Method of attacks in cybersecurity
Table of contents
No headings in the article.
malware: software designed to harm devices or network
virus: malware program that modifies other computer programs by inserting its code to modify the computer program negatively by damaging and/or destroying data typical example of a virus is a malware
worm: malware that self-replicates, spreading across the networks and infecting the computers
ransomware: a malicious attack in which an organization encrypts a part of a company's data and demands money in other to decrypt it and restore access to users.
spyware: malicious software installed on a user's computer without his/her consent which is used to spy on and use user data
phishing: the use of digital communication to trick people into revealing sensitive data or deploying malicious software
spear phishing: the use of malicious email to target a specific user or group of users to appear to originate from a trusted source
whaling: a form of spear phishing in which the threat actors targets the executives of an organization to gain access to sensitive data
Business email compromise (BEC): an attack in which the threat actor impersonates a known source for financial advantage, it's also a form of phishing
vishing: exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.
Social engineering: a manipulation technique that explores human error to gain unauthorized access to sensitive, valuable/ private data
social media phishing: an attack in which threat actors collect enough information about their target on social media sites before initiating an attack
watering hole phishing: an attack in which the threat actors compromise a website frequently visited by a specific group of users.
physical social engineering: an attack in which threat actors impersonate an employee, vendor, or customer to gain unauthorized access to a physical location
USB baiting: an attack in which a threat actor strategically leaves a malware-invested USB stick for an employee to find and unknowingly infect a network