Deceptive software that collects private or confidential information from a computer user.
- NOTE Information can include matters such as websites most frequently visited or more sensitive information such as passwords.
Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global Standards
Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner.
SP 800-53 Rev 4.
Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards