Common Attacks

  1. Advanced Persistent Threat (APT)
  2. Multi-vector, polymorphic attacks
  3. Denial of Service
  4. Buffer Overflows
  5. Mobile Code
  6. Malicious Software (Malware)
  7. Drive-by download attacks
  8. Spyware
  9. Trojan Horse
  10. Keyloggers
  11. Password Crackers
  12. Spoofing/Masquerading
  13. Sniffers, Eavesdropping, and Tapping
  14. Emanations and TEMPEST
    Spontaneous emission of electromagnetic radiation” (EMR) subject to TEMPEST eavesdropping
  15. Shoulder Surfing
  16. Tailgating
  17. Piggybacking
  18. Object Reuse
  19. Data Remanence
  20. Unauthorized Targeted Data Mining
  21. Dumpster Diving
  22. Backdoor/Trapdoor
  23. Maintenance Hook
  24. Logic bombs
  25. Social Engineering
  26. Phishing
  27. Pharming
    A cyber attack intended to redirect a website’s traffic to another, fake site.
  28. Covert Channel
    Unauthorized channel for data transportation
  29. IP Spoofing/Masquerading
    IP Spoofing is malicious, while Masquerading is a specific form of Network Address Translation (NAT) and can be valid.
  30. Elevation of privilege/Privilege escalation
  31. Tampering
  32. Sabotage
  33. SQL injection
  34. Cross-Site Scripting (XSS)
  35. Session Hijacking and Man-in-the-Middle Attacks
  36. Zero-day exploit
    A zero-day exploit hits after a network vulnerability is announced or discovered but before a patch or solution is implemented.