Attack and Hack - H  Databáze  Abecedně  ATT&CK Matrix for Enterprise  PRE-ATT&CK Techniques  Mobile Techniques   


ALL  2021  2020  2019  2018  2017  2016  2015  2014

Datum

Název

CATEGORY

Typ

Info

27.6.21 SSL Stripping Attacks Attack SSL AttackStripping away the encryption offered by HTTPS, called SSL Strip, is a serious cyber threat to many corporations since their employees are constantly on the move and require access to Internet on-the-go even through open non-secure Wi-Fi hotspots. Once attackers gain access to a network, they can act as a Man-in-the-Middle (MITM) to intercept connections over the network.
27.6.21 Fragment Attack Attack Wifi AttackIn the last few years, major improvements have been made to the security of Wi-Fi. Most notably this includes the discovery and prevention of key reinstallation in WPA2, and the standardization of WPA3 which, among other things, prevents offline dictionary attacks.
6.3.21 SIM swap scam Attack SIM SPAM

A SIM swap scam (also known as port-out scam, SIM splitting, Smishing and simjacking, SIM swapping) is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.

22.2.21 TDoS Attack VoIP DoS Telephony denial of service (TDoS) is a type of denial of service (DoS) attack in which the attackers launch high volume of calls and keeping those calls active for as long as possible against the target network, preventing legitimate calls to come in.
20.2.21 Malformed URL Prefix Phishing Attacks Attack Phishing Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said. Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks using “malformed URL prefixes” to evade protections and deliver phishing emails that look legit
20.2.21 The EMV Standard: Break, Fix, Verify Attack Credit CardEMV is the international protocol standard for smartcard payment and is used in over 9 billion cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws that are hard to spot in EMV’s lengthy and complex specification, running over 2,000 pages.
20.2.21 Card Brand Mixup Attack: Bypassing the PIN in non-Visa Cards Attack Credit CardMost EMV transactions require online authorization by the card issuer. Namely, the merchant’s payment terminal sends an authorization request to the card issuer over a payment network, typically operated by the company that brands the card such as Visa or Mastercard.