Wiretrap Trojan

What does Wiretap Trojan mean?

A wiretap Trojan is a type of Trojan virus which records VoIP calls and IM conversations. In the case of VoIP calls such as Skype, the audio data is captured before it can be encrypted and sent over the Internet, and then saved as an MP3 file locally on the infected computer. The messages from an IM application can also be saved to a kind of text file before being encrypted and sent online. The Trojan includes a backdoor to allow the hacker to retrieve the saved files or the Trojan can simply send it to an anonymous address.

Wiretap Trojans are infamous for being used by hackers and government authorities alike since wiretapping, according to government authorities, helps ensure national safety by providing clear intelligence that they can act on immediately if the need calls for it. A wiretap Trojan is like any other Trojan in terms of the way it infects and runs on a host computer, the only difference is its function.

Continue reading



What does Three-Way-Handshake mean?

A three-way-handshake is a method used in a TCP/IP network to create a connection between a local host/client and server. It is a three-step method that requires both the client and server to exchange SYN and ACK (acknowledgment) packets before actual data communication begins.

A three-way-handshake is also known as a TCP handshake.

A three-way-handshake is primarily used to create a TCP socket connection. It works when:

Continue reading

Open Web Application Security Project

What does Open Web Application Security Project (OWASP) mean?

The Open Web Application Security Project (OWASP) is a 501(c)(3) nonprofit founded in 2001 with the goal of improving security for software applications and products. A community project, OWASP involves different types of initiatives such as incubator projects, laboratory projects and flagship projects intended to evolve the software process.

OWASP represents one of a number of vanguard groups working with government agencies and other parties to improve digital technology standards for enterprise and public use. Working on a kind of open source or “crowdsourced” model, OWASP offers a range of community projects aimed at helping others to use technology more safely and effectively. Some projects under this group’s aegis include a Software Assurance Maturity Model (SAMM), as well as development and testing guides that provide best practices for tech industries. OWASP has also developed a code review guide used by IT professionals to look at source code issues and an application code verification standard. Yet another type of project development OWASP is doing involves learning projects. For instance, the group’s “WebGoat” project consists of deliberately insecure tech structures that serve as a kind of training ground for IT people to pursue trial and error research into how to make technologies more secure.

GameOver ZeuS

What does GameOver ZeuS (GOZ) mean?

GameOver ZeuS (GOZ) is a peer-to-peer botnet malware that is an evolution of the earlier ZeuS Trojan and uses encrypted peer-to-peer communication between its nodes and command and control servers, which its predecessor did not have, making it more elusive to law enforcement detection operations. Like the original ZeuS Trojan, GOZ is used to steal financial information so that the cybercriminal is able to make illegal withdrawals of funds from businesses and individuals through various financial institutions.

GameOver ZeuS is an evolution of the original ZeuS Trojan; hence, it has more powerful features and better evasion methods against detection. This comes in the form of an encrypted peer-to-peer architecture for communication, which makes it more difficult to track and trace since it cannot be immediately tracked to a central operation server, making it very difficult to shut down the cybercriminal’s activities. Another new capability is the ability to initiate a denial-of-service attack through the created botnet. This capability often requires an entirely different type of Trojan, but, in this case, it is built into GOZ.

Continue reading

Security Architecture

What does Security Architecture mean?

Security architecture is a unified security design that addresses the necessities and potential risks involved in a certain scenario or environment. It also specifies when and where to apply security controls. The design process is generally reproducible.

In security architecture, the design principles are reported clearly, and in-depth security control specifications are generally documented in independent documents. System architecture can be considered a design that includes a structure and addresses the connection between the components of that structure.

The key attributes of security architecture are as follows:

Continue reading

Zeus Trojan

What does Zeus Trojan (Zbot) mean?

The Zeus Trojan is a kind of Trojan that infects Windows-based computers and steals banking and financial information. When it infects a computer, it looks for personal data such as email usernames and passwords as well as online financial and banking records associated with the personal information. The data are then sent to remote servers and then collected by the hacker who can then proceed to commit financial fraud by using the stolen information.

The Zeus Trojan is also known as Zbot.

The Zeus Trojan is used by hackers to steal information relating to online banking. The stolen information is then sent to remote servers controlled by the hackers, who then use it to log on to the victims’ accounts to make unauthorized (however, in this case, the system sees the transaction as authorized because of correct log-in information) money transfers to various hidden accounts and “money mules” to hide the electronic trail and make it hard for authorities to determine exactly where the money went.

Continue reading

Network Performance Test

What does Network Performance Test mean?

A network performance test is any process that is used to quantitatively or qualitatively measure the performance of a computer network.

It tests for and records certain behaviors and processes of networks that, when combined, define the network performance and/or quality of service.

A network performance test primarily tests the uplink and downlink speed of a network. It defines how quick and responsive a network is to user/data communication. It is done by uploading and downloading a data object from the network and measuring both upload and download speeds, throughput, successful message delivery rate and more. Some of the different types of network performance tests include:

  • Download/upload speed test
  • Penetration test (security)
  • Network load test

Continue reading


What does Cocooning mean?

Cocooning is the term used when a person isolates or hides him or herself from the normal social environment and instead opts to stay home and socialize less and less. This behavior is usually exhibited when one perceives the social environment as disturbing, unfavorable, unsafe or even unwelcome. The rapid innovation and growth of technology contributed to an increase in individuals who are cocooning themselves in their homes and choosing to socialize over the Internet rather than through normal human interaction. Because communication and entertainment technology are very prolific and can be found anywhere inside the house in many forms, more and more people are living in physical isolation.

This term was popularized by a marketing consultant and writer named Faith Popcorn in the 1990s. She explained that there are three different types of cocoon: the socialized cocoon, the armored cocoon and the wandering cocoon. The socialized cocoon is one that provides the privacy of the home along with the ability to socialize through cell phones and other media, while an armored cocoon establishes an invisible barrier to protect a person from threats from the outside, such as network firewalls and surveillance cameras. A wandering cocoon, on the other hand, is one that travels but provides a technological barrier that protects a person from the environment, such as jogging with headphones in order to create a private world of sounds and an excuse to ignore other people. People often use smartphones in this way as well.

Continue reading


What does Alureon mean?

Alureon is a Trojan, rootkit and botnet that is designed specifically to intercept network traffic and extract sensitive and confidential information from it, enabling the attacker to steal information transmitted over a network connection.

Alureon is also known as TDSS and TDL-4.

Alureon is a Trojan primarily used for data theft and online fraud. In addition to stealing confidential data, Alureon can also corrupt and delete important files on a computer. Furthermore, it can restrict Windows Update and prevent anti-virus software from running. Alureon usually searches for usernames, passwords, credit card information and other confidential information within a network’s traffic.

Alureon mainly affects Microsoft Windows-based computer systems. Typically, Alureon enters a system by being bundled and delivered with a compromised copy of Windows Security Essentials software. Once the software is installed, the Alureon Trojan first takes over the printer spooler service and then changes the master boot record to its preferred routine. Computer systems infected with Alureon were confronted with BSoD and system crashes, specifically when installing security update MS 10-015 on Windows systems.


What does Netwar mean?

A netwar is a form of low-intensity conflict that is waged by netizens, or people on the Internet (referred hereafter as networked actors), which include criminal organizations, transnational terrorists, social movement groups and activist groups.

The war is waged through decentralized and flexible network structures. It essentially refers to the conflict being waged over the Internet and networked systems such as information mobilization, hackings and counter-hackings, and, to a lesser extent, even very simple heated arguments over random topics between groups or cells.

Netwar is a concept unique to the Internet and information technology industry as a whole. It was introduced in the early 1990s by RAND Corporation, a US government-funded think-tank. The essence of netwar is the emerging forms of conflict in which the participants (i.e., networked actors) are made up of scattered groups and networks rather than of a cohesive institution whose main aim is to use knowledge, understanding and information in order to achieve a goal rather than to explicitly control physical resources and territory, which characterizes traditional wars.

Continue reading