Pablo Gallardo's Blog
My professional web log about IT, Project Management & SAP

Common Cybersecurity Attacks

Non-exhaustive list of common Cybersecurity Attacks:

  1. Brute-force Attack
  2. Cross-Site Request Forgery (XSRF)
  3. Cross-Site Scripting (XSS)
  4. Denial of Service (DoS)
  5. Man-in-the-middle
  6. Rogue access point
  7. Session hijacking
  8. Spoofing of data packets
  9. SQL Injection


Detailed List

Brute-force Attack

A brute-force attack (a.k.a. brute force cracking) is the cyberattack equivalent of trying every key on your key ring, and eventually finding the right one.

External link

Cross-Site Request Forgery (XSRF)

XSRF is a type of web site attack in which unauthorized commands are transmitted from a trusted user.

XSRF exploits inadequate authentication mechanisms in web applications that rely only on elements such as cookies when performing a transaction.

It is mentioned on CISM Review QA&E Manual 9th Edition, question S3-200.

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

External link

Denial of Service (DoS)

Denial of Service (DoS) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.

Packet filtering techniques are the only ones which reduce network congestion caused by a network denial-of-service attack.

Rogue access point

A rogue access point masquerades as a legitimate access point. The risk is that legitimate users may connect through this access point and have their traffic monitored.

It is a significant risk when using wireless local area network technology.

SQL Injection

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution

External link




About pmgallardo

I studied Computer Science at University of Salamanca. Since then, I have been working first as developer and then as SAP consutant. This blog is about problems I dealt when using computers, and more important, the solutions I found. Whenever I am on an issue and suddenlly I have a flash that leads me to a solution, I document my discoveries in a post.

, , , , , , , , , , , , , , ,

No comments yet.

Leave a Reply

Política de privacidad