January 28, 2017February 7, 2017 by rlodbrok

Threat summary

Simple chart with classification of different InfoSec threats.

Misdirection:

Spoofing,
Pharming,
XSS,
poisoning (arp,dns)

Social trust:

Phishing,
Social engineering,
Social network attacks,

Vulnerability:

SQl inject,
code injection,
path traversal,
buffer overflow,

Snooping:

Replay attacks,
Sniffing,
Keylogging,
Session Hijacking,
TEMPEST

Password attacks:

Dictionary,
Brute force,
Rainbow(hash) tables,
Shoulder surfing

Escalation:

Authentication
Bypass,
Pivoting,
Heuristic commits

Malware:

Rootkits,
Trojans,
Worms,
Spyware

Malicious actions:

DoS,
DDoS,
Virus,
Scare/Ransomware

Mitigations:

Hardening,
Secure boot,
threat Scanning

Leave a Reply Cancel reply