Threats Definitions
Cyber threat definitions covering malware, phishing, botnets, DDoS attacks, ransomware, and social engineering.
What is a Brute Force Attack?
A brute force attack is a trial-and-error method used by attackers to systematically guess passwords, encryption keys, or other credentials by trying every possible combination until the correct one is found.
What is a DDoS Attack (Distributed Denial of Service)?
A DDoS (Distributed Denial of Service) attack is a cyberattack in which multiple compromised systems flood a target server, service, or network with overwhelming traffic, rendering it unavailable to legitimate users.
What is a Man-in-the-Middle (MITM) Attack?
A Man-in-the-Middle (MITM) attack is a cyberattack where an attacker secretly intercepts and potentially alters communications between two parties who believe they are communicating directly with each other.
What is a Supply Chain Attack?
A supply chain attack targets the less-secure elements in a software or hardware supply chain to compromise a final product or service, often by injecting malicious code into trusted components, libraries, or software updates.
What is a Zero-Day Exploit?
A zero-day exploit is an attack that targets a previously unknown software vulnerability for which no patch or fix exists, giving developers zero days to address the flaw before it is actively used in attacks.
What is Cross-Site Scripting (XSS)?
Cross-Site Scripting (XSS) is a web security vulnerability that allows attackers to inject malicious client-side scripts into web pages viewed by other users, enabling session hijacking, data theft, and website defacement.
What is Cryptojacking?
Cryptojacking is a cyberattack in which an attacker secretly uses a victim's computing resources to mine cryptocurrency without their knowledge or consent, degrading system performance and increasing energy costs.
What is Phishing?
Phishing is a social engineering attack in which cybercriminals impersonate trusted entities through fraudulent emails, websites, or messages to trick victims into revealing sensitive information such as passwords, credit card numbers, or personal data.
What is Ransomware?
Ransomware is a type of malicious software that encrypts a victim's files or entire systems, rendering them inaccessible until a ransom payment is made to the attacker in exchange for the decryption key.
What is SQL Injection?
SQL injection is a code injection attack in which an attacker inserts malicious SQL statements into input fields or parameters of a web application, enabling them to manipulate the backend database to access, modify, or delete data.