Skip to content
SynAc
Browse

Terms

Alphabetical index of published term entries. Use the letter rail to jump.

  1. Valid AccountsUpdated Jan 06, 2026

    Adversaries may steal the credentials of a specific user or service account using credential access techniques. In some cases, default credentials for control system devices may be publicly available. Compromised credentials may be used to bypass access controls placed on various resources on hosts and within the network, and may even be used for persistent access to remote systems. Compromised and default credentials may also grant an adversary increased privilege to specific systems and devices or access to restricted areas of the network. Adversaries may choose not to use malware or tools, in conjunction with the legitimate access those credentials provide, to make it harder to detect their presence or to control devices and send legitimate commands in an unintended way.

  2. Video CaptureUpdated Jan 06, 2026

    An adversary can leverage a device’s cameras to gather information by capturing video recordings. Images may also be captured, potentially in specified intervals, in lieu of video files.

  3. VirtualizationUpdated Jan 06, 2026

    creating virtual representations of servers, storage, networks, and other physical machines

  4. Virtualization/Sandbox EvasionUpdated Jan 06, 2026

    Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors after checking for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware’s behavior to disengage from the victim or conceal the core functions of the payload. They may also search for VME artifacts before dropping further payloads. Adversaries may use the information learned from Virtualization/Sandbox Evasion during automated discovery to shape follow on behaviors.

  5. Virtualization SolutionUpdated Jan 06, 2026

    Adversaries may carry out malicious operations using virtualization solutions to escape from Android sandboxes and to avoid detection. Android uses sandboxes to separate resources and code execution between applications and the operating system.(Citation: Android Application Sandbox) There are a few virtualization solutions available on Android, such as the Android Virtualization Framework (AVF).(Citation: Android AVF Overview)

  6. virusUpdated Jan 06, 2026

    A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.

  7. vishingUpdated Jan 06, 2026

    a hacking technique of defrauding target's over the phone, enticing them to divulge sensitive information

  8. vulnerabilityUpdated Jan 06, 2026

    A characteristic or specific weakness that renders an organization or asset (such as information or an information system) open to exploitation by a given threat or susceptible to a given hazard.

  9. vulnerability assessment and managementUpdated Jan 06, 2026

    In the NICE Framework, cybersecurity work where a person: Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non operational situations.