Types of Security Threats
Malware
Malware, short for malicious software, is any software intentionally designed to cause damage to a computer, server, client, or computer network. There are several types of malware, including viruses, worms, Trojans, ransomware, spyware, adware, and more.
Phishing
Phishing is a cyber attack that involves tricking individuals into providing sensitive information, such as usernames, passwords, and credit card numbers, by pretending to be a trustworthy entity in electronic communications.
Denial of Service (DoS)
DoS and DDoS attacks aim to make a machine or network resource unavailable to its intended users by overwhelming it with a flood of internet traffic.
Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker secretly intercepts and relays messages between two parties who believe they are directly communicating with each other.
SQL Injection
SQL injection is a code injection technique that exploits a security vulnerability in an application's software by inserting malicious SQL code into an entry field for execution.
Zero-Day Exploits
Zero-day exploits are attacks that target software vulnerabilities that are unknown to the software vendor or have not yet been patched.
Insider Threats
Insider threats involve malicious activities by individuals within an organisation who have authorized access to sensitive data and systems.
Ransomware
Ransomware is a type of malware that encrypts a victim's files. The attacker then demands a ransom from the victim to restore access to the data upon payment.
Spyware
Spyware is software that secretly monitors and collects user information without their knowledge, often for malicious purposes such as identity theft.
Keyloggers
Keyloggers are a type of spyware that record every keystroke made on a computer to capture sensitive information such as login credentials, credit card numbers, and personal messages.
Dictionary Attack
A dictionary attack uses a list of common passwords and dictionary words to guess the password.
Pass the Hash
Pass the Hash is an attack where the attacker captures the hashed version of a password and uses it to authenticate without needing to crack the password.
Password Spraying
Password spraying involves trying a few common passwords against many accounts to avoid detection and account lockout mechanisms.