15rows
5columns
62views
0downloads
Source:Community curated
Updated:3/7/2026
15/15
Attack Method↕ | Category↕ | Typical Target↕ | Primary Defense↕ | Known For↕ |
|---|---|---|---|---|
Phishing | Social engineering | Individuals via email or SMS | Security awareness training, email filtering | 90% of breaches start with phishing, Nigerian prince emails evolved into sophisticated spear-phishing, cheapest attack to launch |
Ransomware | Malware | Organizations, hospitals, cities | Offline backups, endpoint detection, patch management | WannaCry (2017) hit 200K+ computers, Colonial Pipeline paid $4.4M, billion-dollar criminal industry |
DDoS (Distributed Denial of Service) | Availability attack | Websites, online services, DNS providers | CDN protection (Cloudflare), traffic scrubbing, rate limiting | Mirai botnet took down half the internet (2016), GitHub 1.35 Tbps attack, botnets-for-hire cost $20/hour |
SQL Injection | Code injection | Web applications with database backends | Parameterized queries, input validation, WAF | OWASP Top 10 for 20+ years, Heartland Payment breach (130M cards), Bobby Tables XKCD comic, still shockingly common |
Zero-Day Exploit | Vulnerability exploitation | Any software with unknown vulnerabilities | Defense-in-depth, bug bounties, rapid patching | Stuxnet used 4 zero-days to destroy Iranian centrifuges, zero-days sell for $500K-$2.5M on black market |
Man-in-the-Middle (MITM) | Interception | Unencrypted communications, public WiFi users | HTTPS/TLS, certificate pinning, VPN | Evil twin WiFi hotspots, SSL stripping attacks, why 'free airport WiFi' is dangerous, banking session hijacking |
Cross-Site Scripting (XSS) | Code injection | Web application users via malicious scripts | Content Security Policy, output encoding, sanitization | Samy worm hit 1M MySpace profiles in 20 hours (2005), stored vs reflected vs DOM-based, cookie stealing |
Credential Stuffing | Brute force / automation | Any login portal using reused passwords | MFA, rate limiting, password managers, breach monitoring | Billions of leaked credentials on dark web, automated login attempts at scale, why password reuse is deadly |
Supply Chain Attack | Trust exploitation | Software dependencies, update mechanisms | Software bill of materials (SBOM), code signing, vendor audits | SolarWinds Orion hack (2020) compromised 18K organizations including US government, NotPetya via Ukrainian tax software |
Brute Force Attack | Password cracking | Login systems, encrypted files, hashed passwords | Account lockout, CAPTCHAs, long complex passwords, bcrypt hashing | Hashcat cracks billions of hashes per second on GPUs, dictionary attacks, rainbow tables, why 'password123' fails |
DNS Spoofing / Cache Poisoning | Redirection | DNS resolvers, end users seeking legitimate sites | DNSSEC, DNS-over-HTTPS, trusted resolvers | Kaminsky bug (2008) threatened entire internet DNS, redirects users to fake banking sites, hard to detect |
Insider Threat | Internal / human | Organization's own systems and data | Least privilege, monitoring, DLP, background checks | Edward Snowden, Tesla saboteur, costs companies $15.4M/year average, hardest threat to defend against |
Cryptojacking | Resource theft | Web browsers, servers, cloud instances | Ad blockers, endpoint monitoring, cloud cost alerts | Coinhive script mined Monero in visitors' browsers, Tesla cloud account hijacked for mining, silent CPU drain |
Buffer Overflow | Memory exploitation | C/C++ programs without bounds checking | ASLR, stack canaries, safe languages (Rust), code review | Morris Worm (1988) used buffer overflow, Code Red, Blaster, foundation of most classic exploits, unsafe memory access |
Social Engineering (Pretexting) | Human manipulation | Employees, help desks, executives | Verification procedures, security culture, callback protocols | Kevin Mitnick's legendary hacking career, CEO fraud/BEC costs $26B, 'I'm from IT, I need your password', MGM hack (2023) via help desk call |
Free to explore · No signup needed
Loading community rankings...
Related Datasets
More in Technology
Cloud Platforms
Major cloud computing providers with market share, headquarters, and signature services.
15 rows1 shared tag
Essential Phone Apps
The apps that define modern smartphone life — from communication to productivity to time-wasting.
15 rows1 shared tag
Famous Expedition Vehicles & Craft
The Lunar Rover, Kon-Tiki raft, Trieste bathyscaphe, Spirit of St. Louis — which exploration vehicle made the boldest journey into the unknown?
15 rows1 shared tag
Countries by Internet Hosts
Countries ranked by number of internet hosts.
233 rows1 shared tag
Photo Editing Tools
Photo Editing Tools
15 rows1 shared tag
Databases
Popular database management systems spanning relational, document, key-value, graph, and time-series types.
20 rows1 shared tag