| Acronym / Term | Summary description |
|---|
| 2 or Multi-Factor Authenticaton | 2 Factor Authentication
Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data. 2FA gives businesses the ability to monitor and help safeguard their most vulnerable information and networks.... see more |
| A5 | A suite of Microsoft security toolsMicrosoft 365 A5 security tools help protect educational institutions from various cybersecurity threats. It includes advanced threat protection through tools like Microsoft Defender for Endpoint, mobile device management with Intune for Education, and phishing pre... see more |
| ACSC | The Australian Cyber Security Centre
The Australian Cyber Security Centre (ACSC) within ASD leads the Australian Government's efforts on national cyber security. It brings together cyber security capabilities from across the Australian Government to improve the cyber resilience of the Australian co... see more |
| AitM Attack | Adversary-in-the-Middle
An Adversary-in-the-Middle (AitM) attack is a type of cyberattack where an attacker positions themselves between two communicating parties to intercept, manipulate, or redirect data. It's a more sophisticated version of the Man-in-the-Middle (MitM) attack, often used to by... see more |
| AML/CTF | Anti-Money Laundering / Counter Terrorism Funding
Anti-Money Laundering / Counter Terrorism Funding (AML/CFT) controls, when effectively implemented, mitigate the adverse effects of criminal economic activity and promote integrity and stability in financial markets.... see more |
| ASD | Australian Signals Directorate
The Australian Signals Directorate (ASD) is a vital member of Australia’s national security community, working across the full spectrum of operations required of contemporary signals intelligence and security agencies: intelligence, cyber security and offensive oper... see more |
| AUSTRAC | Australian Transaction Reports and Analysis Centre
Australian Transaction Reports and Analysis Centre is an Australian government financial intelligence agency responsible for monitoring financial transactions to identify money laundering, organised crime, tax evasion, welfare fraud and terrorism f... see more |
| Bash Bunny | Payload platform with USB interface
The groundbreaking payload platform that introduced multi-vector USB attacks has evolved.
Pull off covert attacks or IT automation tasks faster than ever with just the flick of a switch. The NEW Bash Bunny Mark II goes from plug to pwn in 7 seconds — so when... see more |
| Bit Bucket | Bit BucketBit bucket is a term used to describe a logical space where lost, deleted or unrecoverable data goes.... see more |
| Blacklist | List of know malicious entities
A list of discrete entities, such as hosts, email addresses, network port numbers, runtime processes, or applications, that have been previously determined to be associated with malicious activity.... see more |
| C2 | Command and Control serverA C2 server is the controlling server infected devices interact with to either upload information, or to get instructions on what to proceed with next.... see more |
| C2 Beacon | C2 (Command and Control) beaconA C2 (Command and Control) beacon is a component of malware that allows attackers to maintain communication with infected systems (beacons) and send commands, often at regular intervals, for malicious activities. This communication, known as beaconing, is a key aspect ... see more |
| Carder | Someone who uses / makes stolen credit cards
It is a web security threat in which attackers attempt to authorize stolen credit card credentials and use them to charge prepaid cards or gift cards. These cards are then sold or used to make purchases of goods, which can then be sold for cash. People w... see more |
| CBDC | Central Bank Digital Currency
A Central Bank Digital Currency (CBDC) can most easily be understood as a digital form of cash. It can be issued by the central bank, accessible to the general public, and used to settle transactions between firms and households. The unit of account would be the nation... see more |
| Chinese hackers | Current listDouble Dragon (also known as APT41, BARIUM, Axiom, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie, Blackfly, or Brass Typhoon) is a hacking organization with alleged ties to the Chinese Ministry of State Security (MSS).
Chinese hacking group known as APT 41, ... see more |
| CISO | Chief Information Security OfficerA chief information security officer is a senior-level executive within an organization responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.... see more |
| CISSP | Certified Information Systems Security ProfessionalCISSP is an independent information security certification granted by the International Information System Security Certification Consortium, also known as (ISC)². As of July, 2022 there are 156,054 (ISC)² members holding the CISSP certification w... see more |
| CLOUD Act | US Legislation - Clarifying Lawful Overseas Use of Data ActThe Clarifying Lawful Overseas Use of Data Act or CLOUD Act is a United States federal law enacted in 2018 by the passing of the Consolidated Appropriations Act, 2018, PL 115-141, Division V. The CLOUD
US CLOUD Act
In March 2018, the US ... see more |
| CTF | Capture the Flag
CTF in computer security is an exercise in which "flags" are secretly hidden in purposefully-vulnerable programs or websites. It can either be for competitive or educational purposes.... see more |
| CVE | Common Vulnerabilities and ExposuresCVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer security flaws. When someone refers to a CVE, they mean a security flaw that's been assigned a CVE ID number.
Security advisories issued by vendors and researchers alm... see more |
| Darknet | Darknet Internet NetwordA dark net or darknet is an overlay network within the Internet that can only be accessed with specific software, configurations, or authorization, and often uses a unique customized communication protocol.
The term "darknet" was popularized by major news outlets to associat... see more |
| Darknet Diaries | Darknet Diaries PodcastThis is a podcast about hackers, breaches, shadow government activity, hacktivism, cybercrime, and all the things that dwell on the hidden parts of the network. This is Darknet Diaries.
https://darknetdiaries.com/
... see more |
| DDoS | Distributed Denial-of-Service attacksA distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
DDoS attacks achieve effe... see more |
| DLP | Data Loss PreventionData Loss Prevention (DLP) is the practice of detecting and preventing data breaches, exfiltration, or unwanted destruction of sensitive data.... see more |
| DoS | Denial of Service attack A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash. In both instances, the DoS a... see more |
| DoublePulsar | A payload used applicationDoublePulsar is an implant leaked by the ShadowBrokers group earlier this year that enables the execution of additional malicious code. It's commonly delivered by the EternalBlue exploit, and is most famous from its recent use to deploy the Wanna Decryptor 2.0 (WannaCry) ra... see more |
| DOX | To DOX someone or Doxing
doxed or doxxed; doxing or doxxing; doxes or doxxes
: to publicly identify or publish private information about (someone) especially as a form of punishment or revenge
… Facebook, like other platforms, wants to prevent users from being doxed or otherwise targeted for ha... see more |
| EDR | Endpoint Detection and ResponceEndpoint Detection and Response (EDR) is an integrated, layered approach to endpoint protection that combines real-time continuous monitoring and endpoint data analytics with rule-based automated response.
Related acronyms: XDR, SIEM... see more |
| Endpoint | End point deviceEndpoints are physical devices that connect to and exchange information with a computer network. Some examples of endpoints are mobile devices, desktop computers, virtual machines, embedded devices, and servers.... see more |
| Essential 8 | Australian Essential 8 Maturity ModelThe Essential Eight Maturity Model is designed to assist organisations to implement the Essential Eight in a graduated manner based upon different levels of adversary tradecraft and targeting. The different maturity levels can also be used to provide a high-level... see more |
| EternalBlue | Exploit
EternalBlue is a computer exploit developed by the U.S. National Security Agency. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. On May 12, 2017, the worldwide WannaCry ransomware used this exploit to att... see more |
| Firewall | A network security device (Hardware or software)
In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted networ... see more |
| Flipper Zero | WiFi Pen-Testing tool
Flipper Zero is a tiny piece of hardware with a curious personality of a cyber-dolphin. It can interact with digital systems in real life and grow while you use it. Explore any kind of access control system, RFID, radio protocols, and debug hardware using GPIO pins.
The ide... see more |
| FTTP | Fiber to the PremisesThis is the gold standard of internet connections. A dedicated fiber optic cable runs directly from the source to your home, offering lightning-fast speeds, rock-solid stability, and future-proof bandwidth. Think of it as a private internet Autobahn – just for you!... see more |
| GPU | Graphics Processing Unit
A graphics processing unit is a specialized electronic circuit designed to manipulate and alter memory to accelerate the creation of images in a frame buffer intended for output to a display device. GPUs are used in embedded systems, mobile phones, personal computers, works... see more |
| GRU | Russian FederationThe Main Directorate of the General Staff of the Armed Forces of the Russian Federation, formerly the Main Intelligence Directorate, and still commonly known by its previous abbreviation GRU, is the foreign military intelligence agency of the General Staff of the Armed Forces of th... see more |
| Hacker | A person who is good at overcoming a technical problem.
A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.... see more |
| Hash | A software function that encrypts a value
A hash function is any function that can be used to map data of arbitrary size to fixed-size values, though there are some hash functions that support variable length output. The values returned by a hash function are called hash values, hash codes, diges... see more |
| Honeypot | Sacrificial computerOne honeypot definition comes from the world of espionage, where Mata Hari-style spies who use a romantic relationship as a way to steal secrets are described as setting a ‘honey trap’ or ‘honeypot’. Often, an enemy spy is compromised by a honey trap and then forced to ha... see more |
| IDS | Intrusion Detection System
An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security i... see more |
| IPS | Intrusion Prevention System
An intrusion prevention system (IPS) is a network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur.... see more |
| IRAP | Infosec Registered Assessors ProgramInformation Security Registered Assessors Program (IRAP) assessors assist businesses doing work for the Australian government by independently assessing their cybersecurity posture, identifying risks, and suggesting mitigation measures.... see more |
| IRT | Incident Response TeamA team or group of people assigned the task to manage any active or identified cyber security incident. Quite often these people have 'Go Bag' already packed with all the items they may need when attending an incident. Often these incidents may be in another state, so these bag... see more |
| John the Ripper | John the Ripper password cracking software
John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems. John the Ripper jumbo supports hundreds of hash and cipher types, including for: user passwords of Unix flavors (Linux, *BSD, Sola... see more |
| Kali | Kali Linux Operating SystemKali Linux (formerly known as BackTrack Linux) is an open-source, Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. It does this by providing common tools, configurations, and automations which allows the user to focus on the task... see more |
| Kali Purple | Kali Linux PurpleWhat is Kali Purple?
The one stop shop for blue and purple Teams.... see more |
| LOTL | Living Of The LandLOTL attack involves using legitimate and trusted internal system tools to launch a cyberattack and evade detection.... see more |
| Malware | Malicious Software
Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's comp... see more |
| Metasploit | Hacking software / framework
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
The Metasploit framework ... see more |
| MFA Fatigue | Multi-factor authentication (MFA) fatigue attackAlso known as MFA bombing or MFA spamming, is a type of social engineering cyberattack where the attacker repeatedly sends MFA requests to the victim's email, phone, or other registered devices.... see more |
| NIST | National Institute of Standards and Technology (US)The National Institute of Standards and Technology is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness.
NIST Cybersecurity
NIST develops cybersecurity standard... see more |
| NSA | National Security Agency
The National Security Agency is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence.... see more |
| OEM | Original equipment manufacturerAn original equipment manufacturer is generally perceived as a company that produces non-aftermarket parts and equipment that may be marketed by another manufacturer. It is a common industry term recognized and used by many professional organizations such as SAE Intern... see more |
| OMG | O.MG series of bugging devices
The O.MG Cable is a hand made USB cable with an advanced implant hidden inside. It is designed to allow your Red Team to emulate attack scenarios of sophisticated adversaries.
The cable includes inbuilt WiFi, keystroke injection, keyloggers and multiple payloads.
... see more |
| OOB | Out-Of-BandA type of multi-factor authentication where the request device and the device receiving the MFA or 2FA code are different separate devices.... see more |
| OPSEC | Operational Security
Operational security (OPSEC) is a security and risk management process that prevents sensitive information from getting into the wrong hands.
Another OPSEC meaning is a process that identifies seemingly innocuous actions that could inadvertently reveal critical or sensitive d... see more |
| OSINT | Open Source Intelligence
OSINT stands for open source intelligence, which refers to legally gathered information about an individual or organization from free, public sources. In practice, that tends to mean information found on the internet. Still, any public information falls into the category of... see more |
| OT | Operational TechnologyOperational technology is hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.... see more |
| PII | Personally Identifiable InformationPersonally Identifiable Information (PII) is a legal term pertaining to information security environments. While PII has several formal definitions, generally speaking, it is information that can be used by organizations on its own or with other information to iden... see more |
| Pineapple | WiFi Pineapple
A Wi-Fi Pineapple is a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests. With pen tests, ethical hackers seek out security vulnerabilities that a threat actor could exploit in the company's system, network or infrastructure... see more |
| Plunder Bug | LAN / Ethernet bugging device
The Plunder Bug by Hak5 is pocket-sized LAN Tap that lets you "bug" Ethernet connections with USB-C convenience.
Coupled with cross-platform scripts for Windows, Mac and Linux – or an Android root app – this smart network sniffer enables passive recording or act... see more |
| Prepositioning | Pre-PositioningPre-installed cyber weapons in operational technology/hardware by enemy nation-states.
Usually in telecommunications hardware, or anywhere data mining or listening can occur.
Read more: https://academic.oup.com/cybersecurity/article/3/1/59/3097802... see more |
| Pretexting | PretextingPretexting is a cyber security tactic that involves using a fabricated story to trick a victim into sharing sensitive information, downloading malware, or otherwise harming themselves or their organization.
It is usually some form of believable credible story used to create an illusion of... see more |
| PSPF | Protective Security Policy FrameworkThe Protective Security Policy Framework (PSPF) assists Australian Government entities to protect their people, information and assets, both at home and overseas.
https://www.protectivesecurity.gov.au/... see more |
| Purple Team | Purple TeamPurple Teams exist to ensure and maximize the effectiveness of the Red and Blue teams. They do this by integrating the defensive tactics and controls from the Blue Team with the threats and vulnerabilities found by the Red Team into a single narrative that maximizes both. Ideally Purple s... see more |
| Rainbow Table | A precomputed table for caching the outputs of a cryptographic hash function
A rainbow table is a large, precomputed table designed to cache the output of cryptographic hash functions to decrypt hashed passwords into plaintext. Rainbow tables were invented by IT expert Philippe Oechslin, who publis... see more |
| Raspberry Pi | Raspberry Pi - low cost credit card size computer
Raspberry Pi is a series of small single-board computers developed in the United Kingdom by the Raspberry Pi Foundation in association with Broadcom. The Raspberry Pi project originally leaned towards the promotion of teaching basic computer science... see more |
| RCE | Remote Code ExecutionIn computer security, arbitrary code execution is an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code e... see more |
| Red Hat | Red Hat Hacker
Red hat hackers comprise one of the six types of hackers based on the color of hat they wear. Apart from red hats, hackers can also be classified as black, white, grey, blue, and green hats.... see more |
| Red Team / Blue Team | Red Team / Blue TeamIn a red team/blue team exercise, the red team is made up of offensive security experts who try to attack an organization’s cybersecurity defenses. The blue team defends against and responds to the red team attack.
Modeled after military training exercises, this drill is a f... see more |
| RFFR | Right Fit For RiskAustralian Federal Government - Department of Employment & Workplace Relations’s Right Fit For Risk (RFFR) Accreditation signifies that a Provider or external IT system has met these requirements. ... see more |
| Rubber Ducky | Name of a USB hacking toolTo the human eye, the USB Rubber Ducky looks like an unremarkable USB flash drive. Plug it into a computer, though, and the machine sees it as a USB keyboard — which means it accepts keystroke commands from the device just as if a person was typing them in.
“Everythi... see more |
| Salt | Random data that is used as an additional input to a one-way function that hashes data
A salt is simply added to make a password hash output unique even for users adopting common passwords. Its purpose is to make pre-computation based attacks unhelpful. If your password is stored with a unique salt... see more |
| Sandworm | Russian hacking groupSandworm is an Advanced Persistent Threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, and Iron Viking.... see more |
| Scattered Spider | Scattered SpiderScattered Spider, also referred to as UNC3944, is a hacking group mostly made up of teens and young adults believed to live in the United States and the United Kingdom.
The group gained notoriety for their involvement in the hacking and extortion of Caesars Entertainment and MGM R... see more |
| Script Kiddie | Script Kiddie HackerScript Kiddies generally do not care to hack and steal things. They are generally known as hacker amateurs and will copy code and use it for viruses, SQLi or other purposes. they generally will download software to perform hacking, and you will generally see two different types o... see more |
| Sextortion | Sextortion is a form of online blackmail where offenders trick or coerce someone into sending sexual images of themselves, before threatening to share the images unless their demands are met. These demands could be for money, more graphic content or sexual favours.
In more recent times, sextortion ... see more |
| Shadow Information Technology | Shadow IT refers to the use of IT systems, software, hardware, or services within an organization without the explicit knowledge or approval of the central IT department. It often arises when employees or departments seek to bypass the IT department's processes, often to expedite workflows or access... see more |
| SIEM | Security Information and Event ManagementSIEM tools collect, aggregate, and analyze volumes of data from an organization's applications, devices, servers, and users in real-time so security teams can detect and block attacks. SIEM tools use predetermined rules to help security teams define threats a... see more |
| SIRP | Security Incident Response Platforms
An incident response platform is a software system that guides, assists and automates incident response. Incident response services provide three key capabilities: Supporting analyst workflows—helping security analysts collaborate around a security incident, b... see more |
| SME | Small Medium Enterprise
Small and medium-sized enterprises or small and medium-sized businesses are businesses whose personnel and revenue numbers fall below certain limits. The abbreviation "SME" is used by international organizations such as the World Bank, the European Union, the United Nations,... see more |
| Snort | Name of an IDS software
Snort is a free open source network intrusion detection system and intrusion prevention system created in 1998 by Martin Roesch, founder and former CTO of Sourcefire. Snort is now developed by Cisco, which purchased Sourcefire in 2013.
Snort is the foremost Open Source In... see more |
| SOAR | Security Orchestration, Automation and Response
Security orchestration, automation and response, or SOAR, technologies give organizations a single source for observing, understanding, deciding upon and acting on security incidents.
Gartner originally coined the term to describe the convergence o... see more |
| SOC | Also CSOC - Cyber Security Operations CentreA security operations center (CSOC) is a facility that houses an information security team responsible for monitoring and analyzing an organization’s security posture on an ongoing basis. The SOC team’s goal is to detect, analyze, and respond to cybers... see more |
| Splunk | Splunk Enterprise (Splunk tool)
Splunk Enterprise lets you search, analyze and visualize all of your data, providing insights you can act on.
What does Splunk mean? Spelunking is the hobby of exploring caves and mines. Splunking, then, is the exploration of information caves and the mining of da... see more |
| Stanza | Related lines of code which forms a scriptIn computing, a stanza consists of a related group of lines in a script or configuration file. Formats depend on context.... see more |
| Tails OS | The Amnesic Incognito Live System
Tails Linux Operating System is a portable operating system that protects against surveillance and censorship.
Tails, or "The Amnesic Incognito Live System," is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity. It conn... see more |
| The code | The Criminal Code Act 1995
The Criminal Code sets out Commonwealth criminal offences, elements of offences and defences.
The Criminal Code covered in this course.
The Criminal Code Act 1995... see more |
| TIPs | Threat Intelligence Platforms
Threat Intelligence Platform is an emerging technology discipline that helps organizations aggregate, correlate, and analyze threat data from multiple sources in real time to support defensive actions.... see more |
| Tor | The onion router
Tor, short for "The Onion Router," is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide, volunteer overlay network that consists of more than seven thousand relays. Using Tor makes it more difficult to trace a user... see more |
| Trojan | A type of malware
In computing, a Trojan horse is any malware that misleads users of its true intent by disguising itself as a real program. The term is derived from the ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.
Generally speaking, a Trojan comes... see more |
| TTX | Table Top Exercise A tabletop exercise, or TTX, is a role-playing activity in which players respond to scenarios presented by one or more facilitators.
A TTX will involve predetermined 'playbooks' where a specific scenario is followed as documented in a specific playbook.
A playbook is developed f... see more |
| Tumbler | Cryptocurrency tumbler
A service that mixes a cryptocurrency transaction with other transactions to eliminate the possibility of someone discovering the party that originated them. The blockchain is a public record, and with the proper analysis tools, a sender's wallet can be uncovered and ultimate... see more |
| Unit 74455 | Russian military cyber unitMilitary Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, and Iron Viking.... see more |
| Unit 8200 | Israel secret cyber intelligence unit
Unit 8200 is an Israeli Intelligence Corps unit of the Israel Defense Forces responsible for clandestine operation, collecting signal intelligence and code decryption, counterintelligence, cyberwarfare, military intelligence, and surveillance.
Unit 8200 (Heb... see more |
| Velociraptor | Velociraptor Forensic tool
https://docs.velociraptor.app/
Velociraptor - Digging Deeper!
Velociraptor is an advanced digital forensic and incident response tool that enhances your visibility into your endpoints.... see more |
| Wet signature | WetA real handwritten signature. Not a digital eSignature.... see more |
| White Hat | White Hat HackerThese hackers as we all know are “ethical hackers” and they are the good guys who want to help people and organisations. They will help with finding your security gaps, help you with viruses etc.... see more |
| Whitelist | A list of known safe entities
A whitelist (allowlist) is a cybersecurity strategy that approves a list of email addresses, IP addresses, domain names or applications, while denying all others.... see more |
| XDR | Extended Detection and ResponseExtended detection and response or XDR is a new approach to threat detection and response that provides holistic protection against cyberattacks, unauthorized access, and misuse.
Related acronyms: EDR, SIEM... see more |
| YubiKey | Hardware authenticationThe YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords, public-key cryptography, and authentication, and the Universal 2nd Factor and FIDO2 protocols developed by the... see more |