Threat Actors
These profit-driven attackers often deploy ransomware and phishing campaigns.
What are cybercriminals?
This database contains proof-of-concept code for known vulnerabilities.
What is Exploit-DB?
This former NSA contractor leaked surveillance programs like PRISM in 2013.
Who is Edward Snowden?
This 2014 North Korea-linked attack targeted Sony Pictures for satirizing Kim Jong-un.
What is the Sony Pictures hack?
The unique identifier format (e.g., CVE-2024-12345) used to track known vulnerabilities.
What is a CVE ID?
These attackers act for political or ideological reasons, often launching DDoS or defacement attacks.
What are hacktivists?
A penetration testing framework used to launch and manage exploit code.
What is Metasploit?
This U.S. Army analyst leaked military and diplomatic cables to WikiLeaks.
Who is Chelsea Manning?
This worm, developed by the U.S. and Israel, sabotaged Iran’s Natanz nuclear facility.
What is Stuxnet?
The technique used to prove that a digital communication came from its stated source.
What is non-repudiation?
This group includes employees or contractors who intentionally or unintentionally compromise systems.
What are insiders?
A red-teaming tool often used by both ethical hackers and ransomware gangs.
What is Cobalt Strike?
This Boeing engineer passed aerospace secrets to China over decades.
Who is Greg Chung?
This ransomware gang leaked internal chat logs and hit the Costa Rican government.
What is Conti?
This principle verifies the identity of a user, system, or process.
What is authentication?
State-sponsored actors using APTs and zero-days are typically categorized as this.
What are nation-state actors?
This foundational model includes Confidentiality, Integrity, and Availability.
What is the CIA Triad?
This whistleblower posted on Zuckerberg’s Facebook wall to prove a bug.
Who is Khalil Shreateh?
This 2020 supply chain attack infiltrated U.S. agencies through SolarWinds software.
What is the SolarWinds attack?
A framework developed by Lockheed Martin to understand and disrupt cyberattack stages.
What is the Cyber Kill Chain?
These low-skilled attackers use pre-made tools they often don’t understand.
What are script kiddies?
A dynamic framework for tracking attacker tactics and techniques across the kill chain.
What is the MITRE ATT&CK framework?
This contractor hoarded classified materials for over 20 years at home.
Who is Harold T. Martin III?
This 2023 hacktivist-linked attack stole $100M from Iran’s Nobitex crypto exchange.
What is the Predatory Sparrow crypto attack?
This CVE scoring system rates the severity of vulnerabilities from 0 to 10.
What is CVSS (Common Vulnerability Scoring System)?