Application/Service Attacks

An attack on a computer or network

device in which multiple computers send data and requests to the device in an attempt

to overwhelm it so that it cannot perform normal operations

An attack using active interception or eavesdropping. It uses a third computer to capture traffic sent between two other systems

An attack from a single source that attempts to disrupt the services provided by the attacked system

An attack that changes the registration of a domain name without permission from the owner

An attack from a single source that attempts to disrupt the services provided by the attacked system

An attack that increases the amount of bandwidth sent to a victim

DNS Poisoning-An attack that modifies or corrupts DNS result

The process of gaining elevate rights and permissions. Malware typically uses a variety of techniques to gain elevated privileges

An attack on a computer or network

device in which multiple computers send data and requests to the device in an attempt

to overwhelm it so that it cannot perform normal operations

An attack using active interception or eavesdropping. It uses a third computer to capture traffic sent between two other systems

An attack that misleads systems about the actual MAC address of a system

A vulnerability or bug that is unknown to trusted sources but can be exploited by attackers

An attack that changes the registration of a domain name without permission from the owner

An attack that tricks users into clicking something other than what they think they're clicking

An error that occurs when an application receives more input, or different input, than it expects. It exposes system memory that is normally inaccessible

An attack where the data is captured and replayed. Attackers typically modify data before replaying it

An attack that injects code or commands

A driver manipulation method. Developers rewrite the code without changing the driver's behavior

The process of gaining elevate rights and permissions. Malware typically uses a variety of techniques to gain elevated privileges

The purchase of a domain name that is close to a legitimate domain name. Attackers often try to trick users who inadvertently use the wrong domain name. Also called typosquatting

An attack that injects code or commands

A web application attack. XSRF attacks trick users into performing actions on websites, such as making purchases, without their knowledge

A password attack that captures and uses the hash of a password. It attempts to log on as the hash and is commonly associated with the Microsoft NTLM protocol

A web application vulnerability. Attackers embed malicious HTML or JavaScript code into a web site's code, which executes when a user visits the site

An attack from a single source that attempts to disrupt the services provided by the attacked system

A web application vulnerability. Attackers embed malicious HTML or JavaScript code into a web site's code, which executes when a user visits the site

An attack that changes the source IP address

A web application attack. XSRF attacks trick users into performing actions on websites, such as making purchases, without their knowledge

An attack where the data is captured and replayed. Attackers typically modify data before replaying it