Page tree

Contents

Magnitude EK (Magnitude Exploit Kit): An exploit kit delivered by a drive-by malware dropper. First noted in October 2013, when it was used as an attack on visitors to PHP.net.

Malvertising: Advertising that delivers malware to the end user. Threat actors co-opt legitimate advertising services to push malware through advertisements on websites. Because of the growing ubiquity of online advertising being able to end-run around advertiser's security standards allows for the widespread distribution of malware to end-users. Users will have a seemingly normal pop-up or banner advertisement appear on a web page with an intriguing lead. However, by clicking on the advertisement they receive a file download. Running the file activates the malware.

Malspam: Spam that delivers malware. Spam, being considered an email only form of wasteful advertising, has been used as a successful vector for malware delivery. See: Spamming

McColo: A San Jose (California) based "bullet proof hosting" ISP. Shutdown in November 2008, suspected of having dealings with the Russian Business Network.

Mebroot: A rootkit that attacks the Master Boot Record to bypass securities and allows itself to embed further than normal into a host machine.

Messaging Spam (or SPIM): a type of Spam endemic to Instant Messenger, SMS, or other private electronic messaging services.

Metadata: Data that can be collected to build a profile on a given individual; it is "data about data." Examples of metadata are phone records, IP logs, EXIF data, and others. These can be combined with forensics techniques to build up profiles, and with extreme granularity, even identify unique individuals based on their day-to-day movements, verbal tics, writing styles, even coding styles.

MI5: Her majesty's Security Service, the UK's counter-intelligence and security agency. 

MI6 (SIS): Her majesty's Secret Intelligence Service (or Military Intelligence, Section 6), the British intelligence agency that provides the British Government with foreign intelligence.

MI8:

  • Military Intelligence, Section 8, a British Military Intelligence group specializing in signals intelligence created in 1914. Originally covered four areas:
    • MI8(a) covered wireless (radio) policy
    • MI8(b) covered the General Post (mail)
    • MI8(c) covered Intelligence derived from censorship
    • MI8(d) covered covered cable (telegram) companies
  • Military Intelligence, Section 8, US Government intelligence group, precursor to the NSA. Founded 28/4/1917 also known as the Cipher Bureau and Military Intelligence Branch, Section 8, and as the Code Compilation Company.

Mirai: A botnet targeted at IoT devices. Internet connected devices are attacked and infected with the Mirai malware. This allows the device to be used as part of a collective of devices to perform DDoS attacks against victim computers.

MITB (Man-In-The-Browser): Similar to MITM attacks, MITB attacks rely on compromising a user’s web browser(s) in order to capture sensitive data and send it to an external host at an opportune moment.

MITM (Man-In-The-Middle): A type of attack where a third party server (for instance a router between a client and host) is compromised to capture data and spoof the output to fool the network under attack into revealing its secrets.

Mobile Phone Spam: A form of spam directed at mobile phones.

Money Mule (or smurfer): a person who transfers money acquired illegally through a courier service, or electronically, for others.

Money Laundering: The process of transforming the proceeds of a crime into legitimate money (may or may not be part of being a Money Mule.)