15rows
5columns
58views
0downloads
Source:Community curated
Updated:3/7/2026
15/15
Attack Method↕ | Category↕ | Typical Target↕ | Primary Defense↕ | Known For↕ |
|---|---|---|---|---|
Phishing | Social engineering | Individuals via email or SMS | Security awareness training, email filtering | 90% of breaches start with phishing, Nigerian prince emails evolved into sophisticated spear-phishing, cheapest attack to launch |
Ransomware | Malware | Organizations, hospitals, cities | Offline backups, endpoint detection, patch management | WannaCry (2017) hit 200K+ computers, Colonial Pipeline paid $4.4M, billion-dollar criminal industry |
DDoS (Distributed Denial of Service) | Availability attack | Websites, online services, DNS providers | CDN protection (Cloudflare), traffic scrubbing, rate limiting | Mirai botnet took down half the internet (2016), GitHub 1.35 Tbps attack, botnets-for-hire cost $20/hour |
SQL Injection | Code injection | Web applications with database backends | Parameterized queries, input validation, WAF | OWASP Top 10 for 20+ years, Heartland Payment breach (130M cards), Bobby Tables XKCD comic, still shockingly common |
Zero-Day Exploit | Vulnerability exploitation | Any software with unknown vulnerabilities | Defense-in-depth, bug bounties, rapid patching | Stuxnet used 4 zero-days to destroy Iranian centrifuges, zero-days sell for $500K-$2.5M on black market |
Man-in-the-Middle (MITM) | Interception | Unencrypted communications, public WiFi users | HTTPS/TLS, certificate pinning, VPN | Evil twin WiFi hotspots, SSL stripping attacks, why 'free airport WiFi' is dangerous, banking session hijacking |
Cross-Site Scripting (XSS) | Code injection | Web application users via malicious scripts | Content Security Policy, output encoding, sanitization | Samy worm hit 1M MySpace profiles in 20 hours (2005), stored vs reflected vs DOM-based, cookie stealing |
Credential Stuffing | Brute force / automation | Any login portal using reused passwords | MFA, rate limiting, password managers, breach monitoring | Billions of leaked credentials on dark web, automated login attempts at scale, why password reuse is deadly |
Supply Chain Attack | Trust exploitation | Software dependencies, update mechanisms | Software bill of materials (SBOM), code signing, vendor audits | SolarWinds Orion hack (2020) compromised 18K organizations including US government, NotPetya via Ukrainian tax software |
Brute Force Attack | Password cracking | Login systems, encrypted files, hashed passwords | Account lockout, CAPTCHAs, long complex passwords, bcrypt hashing | Hashcat cracks billions of hashes per second on GPUs, dictionary attacks, rainbow tables, why 'password123' fails |
DNS Spoofing / Cache Poisoning | Redirection | DNS resolvers, end users seeking legitimate sites | DNSSEC, DNS-over-HTTPS, trusted resolvers | Kaminsky bug (2008) threatened entire internet DNS, redirects users to fake banking sites, hard to detect |
Insider Threat | Internal / human | Organization's own systems and data | Least privilege, monitoring, DLP, background checks | Edward Snowden, Tesla saboteur, costs companies $15.4M/year average, hardest threat to defend against |
Cryptojacking | Resource theft | Web browsers, servers, cloud instances | Ad blockers, endpoint monitoring, cloud cost alerts | Coinhive script mined Monero in visitors' browsers, Tesla cloud account hijacked for mining, silent CPU drain |
Buffer Overflow | Memory exploitation | C/C++ programs without bounds checking | ASLR, stack canaries, safe languages (Rust), code review | Morris Worm (1988) used buffer overflow, Code Red, Blaster, foundation of most classic exploits, unsafe memory access |
Social Engineering (Pretexting) | Human manipulation | Employees, help desks, executives | Verification procedures, security culture, callback protocols | Kevin Mitnick's legendary hacking career, CEO fraud/BEC costs $26B, 'I'm from IT, I need your password', MGM hack (2023) via help desk call |
Free to explore · No signup needed
Loading community rankings...
Related Datasets
More in Technology
Tech YouTube Channels
Popular technology-focused YouTube channels covering reviews, tutorials, and tech culture.
15 rows1 shared tag
Countries by Internet Users
Countries ranked by number of internet users.
225 rows1 shared tag
Smartphone Brands
Major smartphone manufacturers with market share, flagship models, and operating system details.
20 rows1 shared tag
Programming Languages
Popular programming languages with their creation year, paradigm, typing system, and common use cases.
30 rows1 shared tag
Databases
Popular database management systems spanning relational, document, key-value, graph, and time-series types.
20 rows1 shared tag
JavaScript Frameworks
Popular JavaScript and TypeScript frameworks and libraries for frontend, backend, and full-stack development.
23 rows1 shared tag