man-in-the-middle attack
Active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them. The victims thus believe they are communicating directly with one another, but in...
MASINT) Measurement and signature intelligence
Information produced by quantitative and qualitative analysis of physical attributes of targets and events to characterize, locate, and identify targets and events, and derived from specialized, technically derived measurements of...
Metasploit framework
An open-source tool for developing and executing exploit code against a remote target machine.
MFA prompt bombing
The practice of sending a high volume of spamming multifactor authentication (MFA) login attempts to an account until the account’s owner accepts the MFA prompt out of desperation, wishing to...
Microsegmentation
A zero-trust security technique that isolates application workloads from one another in a way that allows each to be protected individually.
Mitigation
Reducing risks or effects. In the context of cyber security, reducing the risk or effect of a cyber attack.
MITRE ATT&CK
MITRE ATT&CK® is a knowledge base of adversary tactics and techniques. Established and maintained by the MITRE Corporation, a US not-for-profit best known for managing research and development programs, ATT&CK...
Monte Carlo simulation
A probability simulation technique used to understand the impact of risk and uncertainty in complex problems. The technique builds models of possible results by running a large number of trials...