Cybersecurity threat categories
Network Threats
- Malware transmision
- DoS
- DDoS
- Packet Sniffing
- MitM
- Network Scanning
- Eavesdropping
- DNS Spoofing and Poisoning
- Phishing
Host Threats
- Malware Infection
- Ransomware
- Unauthorized access
- Brute force attacks
- insider threats
- unauthorized configuration changes
- phisical threft or tampering
- Rootkits and backdors
- privilege escalation
- fileless attacks
Application Threats
- SQL Injection
- XSS
- CSRF
- Code injection
- Application & API vulns
- zero day vulns
- API Issues
- software supply chain attacks
- broken authentication and session management
- Security misconfiguration
Cyber killchain methodology
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- C&C
- Actions on objectives
TTPs
Tacticas
Es el patron que el adversario utilizo para comprometer el equipo.
Tecnicas
- Son los metodos tecnicos que utilizo el adversario para el ataque
- Las tecnicas incluye la explotacion inicial , configuracion el comando y control,