Common Cybersecurity Attacks

This post provides a list of common Cybersecurity Attacks.

List of Common Cybersecurity Attacks

Non-exhaustive list of common cybersecurity attacks:

  1. Brute-force Attack
  2. Cross-Site Request Forgery (XSRF)
  3. Cross-Site Scripting (XSS)
  4. Cross-Site Tracing (CST)
  5. Denial of Service (DoS)
  6. Man-in-the-middle (MITM)
  7. Rogue access point
  8. Session hijacking
  9. Spoofing of data packets
  10. SQL Injection
  11. Pharming
  12. Pass the Hash
  13. Pass the Key
  14. TOC/TOU
  15. Phishing
  16. Ramsonware
  17. DND Spoofing

Brute-force Attack

A brute-force attack (a.k.a. brute force cracking) is the cyberattack equivalent of trying every key on your key ring, and eventually finding the right one.

External link

Cross-Site Request Forgery (XSRF)

A cross-site request forgery (XSRF) attack is a type of web site attack in which unauthorized commands are transmitted to a website from a trusted user.

The attacker tricks the user to send their desired information to the website. The exploit is that the website trusts this user.

It could be done following these steps:

  1. Attacker sends a phishing e-mail to a victim user that includes a link
  2. User clicks on the link, and web server validates the user request
  3. Web server performs the user request, that usually benefits the attacker

XSRF exploits inadequate authentication mechanisms in web applications that rely only on elements such as cookies when performing a transaction.

It is mentioned on CISM Review QA&E Manual 9th Edition, question S3-200.

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.

The website is tricked by the attacker to run a script on each of their users locally. The exploit is that the users trust the website.

It could be done following these steps:

  1. Attacker finds a website with a XSS vulnerability
  2. Attacker injects a script into the website
  3. For each user that connect the page, the website run the script for him

External link

Cross Site Tracing (XST)

Cross Site Tracing (XST) exploits the HTTP TRACE method to steal sensitive data.

TRACE method is intended for diagnostic purposes, and allows a client to send a request to a server and receive a mirror of that request in the server’s response.

Preventive measures, including disabling TRACE and implementing robust input validation, are crucial in safeguarding against XST.

XST is less popular or known than XSRF and XSS.

Denial of Service (DoS)

Denial of Service (DoS) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.

Packet filtering techniques are the only ones which reduce network congestion caused by a network denial-of-service attack.

Man-in-the-middle

Man-in-the-middle (MitM) is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.

MiTM can be prevented by using trusted paths that secure network traffic from capture and link encryption.

Rogue access point

A rogue access point masquerades as a legitimate access point. The risk is that legitimate users may connect through this access point and have their traffic monitored.

It is a significant risk when using wireless local area network technology.

SQL Injection

SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution.

Methods to avoid SQL injections:

  • Input check: limit what can be input by a user
  • Escape special characters: makes dangerous characters less likely to be a problem
  • Parameterized queries: limit what can be sent in a query
  • Stored procedures: limit what can be done via the database server

SQL detection tools on this post.

SQL injection tools on this post.

SQL injection examples on this post.

External link

Pharming

Pharming is a cyberattack intended to redirect a website’s traffic to another, fake site by installing a malicious program on the computer. Pharming can be conducted either by exploitation of a vulnerability in the DNS server software or by changing the hosts file on a victim’s computer.

Session Hijacking

You can find session hijacking tools on this post.

TOC/TOU

Time-of-check to time-of-use (TOC/TOU) attack exploits timing differences between when a system verifies authorization and software uses that authorization to perform an action. It is an example of race condition attack.

By varying the worload on the cpu, attackers may exploit th eamount of time required to process requests and use that variance to effectively schedule the exploit’s execution.

Methods to defend against TOC/TOU are file locking, exception handling and concurrency controls.

Clickjacking

Clickjacking is an attack where the user is tricked into clicking on something different from what the user perceives

User interface redress attack or UI redressing are more general terms to define trickery through the user interface (UI).

Clickjacking can be prevented by applying techniques such as what is called framekiller, framebuster or framebreaker. You can read more about it on this external link.

Frame injection

A Frame Injection is a type of Code Injection vulnerability. It gets to load arbitrary code in the browser through a frame.

The term frame spoofing might be the same as frame injection.

You might also be interested in…

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *