There ought to be words for these things . . . and now there are. How many examples do you see in your work each day?
Over the course of hundreds of penetration tests, red team assessments, and incident responses, we’ve encountered situations that left us without words. So, rather than just stand around speechless, we decided to create some new verbiage to fill in the blanks. See if you find any of these appropriate around your office or within your company.
- Againstigation. uh-gain-stuh-GAY-shun. n. Studying the root causes of a large-scale breach even though the same basic tactics have been used repeatedly and the underlying problems remain.
- Backoops. BACK-oopz. n. The act of deploying a secure backup solution after sensitive company data has been encrypted by ransomware.
- Breacher’s pet. BREE-churz-pet. n. Anyone who leaves helpful notes with usernames and passwords on sticky notes attached to their monitor.
- Chivalregret. SHIV-ul-ree-gret. n. The realization that a person for whom you’ve politely opened a door was actually a hacker who has now owned your network.
- Clickmate. KLIK-mate. n. The moment when a hacker realizes a phishing campaign has captured the credentials of a network administrator.
- Cyberchosis. si-bur-KO-sus. n. Delusional state that causes business owners to imagine they live in a world where hackers only attack other companies.
- Duhpgrades. DUP-gradez. n. A series of long-overlooked and time-consuming upgrades that must be completed before a critical software patch can be installed.
- Homepwnrship. HOME-PONE-er-ship. n. Taking over a corporate network by first hacking a remote worker who fails to follow proper security protocols.
- Pastword. PAST-werd. n. 1) A password in use on multiple sites. 2) Any password that remains in use after a site where it is used has been hacked.
- Pen-guesting. PIN-guess-ting. v. Using visitor login information to access sensitive data improperly secured on a company network.
- Premiscuity. pri-miss-KEW-e-tee. n. Allowing an unknown person or persons into secure areas of a facility.
- Ransomdare. RAN-sum-dair. v. To passively invite a cyberattack by refusing to provide cybersecurity training, allowing poor password hygiene, and failing to employ secure backup.
Do you have any terms you’d like to add to our list? If so, visit us on Facebook, LinkedIn, Twitter, or Instagram and leave us a message. Better yet, share this post and bring your friends in on the fun.
If you’d like to learn about cybersecurity terms we didn’t just make up, visit our glossary.
Bonnie Smyre
About The Exploit Blog
The Exploit is written by Raxis penetration testers. Every post is a technical writeup from someone who runs engagements for a living, with code, command output, and the reasoning behind each step. Topics include exploit research, vulnerability disclosure, tool development, and the offensive techniques showing up in current client work.
Search The Exploit Blog
Raxis Discovered Vulnerabilities
View the CVEs and bugs that Raxis pentesters have uncovered and submitted.
Tested by the People Who Wrote This Blog Post
The engineers behind these posts run real engagements every week. Put them on your network, web apps, APIs, or cloud and see what an attacker would find first.
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis Discovered Vulnerabilities
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless
