Malicious software designed to harm computer systems or gain unauthorized access. - Malware, Programs that replicate and attach to legitimate files. - Viruses, Self-replicating malware that spreads through networks without user interaction. - Worms, Malware disguised as legitimate software. - Trojan Horses, Tricking individuals into revealing sensitive information by posing as a trustworthy entity via messaging. - Phishing, Flood a system or network with excessive traffic making the system unavailable. - Denial of Service (DoS), Use multiple sources to flood a system or network with excessive traffic causing it to become unavailable. - Distributed Denial-of-Service (DDoS), Attacker intercepts communication between two parties. - Man in the Middle, Exploits vulnerabilities in web applications' input fields. - SQL Injection, Target vulnerabilities not yet known to the vendor. - Zero-Day Exploits, Sophisticated and stealthy cyber-attacks targeting specific organizations or individuals. - Advanced Persistent Threats, Employees or trusted individuals who misuse their access to cause harm (intentionally or inadvertently) - Insider Threats, Manipulate individuals into revealing information, often through psychological manipulation. - Social Engineering, Attempt to gain access by trying all possible combinations of usernames and passwords until the correct one is found. - Brute Force Attacks, Using automated tools to try large sets of stolen username and password combinations on various websites. (Exploits users who use the same credentials for multiple sites). - Credential Stuffing, Target specific groups by infecting websites frequently visited by target group. - Watering Hole Attacks, Leveraging legitimate system tools or exploiting vulnerabilities in memory to execute code without leaving traditional file traces. - Fileless Attacks, Employees or individuals with access to sensitive data who intentionally steal, leak, or sell the information. - Insider Data Theft, Targets device exploit vulnerabilities in connected devices. - IoT- Based Attacks, Redirects website traffic to fraudulent websites. (Exploits DNS vulnerabilities). Looks identical to the legitimate site. - Pharming, Authorized individual intentionally alters data, usually for fraud or sabotage. - Insider Data Manipulation, Interception and Monitoring of network traffic. Used to capture and analyze data packets. - Eavesdropping (Sniffing), Recording and monitoring keystrokes to capture sensitive information entered by the user. - Keylogging (Keystroke Logging), Hijacking computing resources to mine cryptocurrencies leading to reduced system performance. - Cryptojacking, Encyrpting victim's files or data, making it inaccessible. Usually requires a ransom to be paid. - File Encryption Attacks, Automated programs that perform various tasks. - Bots, Network of compromised computers (zombies) controlled by a single entity. Can be used for DDoS, spam distribution, or stealing data. - Botnets, Inject malicious scripts into webpages viewed by other users to execute actions in the victim's browser. - Cross-Site Scripting (XXS), Tricks users into unknowingly performing actions on a trusted website that they did not intend to do. Causes unauthorized transactions or data manipulation. - Cross-Site Request Forgery (CSRF), Targets software or hardware vulnerabilities, introducing malicious components into products for a widespread compromise of systems. - Supply Chain Attacks, Tricks users into providing credentials on a fake log-in page resembling legitimate websites. - Credential Phishing, Registering domain names with slight misspellings. - URL Hijacking (Typosquatting), Distributing malware through online advertisements. - Malvertising, Attackers trick users into clicking hidden or disguised buttons or links leading to unintended actions. - Clickjacking, Using machine learning to enhance techniques, making them more sophisticated and challenging to detect. - AI-Powered Attacks, A network is not segmented correctly or the firewall settings are too permissive, allowing malicious actors to gain access to sensitive data. - Firewall Misconfiguration, Allows an attacker to execute malicious code on the vulnerable system. - Remote Code Execution (RCE), A person or program successfully identifies as another by falsifying data to gain an illegitimate advantage. - Spoofing, Malicious software designed to enter your computer device, gather data about you, and forward it to a third-party without your consent. - Spyware, An incorrect or suboptimal configuration of an information system or system component that may lead to vulnerabilities. - Misconfiguration, Out-of-date software that creates vulnerabilities to issues known by a bad actor. - Unpatched Software, aim to take over one or more accounts giving the attacker the same privileges as the attacked user, often by assuming their identity. - Broken Authentication, Allows an attacker to relay malicious code through an application to another system. - Injection, A weakness or flaw in software, hardware, or organizational processes, which when compromised by a threat, can result in a security breach - Network Vulnerabilities, Any attempt to exploit a vulnerability in user authorization within a digital system - Password Attack, Giving more access and privileges than needed, creating security risks if abused or compromised by an attacker. - Unauthorized Access,
0%
Cyber Threats and Vulnerabilities
Partager
par
Aubyangelb
Vocational / Technical
Computing
Cybersecurity
Modifier le contenu
Imprimer
Incorporer
Plus
Affectations
Classement
Fiches de révision
est un modèle à composition non limitée. Il ne génère pas de points pour un classement.
Connexion requise
Style visuel
Polices
Abonnement requis
Options
Changer de modèle
Afficher tout
D'autres formats apparaîtront au fur et à mesure que vous jouerez l'activité.
Ouvrir les résultats
Copier le lien
Code QR
Supprimer
Restauration auto-sauvegardé :
?