attacks - Concepts
Explore concepts tagged with "attacks"
Total concepts: 24
Concepts
- Watering Hole Attack - An attack that compromises websites frequently visited by a target group to infect their systems.
- Man-in-the-Middle Attack - An attack where the attacker secretly intercepts and potentially alters communication between two parties
- Social Engineering - Psychological manipulation of people into performing actions or divulging confidential information.
- Business Email Compromise - A sophisticated scam targeting businesses to trick employees into transferring money or sensitive data.
- Phishing - Fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity in electronic communications.
- Typosquatting - Registering domains with common misspellings of popular websites to deceive users into visiting malicious sites.
- SQL Injection - An attack that inserts malicious SQL code into application queries to manipulate databases
- Vishing - Voice phishing - using phone calls to deceive victims into revealing sensitive information or taking harmful actions.
- Whaling - Phishing attacks specifically targeting high-profile executives, senior management, and other 'big fish' in organizations.
- DDoS Attack - An attack that overwhelms systems with traffic from multiple sources to make services unavailable
- Session Hijacking - An attack that takes over a user's active session to gain unauthorized access to systems or data.
- Brute Force Attack - An attack method that systematically tries all possible combinations to crack passwords or encryption
- Smishing - SMS phishing - using text messages to trick victims into clicking malicious links or revealing sensitive information.
- Drive-by Download - Unintentional download of malware simply by visiting a compromised or malicious website.
- Credential Stuffing - An attack using stolen username/password pairs from data breaches to access accounts on other services
- Advanced Persistent Threat - A prolonged, targeted cyberattack where intruders gain access and remain undetected for extended periods.
- Pretexting - Creating a fabricated scenario or false identity to manipulate victims into providing information or access.
- Cross-Site Request Forgery - An attack that tricks users into performing unwanted actions on websites where they're authenticated
- Cross-Site Scripting - An attack that injects malicious scripts into web pages viewed by other users
- Quishing - QR code phishing - using malicious QR codes to redirect victims to phishing websites or trigger harmful actions.
- Spear Phishing - Targeted phishing attacks directed at specific individuals or organizations using personalized information.
- Privilege Escalation - Exploiting vulnerabilities to gain higher access levels than originally authorized.
- DNS Spoofing - An attack that corrupts DNS data to redirect users to malicious websites without their knowledge.
- Supply Chain Attack - An attack that targets less-secure elements in the supply chain to compromise the final product or service
← Back to all concepts