Glossary
Cybersecurity is full of jargon — and that jargon is often the very thing that keeps people from protecting themselves. This glossary translates the most important security terms into plain English so anyone, technical or not, can understand them. Bookmark this page and use it whenever you read an article, get an alert, or hear something on the news that doesn’t quite make sense.
Jump to a letter: A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z
A
Adware
Software that bombards your device with unwanted ads, often by hijacking your browser. Some adware is just annoying; some quietly tracks what you do online and sells the data.
Advanced Persistent Threat (APT)
A skilled attacker — usually a nation-state or organized criminal group — that breaks into a network and stays hidden for months or years to steal information slowly. Unlike a smash-and-grab hacker, an APT plays the long game.
Adversary
A general term for anyone trying to attack you, your data, or your systems. Could be a teenager, a scammer, a competitor, or a foreign government.
Air Gap
Physically disconnecting a computer from any network, including the internet, so it can’t be hacked remotely. Used for highly sensitive systems like nuclear plants, voting machines, and offline backups.
Algorithm
A set of step-by-step rules a computer follows. In security, algorithms are used to scramble (encrypt) data, verify identities, and detect suspicious behavior.
Allowlist (formerly Whitelist)
A list of approved websites, apps, or email senders that are allowed through your security tools. Anything not on the list is blocked.
Anti-Malware / Antivirus
Software that scans your device for viruses, ransomware, spyware, and other malicious programs, then removes or quarantines them. Modern versions also block dangerous websites and phishing emails.
API (Application Programming Interface)
The way two pieces of software talk to each other. APIs are how your weather app pulls forecasts and how your banking app connects to your bank. Poorly secured APIs are a major source of data breaches.
Asymmetric Encryption
A type of encryption that uses two keys: a public key anyone can see and a private key only you have. It’s how secure websites, encrypted email, and digital signatures work.
Attack Surface
Every possible way an attacker could get into your accounts or devices — your email, your phone, your router, your smart fridge. The more devices and accounts you have, the bigger your attack surface.
Attack Vector
The specific path an attacker uses to break in. Common attack vectors include phishing emails, infected USB drives, and weak passwords.
Authentication
Proving you are who you say you are. Passwords, fingerprints, face scans, and security keys are all forms of authentication.
Authenticator App
A free app (like Google Authenticator, Microsoft Authenticator, or Authy) that generates a 6-digit code every 30 seconds for two-factor authentication. More secure than text-message codes.
Authorization
Deciding what someone is allowed to do after they’ve proven who they are. Authentication is “who are you?”; authorization is “what are you allowed to access?”
B
Backdoor
A hidden way into a system that bypasses normal security. Sometimes built in by developers, sometimes installed by hackers after a break-in.
Backup
A copy of your data stored somewhere safe so you can recover if your device is lost, stolen, or hit by ransomware. The gold standard is the 3-2-1 rule: 3 copies, on 2 different types of storage, with 1 stored offsite.
Biometrics
Using parts of your body to identify you — fingerprint, face, voice, or iris. Convenient, but if biometric data is stolen you can’t change your face like you can change a password.
Black Hat Hacker
A hacker who breaks into systems illegally for personal gain, theft, or destruction. The bad guys.
Blocklist (formerly Blacklist)
A list of known bad websites, IP addresses, or email senders that your security tools automatically block.
Bluetooth Attacks (Bluejacking, Bluesnarfing, BlueBorne)
Attacks that exploit Bluetooth connections to send unwanted messages, steal data, or take over a device. Easy to prevent: turn Bluetooth off when you’re not using it.
Bot
An automated program that performs tasks online. Some are helpful (search engine crawlers); some are malicious (sending spam or attacking websites).
Botnet
A network of thousands or millions of infected devices — computers, phones, routers, even smart cameras — that an attacker controls remotely to launch large-scale attacks. Your device could be part of one without you knowing.
Breach (Data Breach)
An incident where personal or sensitive data is stolen, leaked, or exposed. Use Have I Been Pwned to check whether your email has been in one.
Brute Force Attack
Guessing passwords by trying every possible combination. A short or simple password can be cracked in seconds; a long, unique one would take centuries.
BYOD (Bring Your Own Device)
A workplace policy that lets employees use their personal phones and laptops for work. Convenient, but it mixes personal and company data in risky ways.
C
CAPTCHA
Those “click all the traffic lights” or “I’m not a robot” tests. They’re designed to keep bots out of websites.
Catfishing
Pretending to be someone else online — usually with stolen photos and a fake name — to deceive a victim emotionally, financially, or both. Common in romance scams.
Certificate Authority (CA)
A trusted organization that issues digital certificates to websites so your browser can verify the site is genuine. Examples: DigiCert, Let’s Encrypt, Sectigo.
Ciphertext
Data that has been scrambled with encryption so it’s unreadable without the key. The opposite of plaintext.
Clickjacking
Tricking you into clicking something different from what you think you’re clicking — often by hiding a malicious button under a harmless-looking image.
Cloud Security
Protecting data and apps stored on services like Google Drive, iCloud, Dropbox, and Microsoft 365. The provider secures the infrastructure; you’re responsible for your account, passwords, and sharing settings.
Cookie
A small file a website saves on your device to remember you. Useful (keeps you logged in) and risky (tracks you across the web).
Credential
Anything that proves your identity to a system — usually a username plus a password, but also keys, tokens, or biometrics.
Credential Stuffing
When attackers take usernames and passwords leaked from one site and try them on hundreds of other sites, betting that people reuse passwords. They’re usually right.
Cryptography
The science of scrambling information so only the right people can read it. The foundation of nearly every modern security tool.
Cryptocurrency Scam
Any scheme that tricks victims into sending crypto — fake investment platforms, romance scams that pivot to “trading,” pig-butchering scams. Crypto transactions are nearly impossible to reverse.
Cryptojacking
Secretly using your device’s processing power to mine cryptocurrency for someone else. Symptoms: a slow, hot device with a fan that won’t quit.
Cybersecurity
The practice of protecting computers, networks, accounts, and data from digital attacks. Sometimes shortened to “cyber.”
Cyberstalking
Repeated, unwanted online contact intended to harass, threaten, or monitor someone. Treated as a crime in most jurisdictions.
D
Dark Web
A part of the internet you can only reach with special software like Tor. It’s where stolen data is bought and sold, but it’s also used by journalists and activists in censored countries.
Data Breach
See Breach.
Data Broker
A company that buys, sells, and trades your personal information — your address, phone number, income, shopping habits — usually without you ever hearing of them. Most U.S. states now let you opt out.
Data Leak
An accidental exposure of data — for example, a misconfigured cloud storage bucket left open to the public. Different from a breach, where someone actively breaks in.
DDoS Attack (Distributed Denial of Service)
An attack that floods a website or service with so much traffic from so many devices that it crashes. Common form of online sabotage and extortion.
Decryption
Unscrambling encrypted data back into a readable form using the right key.
Deep Web
The huge portion of the internet that isn’t indexed by Google — your email inbox, online banking, paywalled content. Mostly harmless, often confused with the dark web.
Deepfake
A fake video, image, or voice clip generated by AI that looks or sounds convincingly real. Used in scams (“Mom, I’m in jail, send money”), political disinformation, and harassment.
Defense in Depth
The principle of stacking multiple layers of security so that if one fails, others still protect you. Like a castle with a moat, walls, and guards.
Dictionary Attack
A type of password attack that tries common words and previously leaked passwords first instead of brute-forcing every combination. Why “Password123” falls in seconds.
Digital Footprint
The trail of data you leave online — social posts, search history, photos, comments, account signups. Even “deleted” content often lingers.
Digital Signature
A cryptographic stamp that proves a message or document came from a specific person and hasn’t been altered. Used in contracts, software updates, and secure email.
DNS (Domain Name System)
The internet’s phone book. It translates human-friendly names like makingsenseofsecurity.com into the numerical IP addresses computers actually use.
DNS Hijacking
An attack that redirects your traffic to a fake site by tampering with DNS. You type the right address but end up on a malicious copy.
Doxxing
Publishing someone’s private information online — home address, phone number, employer — without consent, often as harassment or revenge.
Drive-by Download
Malware that installs automatically just because you visited an infected website — no click required. Keeping your browser updated is your best defense.
Dumpster Diving
Going through someone’s trash to find sensitive information — credit card statements, bills, IDs. Why a shredder is still relevant in 2026.
E
Eavesdropping
Secretly listening in on a conversation or data transmission. On open Wi-Fi networks, eavesdropping is trivial without encryption.
Email Spoofing
Faking the “From” address on an email so it looks like it came from your boss, your bank, or a friend. The backbone of most phishing attacks.
Encryption
Scrambling information with a key so only authorized people can read it. If a website starts with https://, your connection to it is encrypted.
Endpoint
Any device that connects to a network — laptops, phones, tablets, printers, smart TVs. Each one is a potential entry point for attackers.
Endpoint Detection and Response (EDR)
Advanced security software that watches for suspicious behavior on devices and can automatically isolate or stop threats. The modern successor to traditional antivirus.
End-to-End Encryption (E2EE)
Encryption that protects a message from the moment it leaves your device until it reaches the recipient, with no one in between (not even the company providing the app) able to read it. Used by Signal, iMessage, and WhatsApp.
Exfiltration
Stealing data out of a system. The point at which a breach becomes a real loss.
Exploit
A piece of code or technique that takes advantage of a software flaw to break into a system or run malicious commands.
F
Factory Reset
Wiping a device back to its original state. Important to do before selling or donating phones and laptops — but not always enough on its own.
Fileless Malware
Malicious code that runs only in your computer’s memory and never saves a file to disk, making it very hard for traditional antivirus to spot.
Firewall
A digital gatekeeper that watches network traffic and blocks anything suspicious. Your router has one, your operating system has one, and businesses use bigger ones.
Firmware
The low-level software baked into your hardware — your router, your printer, your smart thermostat. Outdated firmware is a top cause of home network hacks.
Forensics (Digital Forensics)
The art of investigating an incident by examining devices, logs, and network traffic to figure out what happened and who did it.
G
Gateway
A device or service that connects two networks — for example, the box from your internet provider that connects your home network to the internet.
Geotagging
Embedding GPS coordinates in photos and posts. Often turned on by default, which means a casual selfie can reveal your home address.
Gray Hat Hacker
A hacker who operates in the moral middle — finding flaws without permission, then telling the company (and sometimes asking for a reward).
H
Hacker
Anyone skilled at making computers do unexpected things. Can be ethical (white hat), criminal (black hat), or somewhere in between.
Hacktivist
A hacker motivated by a political or social cause rather than money.
Hash
A one-way mathematical fingerprint of data. Hashing your password means a website can verify it without ever storing the password itself.
Honeypot
A fake system designed to look juicy to attackers so defenders can study how they break in. Also used in romance and crypto scams to lure victims.
HTTPS
The secure version of HTTP, the protocol that loads websites. The “S” means your traffic is encrypted. Look for the padlock icon — but remember, padlocks don’t mean a site is honest, only that the connection is private.
I
Identity Theft
When someone uses your personal information — name, Social Security number, date of birth — to open accounts, take loans, or commit crimes in your name.
Incident Response
The plan and process for handling a security incident: detect, contain, eradicate, recover, learn. Every business should have one; most don’t.
Information Security (InfoSec)
The broader field of protecting information of any kind, digital or physical. Cybersecurity is a subset of InfoSec.
Insider Threat
A risk that comes from inside an organization — a disgruntled employee, a careless contractor, or a manager who falls for phishing. Often more damaging than outside attacks.
Internet of Things (IoT)
The growing universe of internet-connected gadgets — smart bulbs, doorbell cameras, fitness trackers, fridges. Convenient and often poorly secured.
IP Address
The numerical label your device uses to communicate on a network — the internet’s version of a street address.
ISP (Internet Service Provider)
The company that gives you internet — Comcast, AT&T, Spectrum, etc. They can see every site you visit unless you use a VPN or encrypted DNS.
J
Jailbreaking
Removing the manufacturer restrictions on a phone or device so you can install unauthorized apps. Convenient for power users, but it strips away security protections.
Juice Jacking
An attack where a public USB charging port is rigged to steal data from your phone or install malware. Use a charge-only cable or a USB data blocker.
K
Key (Cryptographic Key)
A long, random string of data used to encrypt and decrypt information. The strength of encryption depends on the secrecy and length of the key.
Keylogger
Malware (or sometimes hardware) that records every key you press — passwords, messages, credit card numbers. One of the oldest tricks still in use.
L
LAN (Local Area Network)
The network inside your home or office that connects your devices to each other and to the internet.
Least Privilege
The security rule that says give every person and program only the access they absolutely need — nothing more. Limits damage when something goes wrong.
Logic Bomb
Malicious code that lies dormant until a specific condition triggers it — a date, a login, a missing employee record. Often planted by insiders.
M
MAC Address
A unique hardware ID assigned to every network device. Different from an IP address, which can change.
Malvertising
Online ads that contain malware. They sometimes appear even on big, legitimate websites because ads come from third-party networks.
Malware
Short for “malicious software.” The umbrella term covering viruses, ransomware, spyware, trojans, and worms.
Man-in-the-Middle Attack (MITM)
An attack where someone secretly sits between you and the website or person you’re communicating with, reading or altering the conversation. Open Wi-Fi makes this easy unless your traffic is encrypted.
Metadata
Data about data — when a photo was taken, on what phone, at what GPS coordinates. Often more revealing than the content itself.
Multi-Factor Authentication (MFA)
Logging in with more than just a password — usually a code from an app, a text, or a hardware key. The single most effective step you can take to protect your accounts.
N
NAT (Network Address Translation)
A technique your router uses to let many devices share one public IP address. Adds a small amount of accidental security.
Network
Any group of connected devices. Your home Wi-Fi is a network; the entire internet is a network of networks.
NIST (National Institute of Standards and Technology)
A U.S. government agency that publishes widely respected cybersecurity guidelines, including the NIST Cybersecurity Framework.
O
One-Time Password (OTP)
A short code that’s only valid for a single login or a few seconds. Usually delivered by an authenticator app or text message.
Open Source
Software whose code is public and can be inspected by anyone. Often more trustworthy because flaws can be spotted by independent researchers.
OPSEC (Operational Security)
Thinking carefully about what information you expose and to whom. Posting a vacation selfie is bad OPSEC if you also broadcast your home address.
P
Packet Sniffer
A tool that captures and inspects network traffic. Used by IT pros for troubleshooting and by attackers for eavesdropping.
Passkey
A modern, password-free login method backed by Apple, Google, and Microsoft. Your device stores a cryptographic key tied to your fingerprint or face — nothing for an attacker to phish or steal.
Password Manager
An app that creates, stores, and auto-fills strong, unique passwords for every account. The single biggest upgrade most people can make to their security.
Patch
A software update that fixes a bug or security flaw. “Patch Tuesday” is the second Tuesday each month when Microsoft releases its monthly batch.
Payload
The actual harmful action a piece of malware delivers — encrypting your files, stealing your passwords, opening a backdoor.
Penetration Test (Pentest)
A simulated attack carried out by friendly hackers to find weaknesses before real attackers do. Required by many regulations.
Personally Identifiable Information (PII)
Any data that can identify a specific person — name, address, Social Security number, email, biometrics. The category most laws focus on protecting.
Pharming
Redirecting you to a fake website even when you type the correct address, by tampering with DNS or your computer’s host file.
Phishing
A fake email, text, or message that tricks you into clicking a malicious link, opening a bad attachment, or handing over passwords or money. The starting point of most cyberattacks.
Pig Butchering Scam
A long-running romance-meets-investment scam where the criminal builds a relationship over weeks or months, then convinces the victim to invest in a fake crypto platform. Devastating financial losses.
PIN (Personal Identification Number)
A short numeric code used to unlock a device or card. Stronger than nothing, but no substitute for a real password on important accounts.
Plaintext
Data in its normal, readable form — before encryption or after decryption.
Privacy Policy
A legal document that explains what data a company collects about you, why, and who they share it with. Worth skimming before signing up for anything.
Privilege Escalation
An attack technique where a low-level user account is used to gain higher-level (often administrator) access.
Proxy Server
A middleman server your traffic passes through on its way to a website. Can be used to hide your IP, filter content, or speed things up.
Public Key Infrastructure (PKI)
The system of certificates, keys, and authorities that lets us trust websites, sign documents, and send encrypted messages on the open internet.
Q
Quarantine
When antivirus software isolates a suspicious file in a locked area where it can’t run, instead of deleting it outright. Lets you review false positives.
Quishing (QR Code Phishing)
Phishing that uses malicious QR codes — on flyers, parking meters, restaurant menus, or stickers slapped over real ones — to send victims to fake login pages.
R
Ransomware
Malware that encrypts your files and demands payment (usually in cryptocurrency) for the key to unlock them. Modern versions also threaten to leak your data publicly.
Remote Access Trojan (RAT)
Malware that gives an attacker full remote control of your device — webcam, microphone, files, everything.
Red Team / Blue Team
Red team plays the attacker; blue team plays the defender. Many organizations run regular exercises to keep both sides sharp.
Rootkit
Stealthy malware that buries itself deep in your operating system to hide from antivirus and grant attackers ongoing control.
Router
The device that connects your home or office network to the internet and shares Wi-Fi. Easily the most-overlooked piece of security in most homes.
S
Salt
Random data added to a password before it’s hashed, so two people with the same password don’t end up with the same fingerprint. Makes leaked password databases much harder to crack.
Sandbox
A walled-off environment where suspicious files or programs can run safely, away from the rest of your system. Used by browsers and antivirus tools.
Scareware
Pop-ups that scream “YOUR COMPUTER IS INFECTED!” to push you into installing fake antivirus or calling a fake support number.
Script Kiddie
An unskilled attacker who runs ready-made hacking tools without really understanding them. Still dangerous in volume.
Secure Boot
A feature that checks your device’s startup software for tampering before it loads, blocking malware that tries to run before the operating system.
Security Key
A small physical USB or NFC device (like a YubiKey) that proves your identity when logging in. The most phishing-resistant form of MFA available.
Security Questions
“What was the name of your first pet?” Mostly obsolete because the answers are often public. Treat them as second passwords and lie creatively.
Sextortion
A scam where the attacker claims to have compromising photos or videos of the victim and demands payment to keep them private. Most threats are bluffs; never pay.
SIEM (Security Information and Event Management)
A system that pulls together logs and alerts from across an organization so security teams can spot attacks in progress.
SIM Swap
An attack where a criminal convinces your mobile carrier to move your phone number to their SIM card, then uses it to receive your text-message login codes. Why authenticator apps beat SMS.
Smishing (SMS Phishing)
Phishing delivered by text message — fake delivery alerts, fake bank fraud warnings, fake IRS notices. The fastest-growing scam category.
Social Engineering
Manipulating people instead of computers. Phishing, vishing, smishing, romance scams, and tech support scams are all social engineering.
Spam
Unwanted bulk messages — usually email, sometimes SMS or DMs. Annoying at best, dangerous at worst when it carries phishing links.
Spear Phishing
A targeted phishing attack aimed at a specific person, often using details pulled from social media to seem convincing.
Spoofing
Faking the source of something — an email address, a phone number, a website, even a GPS signal — to deceive the recipient.
Spyware
Malware that quietly watches what you do — keystrokes, screenshots, browsing — and reports back to whoever planted it.
SQL Injection
An attack that sends malicious database commands through a website’s input fields. A leading cause of major data breaches for two decades.
SSL / TLS
The encryption protocols that secure your connections to websites and apps. SSL is the old name; TLS is the modern version. The padlock icon means TLS is in use.
Supply Chain Attack
An attack that compromises a trusted supplier — a software vendor, a contractor, an open-source library — to indirectly reach the real target. The 2020 SolarWinds incident is the textbook case.
T
Tailgating
Slipping into a secure building by following someone with a badge, often by carrying a coffee or a stack of boxes. The physical version of social engineering.
Tech Support Scam
A pop-up or phone call claiming to be from Microsoft, Apple, or your bank, telling you your device is infected and demanding remote access or payment. No legitimate company calls you out of the blue.
Threat Actor
A general term for any person or group conducting an attack. Includes nation-states, organized crime, hacktivists, and lone scammers.
Threat Intelligence
Information about current attackers, their tools, and their targets. Helps defenders stay one step ahead.
Tor
Free software that bounces your internet traffic through multiple encrypted relays around the world to hide your identity. Used by journalists, activists, and criminals alike.
Trojan
Malware disguised as a useful program. Named after the Trojan horse — looks like a gift, hides an army.
Two-Factor Authentication (2FA)
A specific form of MFA that uses exactly two factors. Often used interchangeably with MFA in everyday speech.
Typosquatting
Registering domain names that are misspellings of popular sites (amazom.com, googel.com) to catch people who fat-finger the URL.
U
Unauthorized Access
Getting into a system, account, or area without permission. Could be a hacker, a curious coworker, or a child who guessed the iPad PIN.
USB Drop Attack
Leaving infected USB sticks in parking lots or lobbies, betting that someone will plug one into a work computer out of curiosity. They usually do.
V
Virus
Malware that copies itself and spreads from file to file or device to device, often damaging or stealing data along the way. Today, “virus” is often used loosely to mean any malware.
Vishing (Voice Phishing)
Phishing over a phone call. Now turbocharged by AI voice cloning that can mimic a family member in seconds.
VPN (Virtual Private Network)
A service that encrypts your internet traffic and routes it through a remote server, hiding your IP address from websites and your activity from your ISP. Useful on public Wi-Fi and for privacy — but not a magic shield.
Vulnerability
A flaw in software, hardware, or process that an attacker can exploit. Patches exist to fix vulnerabilities, which is why updates matter.
W
Watering Hole Attack
An attacker compromises a website they know their target audience visits — an industry forum, a niche news site — and waits for victims to walk in.
Web Application Firewall (WAF)
A specialized firewall that protects websites from attacks like SQL injection and cross-site scripting. Standard equipment for any serious online business.
Whaling
Phishing aimed at “big fish” — CEOs, CFOs, executives — usually involving fake wire transfer requests or fake legal documents.
White Hat Hacker
An ethical hacker who finds and reports flaws to help organizations defend themselves. Often paid through bug bounty programs.
Wi-Fi
The wireless technology that connects your devices to a local network and the internet. Always set a strong password and use WPA3 if your router supports it.
Worm
Malware that spreads on its own across networks without needing a human to click anything. Famous examples: WannaCry, ILOVEYOU.
WPA / WPA2 / WPA3
The security standards for Wi-Fi networks. WPA3 is the newest and most secure; WPA2 is still acceptable; anything older should be replaced.
X
XSS (Cross-Site Scripting)
An attack that injects malicious code into a trusted website so that other visitors run it. Used to steal cookies, hijack sessions, and deface sites.
Y
YubiKey
A popular brand of security key. Plug it into a USB port (or tap it on your phone) and tap to log in.
Z
Zero-Day
A software flaw that’s being exploited by attackers before the vendor knows about it — meaning there’s zero days’ worth of patch available. Among the most dangerous types of vulnerability.
Zero Trust
A modern security philosophy that says never automatically trust anyone or anything, even inside your own network. Always verify.
Zombie Computer
A device infected with malware and quietly controlled by an attacker as part of a botnet.
Frequently Asked Questions
What is the most important cybersecurity term to understand?
If you only learn one, learn multi-factor authentication (MFA). Turning it on for your email, bank, and social accounts blocks the vast majority of common attacks.
What’s the difference between a virus and malware?
Malware is the umbrella term for any malicious software. A virus is one specific type of malware that copies itself. All viruses are malware, but not all malware is a virus.
Is the dark web illegal?
No — using the dark web is legal in most countries. What people do on it can be illegal, but the network itself is also used by journalists, whistleblowers, and citizens of oppressive regimes.
What’s the difference between authentication and authorization?
Authentication proves who you are. Authorization decides what you’re allowed to do once you’re in.
Are passkeys really better than passwords?
For most people, yes. Passkeys can’t be phished, can’t be guessed, and don’t leak in data breaches the way passwords do.
Don’t see a term? Suggest one here and we’ll add it.