Hocus Pocus
Oops! There was an error
It's with -ing
Useless or Useful?
Malice. Good or Bad?
100

A threat actor registers domain with deliberately misspelled names of well-known websites to lure or trick people onto a website owned by the attacker to gain sensitive information

What is typosquatting?
100

When information is presented incorrectly.

What is misinformation?

100
When a user receives a message, email or a phone call by someone impersonating a legitimate person or organization to deceive the user into revealing sensitive information.

What is phishing?

100

The practice of using coded algorithms to protect information so that only authorized individuals can read it.

What is cryptography?

100

A software update intentionally altered to include malware, spyware or other harmful code

What is a malicious update?

200

An attacker uses email to trick someone into sending money or divulging confidential company info

What is business email compromise?

200

False information that is spread on purpose to trick or mislead people

What is disinformation?

200

It uses voice communication technology to encourage users to divulge sensitive information.

What is vishing?

200

The point in time when a product, service, or process is no longer supported or produced.

What is end of life?

200

A form of malicious software that locks and encrypts a victim's device data, then demands money or something of value to restore access to the data.

What is ransomware?

300

It targets groups of users by infecting websites they commonly visit.

What is waterholing?

300

Errors or mistakes in the setup or configuration of hardware, software, networks or systems.

What is misconfiguration?

300

It uses text messages to trick people into sharing personal information or clicking a malicious link.

What is smishing?

300

The process of taking old applications or code and repurposing them for newer goals.

What is resource reuse?
300

When malicious scripts are injected into an otherwise trusted website

What is cross-site scripting?

400

This allows an attacker to break out of a virtual machine and gain authorized access to the host system.

What is VM escape?

400

When an attacker pretends to be someone else to gain unauthorized access to sensitive information or systems

What is impersonation?

400

The use of a fabricated story to gain a victim's trust and manipulate them into sharing sensitive information, downloading malware, or sending money to threat actors.

What is pretexting?

400
This uses a shared single key for both encryption and decryption.

What is symmetric cryptography?

400

An injection attack that makes it possible to execute malicious SQL statements

What is SQL injection?

500

It disguises itself as a legitimate software progam

What is a trojan horse?

500

When accurate information is shared to cause harm.

What is malinformation?
500

An application is loaded onto a mobile device without using the official app store or marketplace.

What is sideloading?

500

This uses one private key and one public key

What is asymmetric cryptography?

500

The process of removing software restrictions on devices to allow unauthorized applications and features.

What is jailbreaking?

M
e
n
u