CYBERSECURITY ATTACKS

Malware (short for "malicious software") is harmful software designed to damage, disrupt, or gain unauthorized access to computers, networks, or devices. It is a key tool used by cybercriminals to steal data, spy on users, or cause operational disruptions. Example:

1. Viruses: Attach to files and spread when shared.

2. Worms: Self-replicating malware that spreads across networks.

3. Trojans: Disguised as legitimate software but perform malicious actions.

4. Ransomware: Encrypts data and demands a ransom for its release.

Phishing is a cyberattack technique in which attackers trick individuals into revealing sensitive information, such as usernames, passwords, credit card numbers, or other personal details. Phishing typically involves fraudulent communication, such as emails, text messages, or fake websites, that appear to come from a legitimate source.

DoS (Denial of Service) is a cyberattack where an attacker overwhelms a system, server, or network with an excessive amount of traffic or requests, causing it to slow down, crash, or become unavailable to legitimate users. The primary goal is to disrupt the normal functioning of a service or resource.

Examples:

• ICMP Flood: Sends a large number of "ping" requests to overload the network.

A Man-in-the-Middle (MITM) attack occurs when a cybercriminal intercepts and manipulates communication between two parties, often without their knowledge. The attacker can eavesdrop, steal sensitive information, or inject malicious data into the communication.

examples:

Session Hijacking:

• Taking over an active session (e.g., stealing cookies) to impersonate the user.

DNS Spoofing:

• Redirecting users to fake websites by tampering with DNS records.

SQL Injection (SQLi) is a type of cyberattack where malicious SQL code is inserted into an input field (such as a form or URL) in a web application, exploiting vulnerabilities in the application's database query handling. This allows the attacker to manipulate the SQL query executed by the database, potentially gaining unauthorized access to data, modifying it, or even deleting it.

Credential Stuffing is a type of cyberattack where attackers use automated tools to try large volumes of stolen username and password combinations across multiple websites or online services. The goal is to exploit the common habit of users reusing the same login credentials across multiple platforms.

A zero-day exploit refers to a vulnerability in software or hardware that is unknown to the vendor or developer, and therefore, no patch or fix exists for it. Zero-day is so named because the exploit is discovered and potentially used by attackers before the software developers have had a chance to address or fix the vulnerability—often referred to as "zero days" because no time has passed for the developer to issue a security update.

Social Engineering is a psychological manipulation technique used by attackers to trick individuals into divulging confidential information, bypassing security measures, or performing actions that benefit the attacker. Rather than exploiting technical vulnerabilities, social engineering attacks exploit human weaknesses such as trust, fear, or curiosity.

A Smurf Attack is a type of Distributed Denial of Service (DDoS) attack that exploits vulnerabilities in Internet Protocol (IP) and Internet Control Message Protocol (ICMP) to flood a target system with a massive amount of traffic, overwhelming it and causing a denial of service

• In a smurf attack, the attacker spoofs (forges) the source IP address of the attack packets to be the IP address of the victim.

• The attacker sends ICMP Echo Request (ping) messages to the broadcast address of a network, with the victim’s IP address as the source.