Tag Archives: less common security attacks

Most common and least known security attacks

There are a few most common and popular security attacks known by every security professional. However, Some cybersecurity attacks which are least known by newbies like me. So I thought about blogging a list of cyber-attacks in this post.

Most Common & Popular types cyber attacks.

Least know types of cyber attacks by newbies

Man-in-the-browser attack

The Man-in-the-Browser attack is the same approach as Man-in-the-middle attack, but in this case a Trojan Horse is used to intercept and manipulate calls between the main application’s executable (ex: the browser) and its security mechanisms or libraries on-the-fly.

The most common objective of this attack is to cause financial fraud by manipulating transactions of Internet Banking systems, even when other authentication factors are in use. A previously installed Trojan horse is used to act between the browser and the browser’s security mechanism, sniffing or modifying transactions as they are formed on the browser, but still displaying back the user’s intended transaction.

Pass the hash Attack

A Pass-the-Hash (PtH) attack is a technique whereby an attacker captures a password hash (as opposed to the password characters) and then simply passes it through for authentication and potentially lateral access to other networked systems. The threat actor doesn’t need to decrypt the hash to obtain a plain text password. PtH attacks exploit the authentication protocol, as the passwords hash remains static for every session until the password is rotated. Attackers commonly obtain hashes by scraping a system’s active memory and other techniques.


Initialization Vector (IV) Attack

An initialization vector (IV) attack is an attack on wireless networks. It modifies the IV of an encrypted wireless packet during transmission. Once an attacker learns the plaintext of one packet, the attacker can compute the RC4 key stream generated by the IV used. This key stream can then be used to decrypt all other packets that use the same IV. Since there is only a small set of possible initialization vectors, attackers can eventually build a decryption table to decrypt every packet sent over that wireless connection.

POODLE attack

A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the name of the vulnerability that enables the exploit.

POODLE can be used to target browser-based communication that relies on the Secure Sockets Layer (SSL) 3.0 protocol for encryption and authentication. The Transport Layer Security (TLS) protocol has largely replaced SSL for secure communication on the Internet, but many browsers will revert to SSL 3.0 when a TLS connection is unavailable. An attacker who wants to exploit POODLE takes advantage of this by inserting himself into the communication session and forcing the browser to use SSL 3.0.

xmas attack

Christmas Tree Attack is a very well known attack that is designed to send a very specifically crafted TCP packet to a device on the network. This crafting of the packet is one that turns on a bunch of flags. There is some space set up in the TCP header, called flags. https://www.professormesser.com/security-plus/sy0-401/christmas-tree-attack-2/

fuzz test attack

Fuzz testing (fuzzing) is a quality assurance technique used to discover coding errors and security loopholes in software, operating systems or networks. It involves inputting massive amounts of random data, called fuzz, to the test subject in an attempt to make it crash.

Bluesnarfing attack

Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant).


Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

Downgrade attack

A downgrade attack is a form of cyber attack in which an attacker forces a network channel to switch to an unprotected or less secure data transmission standard. Downgrading the protocol version is one element of man-in-the-middle type attacks, and is used to intercept encrypted traffic. An example of a downgrade attack might be redirecting a visitor from an HTTPS version of a resource to an HTTP copy.

Evil twin Attack

An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. The evil twin is the wireless LAN equivalent of the phishing scam. https://null-byte.wonderhowto.com/how-to/hack-wi-fi-stealing-wi-fi-passwords-with-evil-twin-attack-0183880/

Smurf attack

A Smurf attack is a distributed denial-of-service (DDoS) attack in which an attacker attempts to flood a targeted server with Internet Control Message Protocol (ICMP) packets. By making requests with the spoofed IP address of the targeted device to one or more computer networks, the computer networks then respond to the targeted server, amplifying the initial attack traffic and potentially overwhelming the target, rendering it inaccessible. This attack vector is generally considered a solved vulnerability and is no longer prevalent.


Wireless disassociation attack

Many attacks against wireless encryption…require that the attacker collect a large number…of authentication attempts from wireless clients.…Disassociation attacks speed up this time-consuming process.…They may also be used in denial of service attacks…against wireless network.…In an earlier video, I described how attacks…against WEP and WPA require the attacker to collect…information from a large number of wireless…client authentication attempts.…Normally, once a client connects to a network,…it continues to use that wireless network…for an extended period of time without re-authenticating.…

For example, a client might re-authenticate…only once or twice every hour.…On a low-traffic network, this means that it can take…quite a bit of time before an attacker is able…to gather enough information to conduct an attack.…The WiFi standard provides access points with the means…to immediately disconnect devices from the network.