Personal tools

Current Top Cybersecurity Threats

Vienna_Austria_Jacek_Dylag_101020A
[Vienna, Austria - Jacek Dylag]
  

- Overview

Cybersecurity threats have changed rapidly in recent years, with critical infrastructure being a primary target for malicious actors.

Cybersecurity threats can be classified into four categories: direct, indirect, veiled, or conditional. 

  • Direct: A direct-access attack is a cyber attack where a hacker can access a computer and download data directly. Hackers can also modify software and add key loggers or worms to compromise security. Direct attack vectors are when the threat actor attacks the target directly. Phishing and malware are examples of direct attack vectors.
  • Indirect: Indirect cybersecurity threats are when cyber criminals use intermediary sources to steal, disrupt, or destroy data. For example, an indirect attack could involve using a vulnerability in an internet browser to exploit vulnerabilities in another system. Another example is exploiting a website's vulnerabilities to gain access to usernames, passwords, and email addresses. The business impact of an indirect attack is mainly measured in cost.
  • Veil: Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil-Evasion is a pen-testing tool that can bypass an antivirus scanner on a target system. It can create a randomized exploit version that is more likely to avoid detection. 
  • Conditional: Conditional access is a security feature that uses signals from various sources to determine the trustworthiness of a user or device before allowing access to data. Conditional access policies can help prevent cyber security threats, such as unauthorized access and malware attacks. 

 

- Current Top Cybersecurity Threats

Some current (2024) top cybersecurity threats for 2024 include: 

  • Ransomware
  • OT-IT security
  • Dark Web
  • Malware as a service and hackers-for-hire


Some other cybersecurity threats include: 

  • Phishing
  • Data breaches
  • Social engineering
  • Cloud vulnerabilities
  • Configuration mistakes
  • Poor cyber hygiene
  • Mobile device vulnerabilities
  • Internet of Things
  • Poor data management
  • Inadequate post-attack procedures


Some common types of cyber attacks include: 

  • Malware
  • Denial-of-Service (DoS) attacks
  • Phishing
  • Spoofing
  • Identity-based attacks
  • Code injection attacks
  • Supply chain attacks
  • Insider threats


Some cybersecurity vulnerabilities include: 

  • Zero day
  • Remote code execution (RCE)
  • Poor data sanitization
  • Unpatched software
  • Unauthorized access
  • Misconfiguration
  • Credential theft
  • Vulnerable APIs

 

 

[More to come ...]

 

 

Document Actions