@vunvault: Backdoor Trojan– Malware that hides a secret entry point so hackers can re-enter later, even after you change passwords. Brute Force Attacks– Automated guessing of passwords by trying millions of combinations per second until one cracks. Password Attacks– Umbrella term for brute force, credential stuffing (using leaked passwords), and dictionary attacks. -Identity-Based Attacks– Stealing or forging user credentials (tokens, cookies, certificates) to impersonate legitimate users. Network & Communication Man-in-the-Middle (MITM)– Attacker secretly intercepts traffic between you and a website (like public Wi-Fi snooping). DNS Spoofing– Corrupting the "phonebook" of the internet to redirect you to fake sites (e.g., `bank.com` goes to a clone). DNS Tunneling– Sneaking stolen data out through DNS queries (port 53) because firewalls usually trust DNS traffic. Eavesdropping Attacks– Passive listening on unencrypted networks to capture passwords, messages, or emails. Web & Application Cross-Site Scripting (XSS)– Injecting malicious scripts into websites that run in your browser to steal cookies or session tokens.SQL Injection– Typing database commands into input fields (login boxes, search bars) to dump or delete entire databases. Code Injection– Broader than SQL; inserting malicious code (Python, PHP, etc.) into apps to force unintended execution. URL Interpretation– Manipulating how browsers/parsers read URLs to bypass filters or access restricted directories. Social Engineering Phishing– Mass emails/texts pretending to be trusted brands to steal credentials or install malware. Spear-Phishing – Highly targeted phishing aimed at specific individuals (e.g., the CFO or a system admin). Whale-Phishing– Spear-phishing specifically targeting C-suite executives ("big fish"). Business Email Compromise (BEC)– Hijacking or spoofing executive emails to trick finance into wiring money to attacker accounts. Malware Variants Malware– Catch-all for malicious software (viruses, worms, spyware). Trojan Horses– Malware disguised as legitimate software (like a fake game or PDF reader). Ransomware– Encrypts your files and demands payment (crypto) for the decryption key. Cryptojacking– Secretly using your CPU/GPU to mine cryptocurrency, slowing your device to a crawl. Session Hijacking– Stealing your "session cookie" after you log in, letting attacker use your account without your password. Infrastructure & Advanced Distributed Denial of Service (DDoS)-Overwhelming a server with traffic from thousands of hacked devices (botnet) until it crashes. Zero-Day Exploits– Attacks using vulnerabilities the vendor doesn’t know about yet (no patch exists = "day zero"). Supply Chain Attacks– Compromising a trusted vendor (software update server, third-party library) to infect all their customers at once. Insider Threats– Malicious or negligent employees leaking data or planting backdoors. Internet of Things (IoT) Attacks– Exploiting smart cameras, thermostats, or routers (often using default passwords) to build botnets or spy. Drive-by Downloads– Malware that installs just by visiting a compromised website no clicking required. Web Attacks– Umbrella for SQLi, XSS, CSRF, and other website-specific exploits. Spoofing– Faking sender identity (caller ID, email address, MAC address) to appear as a trusted source. Session Hijacking– Stealing active browser session tokens to impersonate logged-in users. Cryptographic Birthday Attack– Mathematical exploit based on probability (the "birthday paradox") to find hash collisions and forge digital signatures.#Cybersecurity #hacking #fyp #infosec

2368

There are no more comments for this video.

To see more videos from user @vunvault, please go to the Tikwm homepage.