Cyber Security Acronyms (L)

LAMP.   Linux, Apache, MySQL, and PHP.   An open source software stack that serves as one of the most commonly used Web development platforms in the world. The acronymn spells out the four core software tools in the platform:

1. Linux: operating system
2. Apache: web server
3. MySQL: relational database management system
4. PHP (or Perl or Python): object-oriented scripting language

LAN.   Local Area Network.   A group of inter-connected computers within a localised area that are linked via Wi-FI or TCP/IP ethernet.

LDAP.   Lightweight Directory Access Protocol.   A open-standard application protocol used to quickly  locate and access centrally stored information within a network.

LE.   Let’s Encrypt.   A certification authority owned by the nonprofit Internet Security Research Group that focuses on internet security and provides certificates for TLS (Transport Layer Security) encryption for free.

LFI.   Local File Inclusion.   A cyber attack method where a web application gets manipulated into carrying out the manner by which a threat actor intends to run local files that are stored in the target server. LFI can expose sensitive data, enable cross-site scripting, and allow remote code execution.

LKM.   Loadable Kernel Modules.   An object file containing code that extends the base (or running) kernel. LKMs can serve as device drivers for hardware or add support for file systems.

LLMNR.   Link-Local Multicast Name Resolution.   A DNS-based protocol that allows Internet host servers to perform name resolution on the same local link. This protocol is vulnerable to adversaries who can simulate an authorative source for name resolution in a targeted  network, thereby poisoning the system by diverting data traffic into the spoofed service they control.

LM.  LAN Manager.   A network operating system developed by Microsoft and 3Com that has been discontinued. It was succeeded by the Windows New Technology Lan Manager (NTLM) which is also considered outdated due to known vulnerabilities related to its password hashing and salting processes.

LOIC.   Low Orbit Ion Cannon.  An open source tool for launching Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks.

LPA.   Least Privilege Access.   A concept, principle, and practice in IT security wherein access rights or permissions for systems, applications, accounts, and users are granted at the minimum level or tier necessary to perform only their authorised or legitimate functions. LPA helps ensure that no system, application, account, group, or user has permission to access any resource or perform any activity beyond those that are needed to accomplish legitimate tasks.

LPE.   Local Privilege Escalation.   The exploitation of a software bug, network vulnerability, system flaw, or configuration oversight by an entity within the targeted system or network (often a malicious insider), to gain incrementally rising levels of unauthorised access rights to typically protected resources.

LSASS.   Local Security Authority Subsystem Service.   A process in Windows operating systems that enforces the security policy on the system. LSASS verifies user logins, manages password changes, creates access tokens, and updates the security log.  A number of security vulnerabilities has been ascribed to LSASS.

LTE.   Long-Term Evolution.   A fourth-generation standard for wireless communications finalised in 2008 and offered as a service to the public in 2009. Compared to 3G, its predecessor technology, LTE  provided increased capacity and speed for cellular networks.

LTS.   Long-Term Support.   A support policy for a highly stable software edition (typically of an open source application or operating system) that extends beyond the support period typically granted to the standard edition. Long-term support entails the guaranteed provision of security, features, and maintenance updates for comparatively longer durations of time.