You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Understanding how attackers operate is essential for building effective defences. This lesson covers the most common threat categories and attack techniques used in real-world cyber incidents.
Malware is malicious software designed to damage, disrupt, or gain unauthorised access to systems:
| Type | Behaviour | Example |
|---|---|---|
| Virus | Attaches to files and spreads when executed | ILOVEYOU |
| Worm | Self-replicating, spreads without user interaction | WannaCry, NotPetya |
| Trojan | Disguises itself as legitimate software | Emotet |
| Ransomware | Encrypts files and demands payment | LockBit, REvil, ALPHV |
| Spyware | Secretly monitors user activity | Pegasus |
| Adware | Displays unwanted advertisements | Fireball |
| Rootkit | Hides deep in the OS to maintain persistent access | ZeroAccess |
| Keylogger | Records keystrokes to steal credentials | HawkEye |
| Fileless malware | Lives in memory, no files on disk | PowerShell-based attacks |
Social engineering exploits human psychology rather than technical vulnerabilities:
| Type | Description |
|---|---|
| Phishing | Mass emails impersonating trusted entities |
| Spear phishing | Targeted emails directed at specific individuals |
| Whaling | Spear phishing targeting senior executives |
| Vishing | Voice phishing via phone calls |
| Smishing | SMS-based phishing |
| Business Email Compromise (BEC) | Impersonating a CEO or supplier to redirect payments |
| Technique | Description |
|---|---|
| Pretexting | Creating a fabricated scenario to extract information |
| Baiting | Leaving infected USB drives or offering fake downloads |
| Tailgating | Following an authorised person through a secure door |
| Quid pro quo | Offering something (e.g., IT support) in exchange for credentials |
| Watering hole | Compromising a website frequented by the target group |
Tip: Over 80% of breaches involve a human element. Security awareness training is one of the most effective defences against social engineering.
DoS attacks overwhelm a system to make it unavailable:
| Type | Method |
|---|---|
| Volumetric | Flood bandwidth with traffic (e.g., UDP flood, DNS amplification) |
| Protocol | Exploit protocol weaknesses (e.g., SYN flood, Ping of Death) |
| Application layer | Target specific services (e.g., HTTP flood, Slowloris) |
Botnet (thousands of compromised devices)
│ │ │
▼ ▼ ▼
┌─────────────────────────┐
│ Target Server │ ← Overwhelmed
└─────────────────────────┘
An attacker intercepts communication between two parties:
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.