The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1


This term was once used to describe a clever programmer. In recent years, this term has been applied to those who exploit security vulnerabilities to try and break into a computer system. Originally, those who break into computer systems (for malicious purposes or as a challenge) were known as ‘crackers’.


The term hardware refers to the physical components of a computer (system unit, monitor, keyboard, mouse, etc.).

Heuristic analysis

The word heuristic is derived from the Greek ‘to discover’ and refers to a learning method based on speculation or guess-work, rather than a fixed algorithm. In the anti-virus world, heuristic analysis involves using non-specific detection methods to find new, unknown malware.

The technique, which has been in use for many years, involves inspecting the code in a file (or other object) to see if it contains virus-like instructions. If the number of virus-like instructions crosses a pre-defined threshold, the file is flagged as a possible virus and the customer is asked to send a sample for further analysis. Heuristic analysis has been refined over the years and has brought positive results in detecting many new threats.

Of course, if heuristics aren’t tuned carefully, there’s a risk of false positives. That’s why most anti-virus vendors using heuristics reduce their sensitivity to minimize the risk of false alarms. And many vendors disable heuristics by default.

A further drawback is that heuristics is 'find-only'. In order to clean, it’s necessary to know what specific changes the malware has made to the affected object.

Extensive use of heuristic analysis is also made in anti-spam solutions, to highlight those characteristics of an e-mail message that are spam-like.


Hexadecimal (or ‘hex’ for short) refers to the counting of numbers in base-16, in which there are 16 sequential digits in each unit. Since our standard decimal counting system only goes as far as 9 before we have to switch to another unit, hexadecimal is represented using the numbers 0-9 and the letters A-F. The following table provides a few examples of how decimal numbers ‘translate’ into hexadecimal.

Hexadecimal is often used by low-level programmers since it makes it easier to represent the binary numbers used at machine level (when debugging a program, or examining sectors on a disk using a sector editor, for example). A byte contains eight bits (binary digits), but the same eight bits can be represented using just two hexadecimal numbers.


A hoax is a fake warning about a virus or other piece of malicious code. Typically a hoax takes the form of an e-mail message warning the reader of a dangerous new virus and suggesting that the reader pass the message on. Hoaxes cause no damage in themselves, but their distribution by well-meaning users often causes fear and uncertainty.

Most anti-virus vendors include hoax information on their web sites and it is always advisable to check before forwarding warning messages.

Hosts file

The hosts file is a sort of ‘mini DNS server’ on every Microsoft® Windows® system. When a user types a URL into the web browser, the browser checks the local hosts file to see if the requested domain name is listed there, before it looks for a DNS server. This is very efficient: if the web browser finds a match in the hosts file, it doesn’t need to go looking on the Internet for a DNS server.

Unfortunately, writers of malicious code, ‘spyware’ or phishing scams can tamper with the data stored in the hosts file. For example, a malware author might re-direct all search requests (through Google, Yahoo, etc.) simply by editing the hosts file: listing these domain names but matching them to the IP address of a web site containing malicious code. Or a worm might prevent anti-virus programs from updating themselves by matching anti-virus domain names in the hosts file to the IP address of the victim machine.

Hot spot

Synonyms: Wireless access point

A hot spot provides access to a wireless network. Hot spots are now common in businesses, homes, hotels, airports and even fast food outlets.

HTML [Hypertext Markup Language]

HTML comprises the set of codes used in a file that enables specified data (also known generically as ‘web content’) to be displayed on a web page. These codes (also known as ‘tags’) specify how a web browser should display text, graphics, video and sound. In general, web browser developers adhere to the standard set by the World Wide Web Consortium [W3C], although some also make use of additional codes.

HTTP [Hypertext Transfer Protocol]

HTTP is the protocol used for transferring data (including text, graphics, video and sound) across the World Wide Web. This data is stored in web pages, on a web server. When an HTTP request is sent to the server from a web browser, the server delivers the data (also known generically as ‘web content’) to the requesting computer. The request for data is made by typing the URL into the web browser, or by clicking on a hyperlink (or link for short): this link may be specified on a web page or in a piece of text in a document, spreadsheet, etc. The URL forms the address of the content on the Internet.