Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
57 views3 pages

Cyber Security Attacks

The document provides definitions for various cybersecurity threats and attack methods, including Distributed Denial of Service (DDoS), botnets, phishing, and malware types like ransomware and spyware. It also covers techniques such as SQL injection, Cross-Site Scripting (XSS), and social engineering, highlighting how attackers exploit vulnerabilities or manipulate individuals. Additionally, it addresses advanced threats like Advanced Persistent Threats (APTs) and fileless malware.

Uploaded by

Arijit Chakrabarty
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
57 views3 pages

Cyber Security Attacks

The document provides definitions for various cybersecurity threats and attack methods, including Distributed Denial of Service (DDoS), botnets, phishing, and malware types like ransomware and spyware. It also covers techniques such as SQL injection, Cross-Site Scripting (XSS), and social engineering, highlighting how attackers exploit vulnerabilities or manipulate individuals. Additionally, it addresses advanced threats like Advanced Persistent Threats (APTs) and fileless malware.

Uploaded by

Arijit Chakrabarty
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

1.

Distributed Denial of Service (DDoS)

● Definition: Overwhelms a system, server, or network with a flood of internet traffic,


making it unavailable to its intended users.

2. Botnet

● Definition: A network of infected computers (bots) controlled by a malicious actor to


perform coordinated attacks or other malicious activities.

3. Phishing

● Definition: Deceptive attempts to obtain sensitive information by pretending to be a


trustworthy entity, often through email or fake websites.

4. Spear Phishing

● Definition: A targeted phishing attack aimed at a specific individual or organization,


using personalized information to increase its effectiveness.

5. Malware

● Definition: Malicious software designed to damage, disrupt, or gain unauthorized


access to computer systems, including viruses, worms, trojans, and ransomware.

6. Ransomware

● Definition: A type of malware that encrypts a victim's files and demands a ransom
payment for the decryption key.

7. Spyware

● Definition: Malicious software that secretly monitors and collects information about a
user's activities without their knowledge.

8. Adware

● Definition: Unwanted software designed to display advertisements on a user's device,


often bundled with free software.

9. Man-in-the-Middle (MitM) Attack


● Definition: An attacker intercepts and potentially alters communication between two
parties without their knowledge.

10. SQL Injection

● Definition: A code injection technique that exploits vulnerabilities in an application's


software to execute malicious SQL statements in a database.

11. Cross-Site Scripting (XSS)

● Definition: An attack that injects malicious scripts into content from otherwise trusted
websites, executed by the victim's browser.

12. Cross-Site Request Forgery (CSRF)

● Definition: An attack that tricks a user into performing actions on a web application
without their knowledge, using their authenticated session.

13. Zero-Day Exploit

● Definition: An attack that targets a previously unknown vulnerability in software or


hardware, occurring before the vendor can issue a fix.

14. Rootkit

● Definition: Malicious software designed to gain unauthorized root or administrative


access to a computer system while hiding its presence.

15. Social Engineering

● Definition: Manipulating individuals into divulging confidential information or performing


actions that compromise security, often through psychological manipulation.

16. Credential Stuffing

● Definition: An attack that uses automated scripts to try multiple username-password


combinations, typically obtained from previous data breaches.

17. Brute Force Attack

● Definition: An attack that attempts to gain access to a system by systematically trying all
possible combinations of passwords or encryption keys.

18. Drive-By Download


● Definition: Unintended download of malicious software when a user visits a
compromised or malicious website.

19. Eavesdropping Attack

● Definition: Unauthorized interception and listening to private communication, often using


network sniffers.

20. Insider Threat

● Definition: A security threat originating from within the targeted organization, often
involving employees, contractors, or business associates.

21. DNS Spoofing

● Definition: An attack that corrupts the Domain Name System (DNS) data, redirecting
users to fraudulent websites without their knowledge.

22. Session Hijacking

● Definition: An attack where an attacker takes over a valid session between a client and
server, gaining unauthorized access to information or services.

23. Advanced Persistent Threat (APT)

● Definition: Prolonged and targeted cyberattack in which an intruder gains access to a


network and remains undetected for an extended period.

24. Watering Hole Attack

● Definition: An attack that targets a specific group by infecting websites that members of
the group are known to visit, in order to compromise their systems.

25. Fileless Malware

● Definition: Malicious code that operates in-memory rather than installing itself on the
victim’s machine, making it harder to detect and remove.

You might also like