(SIEM),小号ecurity ö rchestration,自动化,和- [R esponse(SOAR),ê ndpoint d etection和- [R esponse(EDR),和Ñ etwork Ť raffic软件即服务 (SaaS) 平台中分析 ( NTA ),用于集中安全数据和事件响应。这改进并加快了检测和响应速度,因为它将跨安全产品的威胁情报与跨网络、云和端点的可见性相关联。(阅读这篇文章了解更多)

Y

YARA (yär-əh): [PhishER]
Yet Another Ridiculous Acronym or Yet Another Recursive Acronym. Officially, YARA is a tool for malware researchers to identify and classify malware. It uses rules to find and match specific words/patterns in something, and very often used to analyze possibly malicious email messages. Those rules are conveniently called YARA rules.
另一个可笑的首字母缩略词或另一个递归首字母缩略词。正式地说,YARA 是恶意软件研究人员识别和分类恶意软件的工具。它使用规则来查找和匹配某事物中的特定单词/模式,并且经常用于分析可能的恶意电子邮件。这些规则被方便地称为 YARA 规则。

Z

ZBB(零基础)
Zero Bug Bounce. A milestone in software development when all the known bugs are fixed and the bug count drops to zero. Usually, the next day a few more bugs are found, so the bug count “bounces” up from zero. Indicator the product is nearly ready to ship.
零错误反弹。当所有已知错误均已修复且错误计数降至零时,这是软件开发中的一个里程碑。通常,第二天会发现更多错误,因此错误计数从零“反弹”。指示产品即将发货。
Zero-day Attack or Zero-day Threat(零日攻击或零日威胁)
A zero-day attack is a computer threat that tries to exploit vulnerabilities that are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Bad guys have a field day with zero-day attacks, as there is very little defense against these. There are many of these vulnerabilities for each software product, and there is a lively trade in zero-day vulnerabilities. Both governments spy agencies and cybercrime buy these exploits often for tens of thousands of dollars.
零日攻击是一种计算机威胁,它试图利用其他人未知、软件供应商未公开或没有可用安全修复程序的漏洞。坏人有一个零日攻击的战场日,因为对这些攻击几乎没有防御。每个软件产品都有很多这样的漏洞,零日漏洞交易很活跃。政府间谍机构和网络犯罪分子通常以数万美元的价格购买这些漏洞利用程序。
Zero-day Exploits(零日漏洞
可以使用安全漏洞进行攻击的实际代码。在软件供应商知道漏洞之前被攻击者使用或共享。
Actual code that can use a security hole to carry out an attack. Used or shared by attackers before the software vendor knows about the vulnerability.
Zombie, also called ‘drone’(僵尸,也被称为“无人机”)
A PC that has been taken over by malware and is ‘owned’ by the bad guys. The PC is now part of a botnet and spews out spam, tries to infect other computers, attacks websites or does other nefarious things. Government spy agencies like the NSA also use this tactic and have tens of thousands of machines infected and basically own them.
已被恶意软件接管并由坏人“拥有”的 PC。PC 现在是僵尸网络的一部分,它会发出垃圾邮件、试图感染其他计算机、攻击网站或做其他邪恶的事情。像 NSA 这样的政府间谍机构也使用这种策略,感染了数万台机器,并且基本上拥有它们。