Attack and Hack - H Databáze Abecedně ATT&CK Matrix for Enterprise PRE-ATT&CK Techniques Mobile Techniques
ALL 2021 2020 2019 2018 2017 2016 2015 2014
Datum | Název | CATEGORY | Typ | Info |
27.6.21 | SSL Stripping Attacks | Attack | SSL Attack | Stripping away the encryption offered by HTTPS, called SSL Strip, is a serious cyber threat to many corporations since their employees are constantly on the move and require access to Internet on-the-go even through open non-secure Wi-Fi hotspots. Once attackers gain access to a network, they can act as a Man-in-the-Middle (MITM) to intercept connections over the network. |
27.6.21 | Fragment Attack | Attack | Wifi Attack | In the last few years, major improvements have been made to the security of Wi-Fi. Most notably this includes the discovery and prevention of key reinstallation in WPA2, and the standardization of WPA3 which, among other things, prevents offline dictionary attacks. |
6.3.21 | SIM swap scam | Attack | SIM SPAM | A SIM swap scam (also known as port-out scam, SIM splitting, Smishing and simjacking, SIM swapping) is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone. |
22.2.21 | TDoS | Attack | VoIP DoS | Telephony denial of service (TDoS) is a type of denial of service (DoS) attack in which the attackers launch high volume of calls and keeping those calls active for as long as possible against the target network, preventing legitimate calls to come in. |
20.2.21 | Malformed URL Prefix Phishing Attacks | Attack | Phishing | Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said. Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using “malformed URL prefixes” to evade protections and deliver phishing emails that look legit |
20.2.21 | The EMV Standard: Break, Fix, Verify | Attack | Credit Card | EMV is the international protocol standard for smartcard payment and is used in over 9 billion cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws that are hard to spot in EMV’s lengthy and complex specification, running over 2,000 pages. |
20.2.21 | Card Brand Mixup Attack: Bypassing the PIN in non-Visa Cards | Attack | Credit Card | Most EMV transactions require online authorization by the card issuer. Namely, the merchant’s payment terminal sends an authorization request to the card issuer over a payment network, typically operated by the company that brands the card such as Visa or Mastercard. |