Threat Glossary
ActiveX Controls
ActiveX controls are components that add dynamic and interactive features to Web pages. With ActiveX tools, multimedia effects, animation, and functional applications can be added to Web sites.
Address Bar Spoofing
Alteration of a browser’s address bar to display a legitimate address. This is done by running a script that removes the browser’s address bar and replaces it with a fake one, which is made up of text or images.
Aliases
Different vendors often have their own approaches towards malware detection, which may result in different naming conventions. The aliases field in the Virus Encyclopedia, Spyware/Grayware and Vulnerabilities pages indicates other names used to refer to the same threat.
Backdoor
Backdoor programs are applications that open computers to access by remote systems. These programs typically respond to specially-built client programs but can be designed to respond to legitimate messaging applications. Many backdoor programs actually make use of the IRC backbone, receiving commands from common IRC chat clients via the IRC network.
Blacklist
A blacklist is a list of items in a set that are not accepted. This list is exclusionary, confirming that the item being analyzed is not acceptable. It is the opposite of a whitelist which confirms that items are acceptable. An email blacklist, for example, would not allow email from known malicious addresses to be received.
Blended Threat
Blended threats are bundles of malicious programs that combine the functionality of different types of malware, including Trojans, worms and backdoors. A blended threat often involves an infection chain whereby a visitor to a website is first diverted to a malicious URL, then compelled via social engineering to download a malicious file which then continues to download additional malicious files. By using multiple methods and techniques cybercriminals are able to quickly and surreptitiously spread threats.
Boot Sector Virus
Boot sector viruses infect the boot sector or the partition table of a disk. Computer systems are typically infected by these viruses when started with infected floppy disks - the boot attempt does not have to be successful for the virus to infect the computer hard drive. Once a computer is infected, boot sector viruses usually attempt to infect every disk accessed on the infected system. In general, boot sector viruses can be successfully removed.
Bot
A bot is a remotely controlled Trojan which infects Internet-connected PCs and is remotely controlled by an attacker typically via private IRC channels. A bot-controlled PC is often referred to as a zombie or a compromised PC because it under the control of a third party.
Botnet
A botnet (short for bot network) is a network of hijacked zombie computers controlled remotely by a hacker. The hacker uses the network to send spam and launch Denial of Service attacks, and may rent the network out to other cybercriminals.
Browser Helper Object
Browser Helper Objects (BHOs) are companion applications for Microsoft Internet Explorer. They usually come in the form of toolbars, search helpers, and monitoring applications. Some adware and spyware programs have employed BHOs to monitor user browsing habits and deliver targeted advertising as well as steal information.
CHM
This extension is used by Microsoft Compiled HTML Help files. It is generally used to store the help files of applications, although alternate uses – such as for e-books - are possible.
CLSID
The Class ID, or CLSID, is a serial number that represents a unique ID for any application component in Windows. In practice, this means all registry entries for an application component can usually be found under the registry key HKEY_CLASSES_ROOT\CLSID\{CLSID value}. Certain malware have the ability to encrypt copies of itself such that antivirus scanners may find it difficult to detect them using existing signatures of available samples. More complex malware use variable encryption keys for each new copy, requiring more complex formula-based patterns from antivirus vendors. End User License Agreement (EULA)An End User License Agreement (EULA) is a legal contract between a software publisher and the software user. It typically outlines restrictions for the user. Many users inadvertently agree to the installation of spyware and adware onto their computers when they click "I accept" on EULA prompts displayed during the installation of certain free software.
Click fraud
Click fraud is a type of internet crime that occurs in pay-per-click online advertising when a person, automated script, or computer program imitates a legitimate user of a web browser clicking on an ad, for the purpose of generating a charge per click without having actual interest in the target of the ad's link.
Clickjacking
Clickjacking allows cybercriminals to hide malware and other threats under the content of legitimate sites. When visitors click on links on pages that have been clickjacked, they can unknowingly become victims of malware downloads.
Cloud Computing
The cloud is a metaphor for the Internet. Cloud computing is a mechanism for providing IT-related functionality as a service, allowing users to access technology-enabled services from the Internet without needing the knowledge, expertise or control over the infrastructure that supports them. For example, in-the-cloud security detects and blocks threats in the cloud where they occur before they can harm your computer or network.
Common Malware Enumeration (CME) Initiative
The CME initiative is an effort headed by the United States Computer Emergency Readiness Team (US-CERT), in collaboration with key organizations within the security community. Through the adoption of a neutral, shared identification method, the CME initiative seeks to: reduce the public's confusion in referencing threats during malware incidents; enhance communication between anti-virus vendors; and improve communication and information sharing between anti-virus vendors and the rest of the information security community.
Common Malware Enumeration (CME) Number
A Common Malware Enumeration (CME) number is a unique, vendor-neutral identifier for a particular threat (see CME Initiative and US-CERT).
Control Pattern Release (CPR)
The Control Pattern Release is a pre-release version of the Trend Micro threat protection database. It is a fully tested, manually downloadable scan pattern file, and serves as an emergency patch during a threat incident or event.
Cookies
Cookies are text files that are created when users visit websites. They store information such as shopping cart contents, registration or login credentials, and user preferences. When a user returns to a website, a cookie provides information and allows the site to display in customized formats and to show targeted content such as advertising. Advertisers use cookies to track user activity across sites so they can better target ads.
Cracking tool
Cracking tools are software applications used by malicious users to break security measures implemented on target systems. Examples of this include password cracking software that would allow unauthorized access to other PCs.
Crimeware
Crimeware is a general term for software used to perpetrate crime, such as stealing personal identities, money or proprietary information. Crimeware can spread by way of viruses, Trojan horse programs, worms, spyware, or adware.
Cybercriminals
Cybercriminals are hackers and other malicious users that use the Internet to commit crimes such as identity theft, spamming, phishing and other types of fraud. Cybercriminals often work together forming cyber gangs.
DLL
Dynamic Link Libraries (DLLs) provide a series of functions and routines to other applications and/or libraries that the latter do not have by themselves. This is frequently used in Windows. Identical routines used by different software applications need not use their own code. This saves system resources.
DOC
These files are normally document files used, by default, by older versions of Microsoft Word and many other word processing applications. They may deliver malware to systems in one of two ways: either through the execution of embedded scripts, or through the exploitation of known vulnerabilities in applications that handle this file format.
Damage Cleanup Engine
Damage Cleanup Engine is the automated cleanup component of Trend Micro products. Trend Micro provides automated cleanup for all critical malware threats using the Damage Cleanup Engine, which is initiated upon malware detection. It loads the Damage Cleanup Template for the specific threat found.
Damage potential
A malware's damage potential rating may be high, medium, or low based on its inherent capacity to cause both direct and indirect damage to systems or networks. Certain malware are designed specifically to delete or corrupt files, causing direct damage. Denial of service (DoS) malware may also cause direct and intended damage by flooding specific targets. Mass-mailers and network worms usually cause indirect damage when they clog mail servers and network bandwidth, respectively.
Data Stealing Malware
Data stealing malware is a web threat that divests victims of personal and proprietary information with the intent of monetizing stolen data through direct use or underground distribution. Content security threats that fall under this umbrella include keyloggers, screen scrapers, spyware, adware, backdoors, and bots. The term does not refer to activities such as spam, phishing, DNS poisoning, SEO abuse, etc. However, when these threats result in file download or direct installation, as most hybrid attacks do, files that act as agents to proxy information will fall into the data stealing malware category.
Denial of service (DoS)
Denial of service (DoS) is an attacked designed to disable, shut down or disrupt a network, website or service. Typically, a malware routine is used to interrupt or inhibit the normal flow of data into and out of a system such that, in a short period of time, the target is rendered useless. An example of a DoS attack is when a website is accessed massively and repeatedly from different locations, preventing legitimate visitors from accessing the website. When a DoS attack is launched from different locations in coordinated fashion, it is often referred to as a distributed denial of service attack (DDoS).
Dialers
Dialers are software that change modem configurations to dial high cost toll numbers or request payment for access to specific content. Many users run dialers without knowing that some of these programs actually dial long distance numbers or connect to pay-per-call sites; and that they are being charged for the calls. Dialers are often offered as programs for accessing adult sites.
Distributed denial of service (DDoS)
A distributed denial of service (DDoS) is a form of DoS attack in which the attack is launched from different locations in coordinated fashion.
Domain Name System (DNS)
The Domain Name System (DNS) is the Internet standard for assigning IP addresses to domain names. A common analogy used to explain DNS is that it acts like the phone book, translating human-friendly host names (www.trendmicro.com) to IP addresses (66.35.255.33).
Droppers
Droppers are programs designed to extract other files from their own code. Typically, these programs extract several files into the computer to install a malicious program package. Droppers may have other functions apart from dropping files.
Encryption
Encryption is the process of converting data into a form that cannot easily be read without knowledge of the conversion mechanism (often called a key).
Executable and Link Format (ELF)
Executable and Link Format (ELF) is an executable file format for the Linux and Unix platforms. Trend Micro detects malicious executable code for Linux and UNIX as ELF_malwarename.
Exploit
An exploit is code that takes advantage of a software vulnerability or security flaw. Exploits are often incorporated into malware, which are consequently able to propagate into and run intricate routines on vulnerable computers.
File Infecting Viruses
File infecting viruses, or file infectors, generally copy their code onto executable programs such as .COM and .EXE files. Most file infectors simply replicate and spread, but some inadvertently damage host programs. There are also file infectors that overwrite host files. Some file infectors carry payloads that range from the highly destructive, such as hard drive formatting, or the benign, such as the display of messages.
Firewall
A firewall prevents computers on a network from communicating directly with external computer systems. A firewall typically consists of a computer that acts as a barrier through which all information passing between the networks and the external systems must travel. The firewall software analyzes information passing between the two and rejects it if it does not conform to pre-configured rules. For additional information about the CME project and a list of available CME numbers, please refer to the Common Malware Enumeration website.
Grayware
Grayware refers to applications that have annoying, undesirable, or undisclosed behavior but do not fall into any of the major threat (ie. Virus or Trojan horse) categories.
Hacker
A hacker is a person who creates and modifies computer software and hardware for either negative or positive reasons. Criminal hackers (cybercriminals) create malware in order to commit crimes.
Hacking tools
Hacking tools are programs that generally crack or break computer and network security measures. Hacking tools have different capabilities depending on the systems they have been designed to penetrate. System administrators have been known to use similar tools - if not the same programs - to test security and identify possible avenues for intrusion.
Hacktivism
Hacktivism can be described as the use of malicious techniques such as denial of service attacks for political reasons, instead of monetary gain or personal reasons, as is more frequently the case. Among those that have been affected by hacktivism are countries, cable news channels, and certain politicians.
Hash values
Hash values can be thought of as fingerprints for files. The contents of a file are processed through a cryptographic algorithm, and a unique numerical value – the hash value - is produced that identifies the contents of the file. If the contents are modified in any way, the value of the hash will also change significantly. Two algorithms are currently widely used to produce hash values: the MD5 and SHA1 algorithms.
Heuristics
Heuristics is a scanning method that looks for malware-like behavior patterns. It is commonly used to detect new or not-yet-known malware.
Hoax
Hoaxes are emails typically arriving in chain letter fashion that often describe impossible events, highly damaging malware or urban legends. Their intent is to frighten and mislead recipients and get them to forward to friends.
Hyper-Text Transfer Protocol (HTTP)
Hyper-Text Transfer Protocol (HTTP) is used to transfer information, such as HTML documents, on the Internet.
Hyper-Text Transfer Protocol Secure (HTTPS)
Hyper-Text Transfer Protocol Secure (HTTPS) is a variation of HTTP that uses the Secure Socket Layer to increase security.
In-the-wild
In-the-wild threats are threats spreading among real world computers - as opposed to test systems. Infection channelThe infection channel is the avenue of distribution for a particular malware and includes email, IRC, bluetooth and peer-to-peer networks among others.
Internet Protocol (IP) Address
Every computer that communicates over the Internet is assigned an IP address that uniquely identifies the device and distinguishes it from other computers on the Internet. An IP address consists of 32 bits, often shown as 4 octets of numbers from 0-255 represented in decimal form instead of binary form (for example, 66.35.255.33).
Internet Relay Chat (IRC)
Internet Relay Chat (IRC) is a network of Internet servers that use a specific protocol through which individuals can hold real-time online conversations via PCs and other devices. Many of today’s botnets utilize IRC to communicate with bot-infected machines.
Java applets
Java applets are used to provide interactive features to web applications and can be executed by browsers for many platforms. They are small, portable Java programs embedded in HTML pages and can run automatically when the pages are viewed. Malware authors have used Java applets as a vehicle for attack. Most Web browsers, however, can be configured so that these applets do not execute - sometimes by simply changing browser security settings to "high."
JavaScript
JavaScript is a scripting language used for client-side web development. It is used in millions of webpages to add functionality, validate forms and detect browsers.
Joke programs
Joke programs are considered relatively harmless and are often designed to annoy or make fun of users. They do not infect files, cause damage, or spread to other systems. Many joke programs are designed to cause unnecessary panic - especially those that cause computers to behave as if something has been damaged. Abnormal system behaviors caused by joke programs include the closing and opening of the CD-ROM tray and the display of numerous message boxes.
Keyloggers
Keyloggers are programs that log keyboard activity. Certain malware employ these programs to gather user information. There are also legitimate keylogging programs that are used by corporations to monitor employees and by parents to monitor their children. Keyloggers usually catch and store all keyboard activity--leaving a person or another application to sort through the keystroke logs for valuable information like logon credentials and credit card numbers.
L
No entries
Macro Virus
During the late 1990s and early 2000, macro viruses were the most prevalent viruses. Unlike other virus types, macro viruses are not specific to an operating system and spread with ease via email attachments, floppy disks, Web downloads, file transfers, and cooperative applications.
Malware
Malware is a general category of malicious code that includes viruses, worms and Trojan horse programs.
Memory resident
A memory-resident program has the ability to stay in the computer’s memory after execution and to continuously run. Typically backdoors stay in memory to await commands, as do . file infectors to infect files as they are opened. Some worms stay in memory to continually send email.
Muling
Muling is a method used by phishers to make it more difficult to recover any stolen funds and identify the eventual culprits. Phishers contact a person (known as the “mule”, a term borrowed from smuggling) to make withdrawals from a compromised account and deposit it to another account under the control of the phishers. In exchange, the mule receives some amount of the money through his hands. When investigations are made, it is the mule who finds himself in legal trouble immediately, not the phishers.
N
No entries
Obfuscation
Obfuscation refers to the process of concealing something important, valuable, or critical. Cybercriminals use obfuscation to conceal information such as files to be downloaded, sites to be visited, etc.
Operating System (OS)
The operating system (OS) is the master software program that controls the computer’s basic functions. Examples of operating systems include Windows, MacOS, Unix and Linux.
The Portable Document Format (PDF) is a file format that is commonly used for transferring documents online. This is because PDF files are displayed the same way on any system, regardless of the system’s hardware, software, and operating system. Due to vulnerabilities found in applications that handle PDFs, however, they may also be used to spread malware.
Password Cracking Application
Password cracking applications are programs that are designed to crack through password-protected systems. Most password cracking applications use a long list of passwords and user names - accessing target systems using the list contents or combinations of the contents until successful.
Pattern File
The pattern file is a database containing information allowing antivirus software to identify viruses. With the exponential growth in malware, the size and frequency of updating the pattern file are becoming increasingly challenging. More and more malware detection will occur in-the-cloud to improve efficiency and efficacyPattern release date
Payload
A payload is the action that a threat performs, apart from its main behavior. Payloads can range from stealing personal information to deleting the contents of a hard drive.
Pharming
Pharming sets up a website that contains copies of pages from a legitimate website in order to capture confidential information from users, such as credit card, bank account, social security numbers and other sensitive personal information. Users are automatically redirected to malicious URLs when hackers hack into DNS servers and change IP addresses.
Phishing
Phishing is a form of identity theft in which a scammer uses an authentic-looking email from a legitimate business to trick recipients into giving out sensitive personal information, such as a credit card, bank account, Social Security numbers or other sensitive personal information. The spoofed email message urges the recipient to click on a link to update their personal profile or carry out some transaction. The link then takes the victim to a fake website where any personal or financial information entered is routed directly to the scammer.
Polymorphic virus
Polymorphic viruses are complex file infectors that change physical forms, yet retain the same basic routines, after every infection. Such viruses typically encrypt their codes during each infection, altering their physical file makeup by varying encryption keys every time.
Pop-up window
This technique uses a script that opens a legitimate Web site in the background, while a spoofed pop-up window, usually identical to the legitimate Web site, is opened in the foreground. In effect, this misleads the user into thinking that pop-up window is directly related to the official page. In some cases, the pop-up window covers a portion of a legitimate Web site. Popular applications that support macros (such as Microsoft Word and Microsoft Excel) are the most common platforms for this type of virus. These viruses are written in Visual Basic and are relatively easy to create. Macro viruses infect at different points during a file's use, for example, when it is opened, saved, closed, or deleted.
Port
A hardware location for passing data in and out of a computing device. Personal computers have various types of ports, including internal ports for connecting disk drives, monitors, and keyboards, as well as external ports, for connecting modems, printers, mice, and other peripherals. In TCP/IP and UDP networks, "port" is also the name of an endpoint to a logical connection. Port numbers identify types of ports. For example, both TCP and UDP use port 80 to transport HTTP data. A threat might attempt to enter using a particular TCP/IP port.
Portable executable (PE)
The Portable Executable format is the standard file format for executables, object code and Dynamic Link Libraries (DLLs) used in 32- and 64-bit versions of Windows operating systems. File infectors that infect these executables are detected by Trend Micro as PE_malwarename.
Proof-of-concept threat
A proof-of-concept threat is the earliest implementation of a threat and usually contains code that runs on new platforms and programs or takes advantage of newly discovered vulnerabilities.
Protocol
A set of rules enabling computers or devices to exchange data with one another with as few errors as possible. The rules govern issues such as error checking and data compression.
Proxy server
A proxy server is a server that sits between a client and a web server and represents itself to each end as being the other. It can be used in two ways:
Quarantined files
Trend Micro products can be configured to "quarantine" a file for possible later inspection. Files tagged for quarantine are encrypted and moved to a protected folder, preventing further execution and potential harm to the user's system. Each product has a Quarantine Manager where users can permanently delete or restore files from quarantine. Upon inspection of the stored files, an exception list (whitelist) option is provided to avoid false positive detection.
Ransomware
Ransomware is malicious software that encrypts the hard drive of the PC that it infects. The hacker then extorts money from the PC’s owner in exchange for decryption software to make the PC’s data usable again. Recent Web threats misuse this scripting language by injecting legitimate sites with JavaScripts that run automatically once the legitimate site loads. The commands typically run by these malicious JavaScripts include redirecting the browser to another page, loading another page, or downloading malicious files or components. Note that for pages compromised by malicious JavaScripts, there is no need for other user interaction apart from opening the browser to load the infected page.
Remote access programs/tools
Remote access programs and tools (sometimes referred to as RATs) allow access and manipulation of systems remotely from another location. Many remote access programs are legitimate tools used by all types of users to access files and data on remote computers. The same programs, however, can be used for malicious purposes. Malicious individuals can trick unsuspecting users into installing remote access programs, such as bots, on their machines,.
Rogue antivirus
Many recent malware threats use social engineering to disguise themselves as antivirus applications. Some of these are scams that try to rip off users directly, while others either have malicious routines themselves, or install other malware on the affected system.
Rootkit
A rootkit is a program (or collection of programs) that installs and executes code on a system without end user consent or knowledge. It uses stealth to maintain a persistent and undetectable presence on the machine. Rootkits do not infect machines malware, but rather, seek to provide an undetectable environment for malicious code to execute. Rootkits are installed on systems via social engineering, upon execution of malware, or simply by browsing a malicious website. Once installed, an attacker can perform virtually any function on the system to include remote access, eavesdropping, as well as hide processes, files, registry keys and communication channels.
SIS
Symbian Installation System (SIS) files serve as installers for Symbian programs that run on mobile phones. Users run these installers to install the associated program on their mobile phone while it is connected to their computer.
SMS (Short Message Service)
SMS is a feature in all modern mobile phone networks that allows users to send short text messages of limited length to other mobile phone users.
SMiShing
SMiShing refers to phishing attacks that involve the use of messages sent using the SMS (Short Message Service). False text messages are received by would-be victims, who in turn either reply directly or visit a phishing Web site.
SYS
System files, or SYS files in short, are files used either by a computer’s operating system or installed programs for various reasons. Some system files are small text files used to store settings; others are binary files that serve as drivers that allow hardware to be used by the system.
Scams and shams
See Hoax.
Scan engine
The scan engine, found in Trend Micro content security products, is a core program that works with the latest pattern file to protect users against all known threats. The latest scan engine naturally carries the most comprehensive protection capabilities, and users are advised to allow their products to automatically update to the latest scan engine. Visit the Update Center for the latest scan engine releases.
Script
Scripts are written code that are interpreted and implemented by another application. Malware authors have taken advantage of relative ease of producing scripts and have produced significant numbers of script-based malware - many of which are written using Visual Basic Script, JavaScript, and HTML.
Search Engine Optimization (SEO)
Search engine optimization (SEO) is the process of improving the volume and quality of traffic to a web site from search engines via "natural" ("organic" or "algorithmic") search results. Typically, the higher a site ranks in the search results, the more searchers will visit that site.
Social networking
Social networking sites are sites that allow users to build online communities, usually revolving around common interests and/or activities. Some items in the Grayware category have been linked to malicious activities, while others are used to provide users with targeted product information. The majority of grayware encompasses adware, data miners, dialers, hacking tools, joke programs, keyloggers, password cracking applications, remote access programs and spyware.
Spam
Spam is unwanted and unsolicited bulk email. Over 95% of all email today is spam.
Spear phishing
Spear phishing is a targeted form of phishing in which fraudulent emails target specific organizations in an effort to gain access to confidential information.
Spyware
Spyware is a program that monitors and gathers personal information and sends to a third party without the user’s knowledge or consent. Many users inadvertently install spyware when accepting the End User License Agreement (EULA) for certain free software.
Stealer
A stealer is a Trojan that gathers information from a system. The most common form of stealers are those that gather logon information, like usernames and passwords, and then send the information to another system either via email or over a network. Other stealers, called keyloggers, log user keystrokes which may reveal sensitive information.
Symbian malware
These malware types are designed to run specifically on mobile phones than run various versions of the Symbian operating system. They are not capable of running on normal Windows systems.
Threat
Threats are security issues that include the following: malware, grayware/adware, spyware, spam, phishing, and bots/botnets.
Trackware
Trackware is any software program that tracks system activity, gathers system information, or tracks user habits then relays this information to a third party. The information gathered is neither personally identifiable or confidential.
Trigger
A trigger is a system condition or date that sets off the payload of a specific threat. A trigger condition can be anything from the presence of certain file or a specific user action, such as the clicking of certain buttons. For example a trigger date could be a specific year, month, week, day, day of the week, hour, minute, or second, or a combination of any of these time points.
United States Computer Emergency Readiness Team (US-CERT)
Established in 2003, US-CERT is a partnership between the Department of Homeland Security and the public and private sectors, intended to coordinate the response to cyber attacks across the nation. US-CERT interacts with federal agencies, industry, the research community, state and local governments, and others to disseminate reasoned and actionable cyber security information to the public.
Urban legend
An urban legend is a form of modern folklore in which stories told are thought to be true but are likely untrue or distortions and exaggerations of the truth.. Nowadays urban legends are often spread via email.
Variant
Variants are new strains of malware that are modifications of a previous malware. Today’s cybercriminals continually modify malware in order to get as much mileage as possible from it.
Virus
A virus is a computer program that can copy itself and infect a computer without a user’s permission or knowledge. Virus types include:
Vishing
Vishing refers to phishing attacks that involve the use of voice calls, using either conventional phone systems or Voice over Internet Procotol (VoIP) systems.
Vulnerability
A vulnerability is a security weakness typically found in programs and operating systems leaving computing systems open to malware and hacker attack. When vulnerabilities are exposed, software vendors will provide fixes or patches for their products.
Website spoofing
Website spoofing is the creation of a replica of a trusted site with the intention of misleading visitors to a phishing site. Legitimate logos, fonts, colors and functionality are used to make the spoofed site look realistic.
Whale phishing
Whale phishing is a term used to describe a phishing attack that is specifically aimed at wealthier individuals. Because of their relative wealth, if such a user becomes the victim of a phishing attack he can be considered a “big phish,” or, alternately, a whale.
Whitelist
A whitelist is a list of accepted items in a set. This list is inclusionary, confirming that the item being analyzed is acceptable. It is the opposite of a blacklist which confirms that items are not acceptable. An email whitelist, for example, would allow only email from accepted addresses to be received.
Whitespace padding
This refers to a technique that is used by malware/grayware authors to disguise the real extension of a file. The name of a file is badded with unneeded spaces before the extension, so that in a fixed-width column this is no longer seen and a false extension is seen instead by the user,
Worm
A computer worm is a self-contained program (or set of programs) that is able to spread functional copies of itself or its segments to other computer systems. The propagation usually takes place via network connections or email attachments.
X
No entries
Y
No entries
Zero-day exploits
Zero-day exploits refer to software vulnerabilities that have been found in-the-wild before security researchers and software developers become aware of the threat. Because of this, they pose a higher risk to users than other vulnerabilities.
