A threat actor registers domain with deliberately misspelled names of well-known websites to lure or trick people onto a website owned by the attacker to gain sensitive information
When information is presented incorrectly.
What is misinformation?
What is phishing?
The practice of using coded algorithms to protect information so that only authorized individuals can read it.
What is cryptography?
A software update intentionally altered to include malware, spyware or other harmful code
What is a malicious update?
An attacker uses email to trick someone into sending money or divulging confidential company info
What is business email compromise?
False information that is spread on purpose to trick or mislead people
What is disinformation?
It uses voice communication technology to encourage users to divulge sensitive information.
What is vishing?
The point in time when a product, service, or process is no longer supported or produced.
What is end of life?
A form of malicious software that locks and encrypts a victim's device data, then demands money or something of value to restore access to the data.
What is ransomware?
It targets groups of users by infecting websites they commonly visit.
What is waterholing?
Errors or mistakes in the setup or configuration of hardware, software, networks or systems.
What is misconfiguration?
It uses text messages to trick people into sharing personal information or clicking a malicious link.
What is smishing?
The process of taking old applications or code and repurposing them for newer goals.
When malicious scripts are injected into an otherwise trusted website
What is cross-site scripting?
This allows an attacker to break out of a virtual machine and gain authorized access to the host system.
What is VM escape?
When an attacker pretends to be someone else to gain unauthorized access to sensitive information or systems
What is impersonation?
The use of a fabricated story to gain a victim's trust and manipulate them into sharing sensitive information, downloading malware, or sending money to threat actors.
What is pretexting?
What is symmetric cryptography?
An injection attack that makes it possible to execute malicious SQL statements
What is SQL injection?
It disguises itself as a legitimate software progam
What is a trojan horse?
When accurate information is shared to cause harm.
An application is loaded onto a mobile device without using the official app store or marketplace.
What is sideloading?
This uses one private key and one public key
What is asymmetric cryptography?
The process of removing software restrictions on devices to allow unauthorized applications and features.
What is jailbreaking?