Attacks & Vulnerabilities

race condition

A malfunction in a preprogrammed sequential access to a shared resource that occurs when multiple processes access the resource simultaneously, leading to unexpected outcomes.

TOC/TOU

Logon session replay attack - A security vulnerability that occurs when a system's state changes between the time a resource is checked and when it is accessed.

cross-site scripting attack

A type of security vulnerability that allows an attacker to inject malicious scripts into web pages viewed by other users, potentially compromising user data and session cookies.

Rooting

The process of gaining administrative access to a device, typically an Android system, allowing the user to bypass limitations set by the manufacturer.

Worm

A type of malicious software that replicates itself to spread to other computers, often exploiting vulnerabilities to do so.

bot

A type of malware that connects to a network of compromised devices, often used to perform automated tasks like sending spam or launching DDoS attacks.

Potentially Unwanted Program (PUP)

Software that may be unwanted or harmful to the user, often bundled with legitimate software.

Reflected DDoS

A type of DDoS attack where the attacker sends a request to a third-party server, which then sends a response to the target, amplifying the attack by using legitimate services.

DNS Amplification

A type of DDoS attack that exploits vulnerabilities in DNS servers to flood a target with an overwhelming amount of traffic, significantly amplifying the volume of the original request.

Bluesnarfing

The unauthorized access of information from a Bluetooth-enabled device, typically to obtain sensitive data such as contacts or messages.

IV attack

A type of attack that intercepts and decrypts wireless communications by exploiting vulnerabilities in the Initialization Vector used in WEP encryption.

MITM attack

An on-path cyberattack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

XSS vulnerability

A security flaw that allows attackers to inject malicious scripts into web pages viewed by other users, potentially hijacking user sessions or defacing websites.

CSRF/XSRF attack

A type of attack that tricks a user into executing unwanted actions on a web application in which they're authenticated, often using social engineering techniques to achieve this.

XML Attack

A type of attack that exploits weaknesses in XML processing, often targeting web services and applications to manipulate or compromise their data integrity or availability.

LDAP Injection Attack

A security attack that targets/manipulate directory services, often leading to unauthorized access or data breaches.

Indicators of Compromise (IoC)

Artifacts observed on a network or operating system that indicate a potential intrusion.

cryptomalware

Attacker hopes that the malicious code remains undetected as long as possible so that they can continue to mine cryptocurrency using the victim's device

rootkit

A set of tools used by attackers to gain unauthorized access and maintain control over a computer system without being detected.

Pharming

A cyber attack that redirects users from legitimate websites to fraudulent ones to steal sensitive data.

typosquatting

A harmful practice where attackers register domains with misspellings of well-known websites to deceive users into visiting and potentially compromising their accounts.

pretext

A form of social engineering where an attacker creates a fabricated scenario to gain physical access

watering hole

attacks that compromise users by infecting websites they frequently visit, allowing attackers to target specific groups.

spear phishing

a targeted phishing attack where an attacker customizes their approach to deceive specific individuals or organizations.

fileless malware

Operates only in memory to avoid detection

logic bomb

a piece of malicious code that triggers when specific conditions are met, causing damage or disruption.

Trojan Horse

a type of malware disguised as legitimate software, used to gain access to systems and data.

Research phase

the initial stage of an attack where the threat actor gathers information about the target to plan the attack.

Development phase

the stage of an attack where the threat actor creates or modifies tools and exploits based on the information gathered during the research phase and forms a relationship with the target

Elicitation phase

the stage in which a threat actor collects specific information from the target, often through social engineering or direct interaction.

Exploitation phase

the stage of an attack where the threat actor executes the developed tools or exploits against the target to gain unauthorized access or achieve malicious objectives.

buffer overflow

The act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target

Covert channel expoitation

The use of timing or storage mechanisms to bypass security controls in order to leak information out of a secured environment.

Evil Twin

A rogue Wi-Fi access point that appears legitimate but is designed to eavesdrop on users' wireless communications.