Cybersecurity Glossary

A WAF bypass refers to the circumvention or evasion of a web application firewall (WAF) to launch an attack against a target application. WAFs are designed to protect web applications by filtering and monitoring incoming web traffic, detecting and blocking malicious requests or known attack patterns. However, sophisticated attackers may employ various techniques, such as input validation bypass, encoding manipulation, or obfuscation, to evade detection by the WAF and successfully exploit vulnerabilities in the target application. WAF bypass techniques highlight the need for continuous monitoring, tuning, and updating of WAF configurations to effectively defend against emerging attack vectors.

War dialling is a technique used to identify and exploit insecure or unauthorised access points, such as modems or telephone lines, by systematically dialling a range of phone numbers to discover connections. In war dialling, an automated tool or script sequentially dials phone numbers, attempting to establish a connection with devices that may have modems or remote access capabilities. This technique is primarily used to identify vulnerable or unprotected systems that can be targeted for unauthorised access, data theft, or other malicious activities. War dialling highlights the importance of securing remote access points and disabling unused or unnecessary modem connections.

War driving is the practice of searching for and mapping wireless networks, typically Wi-Fi networks, by driving or walking around with a wireless-enabled device and scanning for available networks and their associated information. War driving can be performed using specialised software and hardware tools that detect and log wireless network signals, including the network name (SSID), signal strength, encryption type, and potentially other metadata. The collected information can be used to identify vulnerable or misconfigured wireless networks, perform unauthorised access, or conduct further network analysis. War driving serves as a reminder for organisations to secure their wireless networks and implement strong encryption, access controls, and monitoring mechanisms.

A watering hole attack is a targeted cyber attack strategy that involves compromising websites or web resources that are frequently visited by a specific group of users or individuals of interest. The attackers identify websites that are likely to be visited by their intended targets and inject malicious code or malware into those websites. When the target users visit the compromised websites, their systems may become infected with malware or be redirected to a malicious site designed to exploit vulnerabilities. Watering hole attacks rely on the trust established by the targeted users with the compromised websites, making them unsuspecting victims. Organisations and users can mitigate the risk of watering hole attacks by keeping their systems and software up to date, implementing strong web filtering and security measures, and maintaining user awareness of potential threats.

A watering hole website refers to a legitimate website that has been compromised by attackers with the intention of distributing malware or launching targeted attacks. Attackers identify websites that are likely to be visited by their intended victims or target audience and inject malicious code into these websites. When users visit the compromised watering hole website, their systems may be infected with malware or be subjected to further exploitation. Watering hole attacks are particularly effective when targeting specific industries, organisations, or user communities. Users should exercise caution and ensure their systems are adequately protected when accessing websites, even those that are considered trustworthy or reputable.

Watermarking is the process of embedding a unique and identifiable mark or pattern into digital content, such as images, videos, or documents, to indicate ownership, authenticity, or copyright protection. Watermarks are often visible, such as text or logos overlaid on the content, but they can also be invisible, embedded within the data itself. Watermarking can deter unauthorised use or distribution of copyrighted material and provide a means of tracking and identifying the source of leaked or unauthorised content. Digital watermarking techniques can be used for various purposes, including content protection, digital rights management (DRM), or forensic analysis.

A web application firewall (WAF) is a security solution designed to protect web applications from various attacks, including SQL injection, cross-site scripting (XSS), and other web-based vulnerabilities. A WAF sits between the web application and the client, inspecting incoming and outgoing web traffic and applying a set of security rules to filter and block potentially malicious requests. WAFs can detect and block attacks in real-time, protecting web applications from unauthorised access, data breaches, or compromise. WAFs may employ techniques such as signature-based detection, behaviour analysis, input validation, or anomaly detection to identify and mitigate web-based threats.

A web application security scanner is an automated tool or software designed to assess the security of web applications by scanning and analysing their code, configuration, and behaviour. Web application security scanners simulate attacks and vulnerabilities to identify potential weaknesses or security flaws in web applications. They examine various aspects, including input validation, authentication mechanisms, access controls, SQL injection, cross-site scripting (XSS), and other common web vulnerabilities. By running automated scans, web application security scanners help identify security issues that could be exploited by attackers and assist developers in addressing those vulnerabilities.

Web browser security refers to the measures and technologies implemented within web browsers to protect users from online threats, such as malicious websites, drive-by downloads, or phishing attacks. Web browser security features may include sandboxing, which isolates web content from the underlying operating system, secure browsing modes that restrict potentially harmful activities, anti-phishing filters to detect and warn about malicious websites, pop-up blockers, download reputation checks, and support for secure protocols like HTTPS. Keeping web browsers updated with the latest security patches, using trusted browser extensions, and practicing safe browsing habits are crucial for maintaining web browser security.

Web filtering, also known as content filtering, is the process of controlling or blocking access to websites, web content, or specific web-based activities based on predefined rules or policies. Web filtering is commonly used to enforce acceptable use policies, restrict access to inappropriate or malicious websites, prevent data leakage, or comply with regulatory requirements. Web filtering can be implemented using various techniques, such as URL blacklisting or whitelisting, keyword filtering, category-based filtering, or dynamic content analysis. By filtering web content, organisations can reduce exposure to web-based threats, improve productivity, and enforce security and compliance measures.

Whaling is a form of phishing attack that specifically targets high-profile individuals, such as executives, senior management, or individuals with significant authority or access to sensitive information within an organisation. Whaling attacks aim to deceive and trick these individuals into divulging confidential information, such as login credentials, financial details, or sensitive corporate data. Whaling attacks often employ sophisticated social engineering techniques, such as impersonating a trusted colleague, executive, or external business contact, to gain the target's trust and manipulate them into taking actions that benefit the attacker. Whaling attacks require heightened awareness, user training, and robust security measures to mitigate the risk of successful compromise.

Wi-Fi eavesdropping, also known as wireless sniffing or wireless packet capture, is the unauthorised interception and monitoring of wireless network traffic. Attackers use specialised software or devices to capture and analyse data packets transmitted over Wi-Fi networks. By eavesdropping on Wi-Fi communications, attackers can potentially capture sensitive information, such as login credentials, financial data, or confidential communications. To mitigate the risk of Wi-Fi eavesdropping, organisations and users should employ strong encryption protocols (e.g., WPA2 or WPA3), regularly change Wi-Fi passwords, and avoid using unsecured public Wi-Fi networks.

Wi-Fi security refers to the measures and protocols used to protect wireless networks and the devices connected to them from unauthorised access, data interception, or other security threats. Wi-Fi security mechanisms include encryption protocols, such as WPA2 (Wi-Fi Protected Access 2) or WPA3, that provide confidentiality and integrity of wireless communications. Other security measures include strong and unique Wi-Fi passwords, disabling SSID broadcasting, MAC address filtering, and implementing network segmentation or VLANs to separate different types of devices or users. Maintaining up-to-date firmware on Wi-Fi routers and using intrusion detection or prevention systems can further enhance Wi-Fi security.

A wireless access point (WAP) is a device that allows wireless devices, such as laptops, smartphones, or tablets, to connect to a wired network through Wi-Fi. A WAP acts as a bridge between the wireless and wired networks, enabling wireless clients to access network resources, such as the internet or shared files. Wireless access points are commonly used in homes, offices, public spaces, and other environments where wireless connectivity is required. To ensure security, WAPs should be properly configured with strong encryption, unique passwords, and appropriate access controls to prevent unauthorised access or misuse of the wireless network.

Wireless security encompasses the measures and practices implemented to protect wireless networks, devices, and data from unauthorised access, interception, or manipulation. Wireless security includes aspects such as Wi-Fi security protocols (e.g., WPA2, WPA3), encryption, authentication mechanisms, network segmentation, strong and unique passwords, regular firmware updates, intrusion detection and prevention systems, and user education. By implementing robust wireless security measures, organisations and users can safeguard their wireless networks and ensure the confidentiality, integrity, and availability of wireless communications.

A worm is a type of self-replicating malware that can spread independently across computer networks or systems without requiring user interaction. Worms exploit vulnerabilities in operating systems or network protocols to gain access to target systems and then propagate by creating copies of themselves and infecting other vulnerable devices. Worms can cause significant harm, including network congestion, system instability, data loss, or the installation of additional malicious software. Protecting against worms involves maintaining up-to-date software patches, using network firewalls, employing intrusion detection systems, and practicing safe computing practices, such as avoiding suspicious email attachments or downloading files from untrusted sources.