There are many types of exploits cyber criminals can use for various nefarious purposes. These exploits are vastly different in terms of how they work but the one common denominator between them is they all exploit vulnerable systems within the technology we use every day. Some exploits can be defined by the intended purpose of the attacks (Such as Denial of Service attacks” while others are defined by the unique software and online vulnerabilities they exploit. Here is a list and brief explanation of some of the most common types of exploits.
SQL injections: This type of attack involves hackers injecting SQL code into a Web form input box. This can allow them access to unauthorized data and can even allow them to perform unauthorized actions within the sites database.
Cross-site request forgery(XCRF/CSRF): This method involves using compromised user identities to post unauthorized data, modify firewall settings, or even make unauthorized financial transactions all without the knowledge of the compromised website user.
Cross-site scripting(XSS): This attack involved injecting data into legitimate websites. This allows the hacker to execute scripts within the website users internet browser.
Malicious advertisements: These advertisements exploit the ad space of legitimate websites to inject malware into the users systems.
Phishing: This is a form of fraud where the attacker pretends to be a legitimate website or person. They trick people into clicking malicious links that extract passwords, emails, or financial information from the victim.
Buffer overflow: This type of attack involves a hacker attempting to write more data to block memory than it is allocated to hold. This can overwrite data and allow the hacker to crash or control a process within the program that’s being attacked.
Denial-of-service attack (DoS): DoS attacks involve the hacker “flooding” website servers with traffic to overload them and stop legitimate users from being able to access the sites.
Written by: James Sheehy