15rows
5columns
58views
0downloads
Source:Community curated
Updated:3/7/2026
15/15
Attack Method↕ | Category↕ | Typical Target↕ | Primary Defense↕ | Known For↕ |
|---|---|---|---|---|
Phishing | Social engineering | Individuals via email or SMS | Security awareness training, email filtering | 90% of breaches start with phishing, Nigerian prince emails evolved into sophisticated spear-phishing, cheapest attack to launch |
Ransomware | Malware | Organizations, hospitals, cities | Offline backups, endpoint detection, patch management | WannaCry (2017) hit 200K+ computers, Colonial Pipeline paid $4.4M, billion-dollar criminal industry |
DDoS (Distributed Denial of Service) | Availability attack | Websites, online services, DNS providers | CDN protection (Cloudflare), traffic scrubbing, rate limiting | Mirai botnet took down half the internet (2016), GitHub 1.35 Tbps attack, botnets-for-hire cost $20/hour |
SQL Injection | Code injection | Web applications with database backends | Parameterized queries, input validation, WAF | OWASP Top 10 for 20+ years, Heartland Payment breach (130M cards), Bobby Tables XKCD comic, still shockingly common |
Zero-Day Exploit | Vulnerability exploitation | Any software with unknown vulnerabilities | Defense-in-depth, bug bounties, rapid patching | Stuxnet used 4 zero-days to destroy Iranian centrifuges, zero-days sell for $500K-$2.5M on black market |
Man-in-the-Middle (MITM) | Interception | Unencrypted communications, public WiFi users | HTTPS/TLS, certificate pinning, VPN | Evil twin WiFi hotspots, SSL stripping attacks, why 'free airport WiFi' is dangerous, banking session hijacking |
Cross-Site Scripting (XSS) | Code injection | Web application users via malicious scripts | Content Security Policy, output encoding, sanitization | Samy worm hit 1M MySpace profiles in 20 hours (2005), stored vs reflected vs DOM-based, cookie stealing |
Credential Stuffing | Brute force / automation | Any login portal using reused passwords | MFA, rate limiting, password managers, breach monitoring | Billions of leaked credentials on dark web, automated login attempts at scale, why password reuse is deadly |
Supply Chain Attack | Trust exploitation | Software dependencies, update mechanisms | Software bill of materials (SBOM), code signing, vendor audits | SolarWinds Orion hack (2020) compromised 18K organizations including US government, NotPetya via Ukrainian tax software |
Brute Force Attack | Password cracking | Login systems, encrypted files, hashed passwords | Account lockout, CAPTCHAs, long complex passwords, bcrypt hashing | Hashcat cracks billions of hashes per second on GPUs, dictionary attacks, rainbow tables, why 'password123' fails |
DNS Spoofing / Cache Poisoning | Redirection | DNS resolvers, end users seeking legitimate sites | DNSSEC, DNS-over-HTTPS, trusted resolvers | Kaminsky bug (2008) threatened entire internet DNS, redirects users to fake banking sites, hard to detect |
Insider Threat | Internal / human | Organization's own systems and data | Least privilege, monitoring, DLP, background checks | Edward Snowden, Tesla saboteur, costs companies $15.4M/year average, hardest threat to defend against |
Cryptojacking | Resource theft | Web browsers, servers, cloud instances | Ad blockers, endpoint monitoring, cloud cost alerts | Coinhive script mined Monero in visitors' browsers, Tesla cloud account hijacked for mining, silent CPU drain |
Buffer Overflow | Memory exploitation | C/C++ programs without bounds checking | ASLR, stack canaries, safe languages (Rust), code review | Morris Worm (1988) used buffer overflow, Code Red, Blaster, foundation of most classic exploits, unsafe memory access |
Social Engineering (Pretexting) | Human manipulation | Employees, help desks, executives | Verification procedures, security culture, callback protocols | Kevin Mitnick's legendary hacking career, CEO fraud/BEC costs $26B, 'I'm from IT, I need your password', MGM hack (2023) via help desk call |
Free to explore · No signup needed
Loading community rankings...
Related Datasets
More in Technology
Photo Editing Tools
Photo Editing Tools
15 rows1 shared tag
VPN Services
VPN Services
12 rows1 shared tag
Screen Recording & Video Messaging
Screen Recording & Video Messaging
12 rows1 shared tag
Types of Doorbell Design and Technology
Ring video, classic ding-dong, wireless chime, smart intercom, pull-chain bell — which doorbell technology best announces your visitors?
15 rows1 shared tag
Technologies That Will Change Everything
Nuclear fusion, brain-computer interfaces, quantum computing — the technologies racing to reshape civilization.
13 rows1 shared tag
Famous Expedition Vehicles & Craft
The Lunar Rover, Kon-Tiki raft, Trieste bathyscaphe, Spirit of St. Louis — which exploration vehicle made the boldest journey into the unknown?
15 rows1 shared tag