{"id":640410,"date":"2024-10-03T20:20:00","date_gmt":"2024-10-03T17:20:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/the-techcrunch-cyber-glossary-techcrunch\/"},"modified":"2024-10-03T20:20:00","modified_gmt":"2024-10-03T17:20:00","slug":"the-techcrunch-cyber-glossary-techcrunch","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/the-techcrunch-cyber-glossary-techcrunch\/","title":{"rendered":"#The TechCrunch Cyber Glossary | TechCrunch"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2814a4aaee7\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2814a4aaee7\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/the-techcrunch-cyber-glossary-techcrunch\/#Advanced_persistent_threat_APT\" >Advanced persistent threat (APT)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/the-techcrunch-cyber-glossary-techcrunch\/#Virtual_private_network_VPN\" >Virtual private network (VPN)<\/a><\/li><\/ul><\/nav><\/div>\n<div>\n<p id=\"speakable-summary\" class=\"wp-block-paragraph\">The cybersecurity world is full of technical lingo and jargon. At TechCrunch, we have been writing about cybersecurity for years, and even we sometimes need a refresher on what exactly a specific word or expression means. That\u2019s why we have created this glossary, which includes some of the most common \u2014 and not so common \u2014 words and expressions that we use in our articles, and explanations of how, and why, we use them.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">This is a developing compendium, and we will update it regularly.\u00a0<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\" id=\"advanced-persistent-threat-apt\"><span class=\"ez-toc-section\" id=\"Advanced_persistent_threat_APT\"><\/span>Advanced persistent threat (APT)<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"wp-block-paragraph\">An advanced persistent threat (APT) is often categorized as a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#hacker\">hacker<\/a>, or group of hackers, which gains and maintains unauthorized access to a targeted system. The main aim of an APT intruder is to remain undetected for long periods of time, often to conduct espionage and surveillance, to steal data, or sabotage critical systems.<\/p>\n<p class=\"wp-block-paragraph\">APTs are traditionally well-resourced hackers, including the funding to pay for their malicious campaigns, and access to hacking tools typically reserved by governments. As such, many of the long-running APT groups are associated with nation states, like China, Iran, North Korea, and Russia. In recent years, we\u2019ve seen examples of non-nation state cybercriminal groups that are financially motivated (such as theft and money laundering) carrying out cyberattacks similar in terms of persistence and capabilities as some traditional government-backed APT groups.<\/p>\n<p class=\"wp-block-paragraph\">(See: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#hacker\">Hacker<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">The ability to run commands or malicious code on an affected system, often because of a security vulnerability in the system\u2019s software. Arbitrary code execution can be achieved either remotely or with physical access to an affected system (such as someone\u2019s device). In the cases where arbitrary code execution can be achieved over the internet, security researchers typically call this remote code execution.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Often, code execution is used as a way to plant a back door for maintaining long-term and persistent access to that system, or for running malware that can be used to access deeper parts of the system or other devices on the same network.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#remote-code-execution\">Remote code execution<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Botnets are networks of hijacked internet-connected devices, such as webcams and home routers, that have been compromised by malware (or sometimes weak or default passwords) for the purposes of being used in cyberattacks. Botnets can be made up of hundreds or thousands of devices and are typically controlled by a command-and-control server that sends out commands to ensnared devices. Botnets can be used for a range of malicious reasons, like using the distributed network of devices to mask and shield the internet traffic of cybercriminals, deliver malware, or harness their collective bandwidth to maliciously crash websites and online services with huge amounts of junk internet traffic.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#command-and-control-c2\">Command-and-control server<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#distributed-denial-of-service-ddos\">Distributed denial-of-service<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">A bug is essentially the cause of a software glitch, such as an error or a problem that causes the software to crash or behave in an unexpected way. In some cases, a bug can also be a security vulnerability.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">The term \u201cbug\u201d originated in 1947, at a time when early computers were the size of rooms and made up of heavy mechanical and moving equipment. The first known incident of a bug found in a computer was when a moth <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/education.nationalgeographic.org\/resource\/worlds-first-computer-bug\/\">disrupted the electronics<\/a> of one of these room-sized computers.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#vulnerability\">Vulnerability<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Command-and-control servers (also known as C2 servers) are used by cybercriminals to remotely manage and control their fleets of compromised devices and launch cyberattacks, such as delivering malware over the internet and launching distributed denial-of-service attacks.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#botnet\">Botnet<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#distributed-denial-of-service-ddos\">Distributed denial-of-service<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Cryptojacking is when a device\u2019s computational power is used, with or without the owner\u2019s permission, to generate cryptocurrency. Developers sometimes bundle code in <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>s and on websites, which then uses the device\u2019s processors to complete complex mathematical calculations needed to create new cryptocurrency. The generated cryptocurrency is then deposited in virtual wallets owned by the developer.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Some malicious hackers use malware to deliberately compromise large numbers of unwitting computers to generate cryptocurrency on a large and distributed scale.<\/p>\n<p class=\"wp-block-paragraph\">When we talk about data breaches, we ultimately mean the improper removal of data from where it should have been. But the circumstances matter and can alter the terminology we use to describe a particular incident.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">A data breach is when protected data was confirmed to have improperly left a system from where it was originally stored and usually confirmed when someone discovers the compromised data. More often than not, we\u2019re referring to the exfiltration of data by a malicious cyberattacker or otherwise detected as a result of an inadvertent exposure. Depending on what is known about the incident, we may describe it in more specific terms where details are known.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#data-exposure\">Data exposure<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#data-leak\">Data leak<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">A data exposure (a type of data breach) is when protected data is stored on a system that has no access controls, such as because of human error or a misconfiguration. This might include cases where a system or database is connected to the internet but without a password. Just because data was exposed doesn\u2019t mean the data was actively discovered, but nevertheless could still be considered a data breach.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">A data leak (a type of data breach) is where protected data is stored on a system in a way that it was allowed to escape, such as due to a previously unknown vulnerability in the system or by way of insider access (such as an employee). A data leak can mean that data could have been exfiltrated or otherwise collected, but there may not always be the technical means, such as logs, to know for sure.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">A distributed denial-of-service, or DDoS, is a kind of cyberattack that involves flooding targets on the internet with junk web traffic in order to overload and crash the servers and cause the service, such as a website, online store, or gaming platform to go down.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">DDoS attacks are launched by botnets, which are made up of networks of hacked internet-connected devices (such as home routers and webcams) that can be remotely controlled by a malicious operator, usually from a command-and-control server. Botnets can be made up of hundreds or thousands of hijacked devices.<\/p>\n<p class=\"wp-block-paragraph\">While a DDoS is a form of cyberattack, these data-flooding attacks are not \u201chacks\u201d in themselves, as they don\u2019t involve the breach and exfiltration of data from their targets, but instead cause a \u201cdenial of service\u201d event to the affected service.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#botnet\">Botnet<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#command-and-control-c2\">Command-and-control server<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Encryption is the way and means in which information, such as files, documents, and private messages, are scrambled to make the data unreadable to anyone other than to its intended owner or recipient. Encrypted data is typically scrambled using an encryption algorithm \u2014 essentially a set of mathematical formulas that determines how<em> <\/em>the data should be encrypted \u2014 along with a private key, such as a password, which can be used to unscramble (or \u201cdecrypt\u201d) the protected data.<\/p>\n<p class=\"wp-block-paragraph\">Nearly all modern encryption algorithms in use today are open source, allowing anyone (including security professionals and cryptographers) to review and check the algorithm to make sure it\u2019s free of faults or flaws. Some encryption algorithms are stronger than others, meaning data protected by some weaker algorithms can be decrypted by harnessing large amounts of computational power.<\/p>\n<p class=\"wp-block-paragraph\">Encryption is different from encoding, which simply converts data into a different and standardized format, usually for the benefit of allowing computers to read the data.<\/p>\n<p class=\"wp-block-paragraph\">End-to-end encryption (or E2EE) is a security feature built into many messaging and file-sharing apps, and is widely considered one of the strongest ways of securing digital communications as they traverse the internet.<\/p>\n<p class=\"wp-block-paragraph\">E2EE scrambles the file or message on the sender\u2019s device before it\u2019s sent in a way that allows only the intended recipient to decrypt its contents, making it near-impossible for anyone \u2014 including a malicious hacker, or even the app maker \u2014 to snoop inside on someone\u2019s private communications. In recent years, E2EE has become the default security standard for many messaging apps, including Apple\u2019s iMessage, <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Facebook<\/a> Messenger, Signal, and WhatsApp.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">E2EE has also become the subject of governmental frustration in recent years, as encryption makes it impossible for tech companies or app providers to give over information that they themselves do not have access to.<\/p>\n<p class=\"wp-block-paragraph\">Most modern systems are protected with multiple layers of security, including the ability to set user accounts with more restricted access to the underlying system\u2019s configurations and settings. This prevents these users \u2014 or anyone with improper access to one of these user accounts \u2014 from tampering with the core underlying system. However, an \u201cescalation of privileges\u201d event can involve exploiting a bug or tricking the system into granting the user more access rights than they should have.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Malware can also take advantage of bugs or flaws caused by escalation of privileges by gaining deeper access to a device or a connected network, potentially allowing the malware to spread.<\/p>\n<p class=\"wp-block-paragraph\">An exploit is the way and means in which a vulnerability is abused or taken advantage of, usually in order to break into a system.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#bug\">Bug<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#vulnerability\">Vulnerability<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">There is no one single definition of \u201chacker.\u201d The term has its own rich history, culture, and meaning within the security community. Some incorrectly conflate hackers, or hacking, with wrongdoing.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">By our definition and use, we broadly refer to a \u201chacker\u201d as someone who is a \u201cbreaker of things,\u201d usually by altering how something works to make it perform differently in order to meet their objectives. In practice, that can be something as simple as repairing a machine with non-official parts to make it function differently as intended, or work even better.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">In the cybersecurity sense, a hacker is typically someone who breaks a system or breaks the security of a system. That could be anything from an internet-connected computer system to a simple door lock. But the person\u2019s intentions and motivations (if known) matter in our reporting, and guides how we accurately describe the person, or their activity.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">There are ethical and legal differences between a hacker who works as a security researcher, who is professionally tasked with breaking into a company\u2019s systems with their permission to identify security weaknesses that can be fixed before a malicious individual has a chance to exploit them; and a malicious hacker who gains <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#unauthorized\">unauthorized<\/a> access to a system and steals data without obtaining anyone\u2019s permission.<\/p>\n<p class=\"wp-block-paragraph\">Because the term \u201chacker\u201d is inherently neutral, we <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/general\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"General\" target=\"_blank\" rel=\"noopener\">general<\/a>ly apply descriptors in our reporting to provide context about who we\u2019re talking about. If we know that an individual works for a government and is contracted to maliciously steal data from a rival government, we\u2019re likely to describe them as a nation-state or government hacker<strong> <\/strong>(or, if appropriate, an <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#advanced-persistent-threat-apt\">advanced persistent threat<\/a>), for example. If a gang is known to use malware to steal funds from individuals\u2019 bank accounts, we may describe them as financially motivated hackers, or if there is evidence of criminality or illegality (such as an indictment), we may describe them simply as cybercriminals.<\/p>\n<p class=\"wp-block-paragraph\">And, if we don\u2019t know motivations or intentions, or a person describes themselves as such, we may simply refer to a subject neutrally as a \u201chacker,\u201d where appropriate.<\/p>\n<p class=\"wp-block-paragraph\">(Also see: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#advanced-persistent-threat-apt\">Advanced persistent threat<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#unauthorized\">Unauthorized<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Short for \u201cinformation security,\u201d an alternative term used to describe defensive cybersecurity focused on the protection of data and information. \u201cInfosec\u201d may be the preferred term for industry veterans, while the term \u201ccybersecurity\u201d has become widely accepted. In modern times, the two terms have become largely interchangeable.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Jailbreaking is used in several contexts to mean the use of exploits and other hacking techniques to circumvent the security of a device, or removing the restrictions a manufacturer puts on hardware or software. In the context of iPhones, for example, a jailbreak is a technique to remove Apple\u2019s restrictions on installing apps outside of its \u201cwalled garden\u201d or to gain the ability to conduct security research on Apple devices, which is normally highly restricted. In the context of AI, jailbreaking means figuring out a way to get a chatbot to give out information that it\u2019s not supposed to.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">Malware is a broad umbrella term that describes malicious software. Malware can land in many forms and be used to exploit systems in different ways. As such, malware that is used for specific purposes can often be referred to as its own subcategory. For example, the type of malware used for conducting surveillance on people\u2019s devices is also called \u201cspyware,\u201d while malware that encrypts files and demands money from its victims is called \u201cransomware.\u201d<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#ransomware\">Ransomware<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#spyware-commercial-government\">Spyware<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Metadata is information <em>about<\/em> something digital, rather than its contents. That can include details about the size of a file or document, who created it, and when, or in the case of digital photos, where the image was taken and information about the device that took the photo. Metadata may not identify the contents of a file, but it can be useful in determining where a document came from or who authored it. Metadata can also refer to information about an exchange, such as who made a call or sent a text message, but not the contents of the call or the message.<\/p>\n<p class=\"wp-block-paragraph\">Ransomware is a type of malicious software (or <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#malware\">malware<\/a>) that prevents device owners from accessing its data, typically by encrypting the person\u2019s files. Ransomware is usually deployed by cybercriminal gangs who demand a ransom payment \u2014 usually cryptocurrency \u2014 in return for providing the private key to decrypt the person\u2019s data.<\/p>\n<p class=\"wp-block-paragraph\">In some cases, ransomware gangs will steal the victim\u2019s data before encrypting it, allowing the criminals to extort the victim further by threatening to publish the files online. Paying a ransomware gang is no guarantee that the victim will get their stolen data back, or that the gang will delete the stolen data.<\/p>\n<p class=\"wp-block-paragraph\">One of the first-ever ransomware attacks was <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/en.wikipedia.org\/wiki\/AIDS_(Trojan_horse)\">documented in 1989<\/a>, in which malware was distributed via floppy disk (an early form of removable storage) to attendees of the World Health Organization\u2019s AIDS conference. Since then, ransomware has evolved into a multi-billion dollar criminal industry as attackers refine their tactics and hone in on big-name corporate victims.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#malware\">Malware<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Remote code execution refers to the ability to run commands or malicious code (such as malware) on a system from over a network, often the internet, without requiring any human interaction from the target. Remote code execution attacks can range in complexity but can be highly damaging when vulnerabilities are exploited.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#arbitrary-code-execution\">Arbitrary code execution<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">A broad term, like malware, that covers a range of surveillance monitoring software. Spyware is typically used to refer to malware made by private companies, such as NSO Group\u2019s Pegasus, Intellexa\u2019s Predator, and Hacking Team\u2019s Remote Control System, among others, which the companies sell to government agencies. In more generic terms, these types of malware are like remote access tools, which allows their operators \u2014 usually government agents \u2014 to spy and monitor their targets, giving them the ability to access a device\u2019s camera and microphone or exfiltrate data. Spyware is also referred to as commercial or government spyware, or mercenary spyware.<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#stalkerware\">Stalkerware<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">Stalkerware is a kind of surveillance malware (and a form of spyware) that is usually sold to ordinary consumers under the guise of child or employee monitoring software but is often used for the purposes of spying on the phones of unwitting individuals, oftentimes spouses and domestic partners. The spyware grants access to the target\u2019s messages, location, and more. Stalkerware typically requires physical access to a target\u2019s device, which gives the attacker the ability to install it directly on the target\u2019s device, often because the attacker knows the target\u2019s passcode.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#spyware-commercial-government\">Spyware<\/a>)<\/p>\n<p class=\"wp-block-paragraph\">What are you trying to protect? Who are you worried about that could go after you or your data? How could these attackers get to the data? The answers to these kinds of questions are what will lead you to create a threat model. In other words, threat modeling is a process that an organization or an individual has to go through to design software that is secure, and devise techniques to secure it. A threat model can be focused and specific depending on the situation. A human rights activist in an authoritarian country has a different set of adversaries, and data, to protect than a large corporation in a democratic country that is worried about ransomware, for example.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">When we describe \u201cunauthorized\u201d access, we\u2019re referring to the accessing of a computer system by breaking any of its security features, such as a login prompt or a password, which would be considered illegal under the U.S. Computer Fraud and Abuse Act, or the CFAA. The Supreme Court in 2021 clarified the CFAA, finding that accessing a system lacking any means of authorization \u2014 for example, a database with no password\u00a0\u2014 is not illegal, as you cannot break a security feature that isn\u2019t there.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">It\u2019s worth noting that \u201cunauthorized\u201d is a broadly used term and often used by companies subjectively, and as such has been used to describe malicious hackers who steal someone\u2019s password to break in through to incidents of insider access or abuse by employees.\u00a0<\/p>\n<h2 class=\"wp-block-heading\" id=\"virtual-private-network-vpn\"><span class=\"ez-toc-section\" id=\"Virtual_private_network_VPN\"><\/span>Virtual private network (VPN)<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"wp-block-paragraph\">A virtual private network, or VPN, is a networking <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> that allows someone to \u201cvirtually\u201d access a private network, such as their workplace or home, from anywhere else in the world. Many use a VPN provider to browse the web, thinking that this can help to avoid online surveillance.<\/p>\n<p class=\"wp-block-paragraph\">TechCrunch has a skeptics\u2019 guide to VPNs that can help you decide if you think a VPN makes sense for you. If it does, we\u2019ll show you how to set up your own private and encrypted VPN server that only you control. And if you don\u2019t, we explore some of the privacy tools and other measures you can take to\u00a0meaningfully improve your privacy online.<\/p>\n<p class=\"wp-block-paragraph\">A vulnerability (also referred to as a security flaw) is a type of bug that causes software to crash or behave in an unexpected way that affects the security of the system or its data. Sometimes, two or more vulnerabilities can be used in conjunction with each other \u2014 known as \u201cvulnerability chaining\u201d \u2014 to gain deeper access to a targeted system.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#bug\">Bug<\/a>; <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#exploit\">Exploit)<\/a><\/p>\n<p class=\"wp-block-paragraph\">A zero-day is a specific type of security vulnerability that has been publicly disclosed or exploited but the vendor who makes the affected hardware or software has not been given time (or \u201czero days\u201d) to fix the problem. As such, there may be no immediate fix or mitigation to prevent an affected system from being compromised. This can be particularly problematic for internet-connected devices.\u00a0<\/p>\n<p class=\"wp-block-paragraph\">(See also: <a rel=\"nofollow noopener\" target=\"_blank\" href=\"#vulnerability\">Vulnerability<\/a>)<\/p>\n<p class=\"wp-block-paragraph\"><em>Updated on September 25 to add several new entries, and again on October 3.<\/em><\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology<\/a><\/span> category.<\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techcrunch.com\/2024\/10\/03\/techcrunch-reference-guide-to-security-terminology\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The cybersecurity world is full of technical lingo and jargon. At TechCrunch, we have been writing about cybersecurity for years, and even we sometimes need a refresher on what exactly a specific word or expression means. That\u2019s why we have created this glossary, which includes some of the most common \u2014 and not so common&#8230;<\/p>\n","protected":false},"author":1,"featured_media":640411,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/techcrunch.com\/wp-content\/uploads\/2024\/09\/cybersecurity-data-sharing-2024-v2.jpg?resize=1200,675","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[101292,70375,72458,79365,72287],"class_list":["post-640410","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-cyberattacks","tag-cybersecurity","tag-data-breach","tag-evergreen","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/640410","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=640410"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/640410\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/640411"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=640410"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=640410"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=640410"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}