The sophistication of cyber security attacks is increasing every day. In addition, there are numerous types of cyber security attacks and vulnerabilities. This article covers the most common.



As you probably already know, most attackers do not want to be discovered, so they use a variety of techniques to remain in the shadows when attempting to compromise a network. The following sections list the most common types of attacks carried out by threat actors.


1.     Reconnaissance Attacks


2.     Social Engineering

·        Phishing

·        Pharming

·        Malvertising


3.     Privilege Escalation Attacks


4.     Backdoors


5.     Code Execution


6.     Man-in-the Middle Attacks


7.     Denial-of-Service Attacks


8.     Attack Methods for Data Exfiltration


9.     ARP Cache Poisoning


10.                         Spoofing Attacks


11.                         Route Manipulation Attacks


12.                         Password Attacks


13.                         Wireless Attacks





Understanding the weaknesses and vulnerabilities in a system or network is a huge step toward correcting these vulnerabilities or putting in appropriate countermeasures to mitigate threats against them. Potential network vulnerabilities abound, with many resulting from one or more of the following:

1.     Policy flaws


2.     Design errors


3.     Protocol weaknesses


4.     Misconfiguration


5.     Software vulnerabilities


6.     Human factors


7.     Malicious software


8.     Hardware vulnerabilities


9.     Physical access to network resources


Cisco and others have created databases that categorize threats in the public domain. The Common Vulnerabilities and Exposures (CVE) is a dictionary of publicly known security vulnerabilities and exposures.


A quick search using your favorite search engine will lead you to the website. Also, the National Vulnerability Database (NVD) is a repository of standards-based vulnerability information; you can do a quick search for it, too. (URLs change over time, so it is better to advise you to just do a quick search and click any links that interest you.)


The following are examples of the most common types of vulnerabilities:


1.     API abuse


2.     Authentication and authorization bypass vulnerabilities


3.     Buffer overflow


4.     Cross-site scripting (XSS) vulnerability


5.     Cross-site request forgery (CSRF) vulnerability


6.     Cryptographic vulnerability


7.     Deserialization of untrusted data vulnerability


8.     Double free


9.     Insufficient entropy


10.                         SQL injection vulnerability






Go to top