Attack Types (CAoE)

1234567891011121314151617181920212223242526272829303132
Across
  1. 1. A computer controlled by an attacker or cybercriminal which is used to send commands to systems compromised by malware and receive stolen data from a target network
  2. 4. An attack on passwords or encryption that tries every possible password or encryption key.
  3. 5. Attempts to fool AI models by supplying it with deceptive input. When successful it can cause an error or malfunction in the AI model.
  4. 6. a physical device that contains malicous PDFs, files, etc that could be harmful to your computer, older systems would automatically upload from this physical device without user consent
  5. 7. When the encrypted hashes of two different strings are the same
  6. 8. Cloud: Offsite, usually managed by third party, lower cost, no data centers, limited downtime
  7. 9. A type of password attack that exploits weaknesses in the mathematical algorithms used to encrypt passwords, in order to take advantage of the probability of different password inputs producing the same encrypted output.
  8. 13. A type of password attack that automates password guessing by comparing encrypted passwords against a predetermined list of possible password values.
  9. 15. a type of malicious software that runs in memory. Some techniques used are memory code injection, script-based techniques, and windows registry manipulation.
  10. 19. Software robots that function automatically. A botnet is a group of computers that are joined together. Attackers often use malware to join computers to a botnet, and then use the botnet to launch attacks.
  11. 22. An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.
  12. 25. includes a wide range of software that has malicious intent. Installed on a system through devious means.
  13. 26. a type of malicious software designed to block access to a computer system until a sum of money is paid.
  14. 27. A string of code embedded into an application or script that will execute in response to an event.
  15. 30. typically looks like something beneficial, but it's actually something malicious. Can come as pirated software, a useful utility, or a game.
  16. 31. software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don't know that your actions are being monitored.
Down
  1. 2. A USB cable embedded with a Wi-Fi controller that can receive commands from a nearby device to send malicious commands to the connected mobile device.
  2. 3. attempts to discover a password from a captured database or a captured packet scan.
  3. 10. Providing bad data to a machine learning algorithm in order to force the algorithm to give inconsistent results
  4. 11. An attempt to exploit a weakness/vulnerability in the process that produces a service.
  5. 12. a self-replicating program able to propagate itself across a network, typically having a detrimental effect.
  6. 14. attempts to discover a password from an online system.
  7. 16. a special class of adware that collects data about the user and transmits it over the Internet without the user's knowledge or permission
  8. 17. A table of hash values and their corresponding plaintext values can be used to look up password values if an attacker is able to steal a system's encrypted password file.
  9. 18. a type of malware that allows attackers to control systems from remote locations. Often delivered by drive-by-downloads or malicious attachments in emails.
  10. 20. Software that cannot definitively be classed as malicious, but may not have been chosen by or wanted by the user.
  11. 21. capturing credit card data at the point of sale
  12. 23. provides another way of accessing a system; bypass normal authentication methods; allow attackers to access systems from remote locations
  13. 24. A set of programs that enables its user to gain administrator level access to a computer without the end user's consent or knowledge.
  14. 28. on-site, full control of data, system check can occur at anytime, high cost and time consumption
  15. 29. acquired information from a skimmer that can be made into a duplicate card, most commonly found when duplicating gift cards, can't duplicate chips, only magnetic strips
  16. 32. A Special type of brute force or dictionary attack designed to avoid being locked out.