10.

Malvertising
Malvertising is a technique cybercriminals use to inject malicious code into legitimate online
advertising networks and web pages. This code typically redirects users to malicious websites
or installs malware on their computers or mobile devices. Users' machines may get infected
even if they don't click on anything to start the download. Cybercriminals may use malvertising
to deploy a variety of moneymaking malware, including cryptomining scripts, ransomware and
banking Trojans.

Malvertising can also install viruses and other malicious software on your computer. You might
not even know that this malware is there. But hackers might use it to track your keystrokes, steal
your passwords or take over your computer.

9. Advanced persistent threat attacks

An advanced persistent threat (APT) is a targeted cyberattack in which an unauthorized intruder
penetrates a network and remains undetected for an extended period of time. Rather than
causing damage to a system or network, the goal of an APT attack is to monitor network activity
and steal information to gain access, including exploit kits and malware. Cybercriminals typically
use APT attacks to target high-value targets, such as large enterprises and nation-states,
stealing data over a long period.

An APT is a specific targeted and sophisticated attack that keeps coming after the victim and is
not easily stopped by a defensive program. Everyone is at risk for these attacks, and they make
it necessary to prevent, detect and respond to attacks on a timely basis to ensure the
confidentiality, integrity and availability of critical data.

8. Exploit kits
An exploit kit is a programming tool that enables a person without any experience writing
software code to create, customize and distribute malware. Exploit kits are known by a variety of
names, including infection kit, crimeware kit, DIY attack kit and malware toolkit. Cybercriminals
use these toolkits to attack system vulnerabilities to distribute malware or engage in other
malicious activities, such as stealing corporate data, launching denial of service attacks or
building botnets.

An exploit is a code that takes advantage of a software vulnerability or security flaw. When
used, exploits allow an intruder to remotely access a network and gain elevated privileges, or
move deeper into the network. In some cases, an exploit can be used as part of a
multi-component attack.

7. Ransomware
In a ransomware attack, the victim's computer is locked, typically by encryption, which keeps the
victim from using the device or data that's stored on it. To regain access to the device or data,
the victim has to pay the hacker a ransom, typically in a virtual currency such as Bitcoin.
Ransomware can be spread via malicious email attachments, infected software apps, infected
external storage devices and compromised websites.
Ransomware is a form of malware that encrypts a victim's files. The attacker then demands a
ransom from the victim to restore access to the data upon payment. Users are shown
instructions for how to pay a fee to get the decryption key.

6. Distributed denial-of-service (DDoS) attacks

In a distributed denial-of-service (DDoS) attack, multiple compromised machines attack a target,
such as a server, website or other network resource, making the target totally inoperable. The
flood of connection requests, incoming messages or malformed packets forces the target
system to slow down or to crash and shut down, denying service to legitimate users or systems.

DDoS attacks cannot steal website visitors information. The sole purpose of a DDoS attack is to
overload the website resources. However, DDoS attacks can be used as a way of extortion and
blackmailing. For example, website owners can be asked to pay a ransom for attackers to stop
a DDoS attack.

5. Phishing attacks
Phishing attacks are a type of information security threat that employs social engineering to trick
users into breaking normal security practices and giving up confidential information, including
names, addresses, login credentials, Social Security numbers, credit card information and other
financial information. In most cases, hackers send out fake emails that look as if they're coming
from legitimate sources, such as financial institutions, eBay, PayPal -- and even friends and
colleagues.

In phishing attacks, hackers attempt to get users to take some recommended action, such as
clicking on links in emails that take them to fraudulent websites that ask for personal information
or install malware on their devices. Opening attachments in emails can also install malware on
users' devices that are designed to harvest sensitive information, send out emails to their
contacts or provide remote access to their devices.

4. Drive-by download attacks

In a drive-by download attack, malicious code is downloaded from a website via a browser,
application or integrated operating system without a user's permission or knowledge. A user
doesn't have to click on anything to activate the download. Just accessing or browsing a website
can start a download. Cybercriminals can use drive-by downloads to inject banking Trojans,
steal and collect personal information as well as introduce exploit kits or other malware to
endpoints.

3. Botnets
A botnet is a collection of Internet-connected devices, including PCs, mobile devices, servers
and IoT devices that are infected and remotely controlled by a common type of malware.
Typically, the botnet malware searches for vulnerable devices across the internet. The goal of
the threat actor creating a botnet is to infect as many connected devices as possible, using the
computing power and resources of those devices for automated tasks that generally remain
hidden to the users of the devices. The threat actors -- often cybercriminals -- that control these
botnets use them to send email spam, engage in click fraud campaigns and generate malicious
traffic for distributed denial-of-service attacks.

2. Viruses and worms

Viruses and worms are malicious software programs (malware) aimed at destroying an
organization's systems, data and network. A computer virus is a malicious code that replicates
by copying itself to another program, system or host file. It remains dormant until someone
knowingly or inadvertently activates it, spreading the infection without the knowledge or
permission of a user or system administration.

A computer worm is a self-replicating program that doesn't have to copy itself to a host program
or require human interaction to spread. Its main function is to infect other computers while
remaining active on the infected system. Worms often spread using parts of an operating
system that are automatic and invisible to the user. Once a worm enters a system, it
immediately starts replicating itself, infecting computers and networks that aren't adequately
protected.

1. Insider threats
An insider threat occurs when individuals close to an organization who have authorized access
to its network intentionally or unintentionally misuse that access to negatively affect the
organization's critical data or systems.

Zombies – They work similar to Spyware. Infection mechanism is same but they don’t spy and
steal information rather they wait for the command from hackers.

Scareware – It masquerades as a tool to help fix your system but when the software is executed
it will infect your system or completely destroy it. The software will display a message to frighten
you and force to take some action like pay them to fix your system.

Spyware – It is a program or we can say a software that monitors your activities on computer
and reveal collected information to interested party. Spyware are generally dropped by Trojans,
viruses or worms. Once dropped they installs themselves and sits silently to avoid detection.

One of the most common example of spyware is KEYLOGGER. The basic job of keylogger is to
record user keystrokes with timestamp. Thus capturing interesting information like username,
passwords, credit card details etc.

Adware – Adware is not exactly malicious but they do breach privacy of the users. They display
ads on computer’s desktop or inside individual programs. They come attached with free to use
software, thus main source of revenue for such developers. They monitor your interests and
display relevant ads. An attacker can embed malicious code inside the software and adware
can monitor your system activities and can even compromise your machine.

Trojan – The Concept of Trojan is completely different from the viruses and worms. The name
Trojan derived from the ‘Trojan Horse’ tale in Greek mythology, which explains how the Greeks
were able to enter the fortified city of Troy by hiding their soldiers in a big wooden horse given to
the Trojans as a gift. The Trojans were very fond of horses and trusted the gift blindly. In the
night, the soldiers emerged and attacked the city from the inside.

Their purpose is to conceal themselves inside the software that seem legitimate and when that
software is executed they will do their task of either stealing information or any other purpose for
which they are designed.

Social Engineering – is the art of manipulating people so that they give up their confidential
information like bank account details, password etc. These criminals can trick you into giving
your private and confidential information or they will gain your trust to get access to your
computer to install a malicious software- that will give them control of your computer. For
example email or message from your friend, that was probably not sent by your friend. Criminal
can access your friends device and then by accessing the contact list he can send infected
email and message to all contacts. Since the message/ email is from a known person recipient
will definately check the link or attachment in the message, thus unintentionally infecting the
computer.

Social media attacks – In this cyber criminals identify and infect a cluster of websites that
persons of a particular organisation visit, to steal information.

Identity theft means to act someone else to obtain person’s personal information or to access
vital information they have like accessing the computer or social media account of a person by
login into the account by using their login credentials.

4. Machine Learning Poisoning

If a hacker targets a machine learning model and injects instructions into it, the system becomes
vulnerable to attacks. Machine learning models typically use data that is crowd-sourced or taken
from social media. They also exploit user-generated information such as satisfaction ratings,
purchasing histories, or web traffic. Cybercriminals engaging in MI poisoning could potentially
use malicious samples or introduce backdoors or Trojans to poison training sets and
compromise the system

Homograph attacks—attackers create fake websites with very similar web addresses to a
legitimate website. Users access these fake websites without noticing the slight difference in
URL, and may submit their credentials or other sensitive information to an attacker.