N2K Networks

Word Notes

A fun and informative cybersecurity audio glossary from N2K.

Author

N2K Networks

Category

Technology

Podcast website

thecyberwire.com

Latest episode

Jul 7, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Encore: smishing (SMS phishing) (noun) 30.01.2024

From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phish...

Encore: port mirroring (noun) 23.01.2024

A network switch configuration setting that forwards a copy of each incoming and outgoing packet to a third switch port. Also known as SPAN or Switched Port Analyzer, RAP or Roving Analysis Port, and TAP or Test Access Point. When network managers and security investigators want to capture packets for analysis, they need some sort of generic TAP or Test Access Point. You can buy specialized equipm...

Encore: Network Detection and Response (NDR) (noun) 16.01.2024

NDR tools provide anomaly detection and potential attack prevention by collecting telemetry across the entire intrusion kill chain on transactions across the network, between servers, hosts, and cloud-workloads, and running machine learning algorithms against this compiled and very large data set. NDR is an extension of the EDR, or endpoint detection and response idea that emerged in 2013.  Learn...

Encore: shadow IT (noun) 09.01.2024

Technology, software and hardware deployed without explicit organizational approval. In the early days of the computer era from the 1980s through the 2000s security and information system practitioners considered shadow IT as completely negative. Those unauthorized systems were nothing more than a hindrance that created more technical debt in organizations that were already swimming in it with the...

chaos engineering (noun) 19.12.2023

The resilience discipline of controlled stress test experimentation in continuous integration/continuous delivery environments, CI/CD environments, to uncover systemic weaknesses. CyberWire Glossary link: https://thecyberwire.com/glossary/chaos-engineering Audio reference link: Farnam Street, 2009. Richard Feynman Teaches you the Scientific Method [Website]. Farnam Street. URL https://fs.blog/ment...

Encore: remote access Trojan or RAT (noun) 12.12.2023

From the intrusion kill chain model, a program that provides command and control services for an attack campaign. While the first ever deployed RAT is unknown, one early example is Back Orifice made famous by the notorious hacktivist group called “The Cult of the Dead Cow,” or cDc, Back Orifice was written by the hacker, Sir Dystic AKA Josh Bookbinder and released to the public at DEFCON in 1998....

zero knowledge proof (noun) 05.12.2023

A mathematical method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true. CyberWire Glossary link: https://thecyberwire.com/glossary/zero-knowledge-proof Audio reference link: Staff, 2022. Zero Knowledge Proofs [Video]. YouTube. URL https://www.youtube.com/watch...

Encore: business email compromise or BEC (noun) 28.11.2023

A social engineering scam where fraudsters spoof an email message from a trusted company officer that directs a staff member to transfer funds to an account controlled by the criminal.  Learn more about your ad choices. Visit megaphone.fm/adchoices

HIPAA (noun) 21.11.2023

A U.S. law designed to improve the portability and accountability of health insurance coverage. CyberWire Glossary link: https://thecyberwire.com/glossary/hipaa Audio reference link: Dr. Dana Brems, 2021. Doctor reacts to “HIPAA violations” [Video]. YouTube. URL https://www.youtube.com/shorts/Ksk00s8a_IU Learn more about your ad choices. Visit megaphone.fm/adchoices

Encore: man trap (noun) 14.11.2023

A physical security access control device consisting of an enclosed hallway with interlocking doors on each end where both doors can’t be open at the same time. A person presents credentials to the entry doorway. If authorized, the entry door opens and the person walks into the mantrap. The man trap exit door will not open until the entry door closes. The person presents credentials to the exit do...

Common Vulnerability Scoring System (CVSS) (noun) 07.11.2023

A qualitative public framework for rating the severity of security vulnerabilities in software. CyberWire Glossary link: https://thecyberwire.com/glossary/common-vulnerability-scoring-system Audio reference link: Peter Silva, 2020. What is Common Vulnerability Scoring System (CVSS) [Video]. YouTube. URL https://www.youtube.com/watch?v=rR63F_lfKf0 Learn more about your ad choices. Visit megaphone.f...

Encore: anagram (noun) 31.10.2023

A word, phrase, or sentence formed from another by rearranging its letters. For example, cracking a columnar transposition cipher by hand involves looking for anagrams. Learn more about your ad choices. Visit megaphone.fm/adchoices

Encore: zero-day (adjective) 24.10.2023

A class of software-security-weakness-issues where independent researchers discover a software flaw before the owners of the code discover it. Zero-day, or 0-day in hacker slang, refers to the moment the race starts, on day zero, between network defenders who are trying to fix the flaw before hackers leverage it to cause damage. It is a race because on day zero, there is no known fix to the issue....

extended detection response (XDR) (noun) 17.10.2023

A unified security incident detection and response platform that connects to multiple tools in the security stack via APIs, collects telemetry from each, and attempts to correlate that telemetry into a coherent threat picture. CyberWire Glossary link: https://thecyberwire.com/glossary/extended-detection-and-response Audio reference link: Film Major. 2022. Enemy of the State (1998) Faraday Cage HD...

Encore: social engineering (noun) 10.10.2023

The art of convincing a person or persons to take an action that may or may not be in their best interests. Social engineering in some form or the other has been around since the beginning of time. The biblical story of Esau and Jacob might be considered one of the earliest written social engineering stories. As applied to cybersecurity, it usually involves hackers obtaining information illegitima...

joint cyber defense collaborative (JCDC) (noun) 03.10.2023

A cyber information-sharing U.S. Government organization designed to foster the public-private partnership. CyberWire Glossary link: https://thecyberwire.com/glossary/joint-cyber-defense-collaborative Audio reference link: Jen Easterly. 2021. CISA Director Addresses the National Technology Security Coalition [Video]. YouTube. URL https://www.youtube.com/watch?v=ucb1FQXqsao Learn more about your ad...

Encore: penetration test (noun) 26.09.2023

The process of evaluating the security of a system or network by simulating an attack on it. Sometimes called "ethical hacking" or white hat hacking. The phrase started to appear in U.S. military circles in the mid 1960s as time sharing computers became more necessary for daily operations. Computer security experts from Rand Corporation began describing computer compromises as “penetrations.” By t...

Cloud Security Posture Management (CSPM) (noun) 19.09.2023

Tools that automate the identification and remediation of cloud misconfigurations.  CyberWire Glossary link: https://thecyberwire.com/glossary/cloud-security-posture-management Audio reference link: Josh Whedon. 2005. Serenity [Movie]. IMDb. URL https://www.imdb.com/title/tt0379786/ Learn more about your ad choices. Visit megaphone.fm/adchoices

Encore: The Bombe (noun) 12.09.2023

An electro-mechanical device used to break Enigma-enciphered messages about enemy military operations during the Second World War. The first bombe–named Victory and designed by Alan Turning and Gordon Welchman– started code-breaking at Bletchley Park on 14 March 1940, a year after WWII began. By the end of the war, five years later, almost 2000, mostly women, sailors and airmen operated 211 bombe...

single sign-on (SSO) (noun) 05.09.2023

A session and user authentication Zero Trust tactic that allows a user to access multiple applications with one set of login credentials. CyberWire Glossary link: https://thecyberwire.com/glossary/single-sign-on Audio reference link: English, J., 2020. What is Single Sign-On (SSO)? SSO Benefits and Risks [Video]. YouTube. URL https://www.youtube.com/watch?v=YvHmP2WyBVY Learn more about your ad cho...

Encore: cross-site scripting (noun) 29.08.2023

From the intrusion kill chain model, a malicious code delivery technique that allows hackers to send code of their choosing to their victim’s browser. XSS takes advantage of the fact that roughly 90% of web developers use the JavaScript scripting language to create dynamic content on their websites. Through various methods, hackers store their own malicious javascript code on unprotected websites....

Encore: credential stealing (verb) 22.08.2023

From the intrusion kill chain model, the first part of an exploitation technique where the hacker tricks their victims into revealing their login credentials. In the second part of the technique, hackers legitimately log into the targeted system and gain access to the underlying network with the same permissions as the victim. Hackers use this method 80% of the time compared to other ways to gain...

two-factor authentication (noun) 15.08.2023

An authentication process that requires two different factors before granting access. CyberWire Glossary link: https://thecyberwire.com/glossary/two-factor-authentication Learn more about your ad choices. Visit megaphone.fm/adchoices

Encore: phishing (verb) 08.08.2023

From the intrusion kill chain model, the delivery of a “lure” to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. According to Knowbe4, the word “phishing” first appeared in a Usenet newsgroup called AOHell in 1996 and some of the very first phishing attacks used AOL Instant Messenger to deliver fake m...

iCloud keychain (noun) 01.08.2023

A cloud based sensitive information management system that allows users access across multiple devices. CyberWire Glossary link: https://thecyberwire.com/glossary/icloud-keychain Audio reference link: Ellen’s Tips For iOS, 2022. How To Master iCloud Keychain to Keep Your Passwords Safe and Secure [Video]. YouTube. https://www.youtube.com/watch?v=Tl3E29iUvgE  Learn more about your ad choices. Visit...

Listen to the Word Notes podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.