Cyber-attack is an attempt by individuals to breach the data and information of other individuals or organizations. Cyber-attacks are of various types which include, Man-In-The-Middle Attacks, SQL injection threats, Password attacks, Ransomware attacks, Eavesdropping attacks, Driven-by-attack, AI-powered attacks, Distributed Denial of Service attacks, Cross-site scripting, and phishing.
A man-in-the-middle (MITM) attack is one of the types of cyber-attacks where a middleman positions himself in a conversation between a user and an application either to capture data or either to act as any one of the parties and deceive the other.
SQL injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. In most cases, it enables an attacker to view data that they would not typically be able to access.
Password attack is a common attack vector used to bypass or exploit the authentication of user accounts.
Ransomware is malware designed to prevent a user or organization access to files on their computer.
An eavesdropping attack occurs when a hacker intercepts, deletes, or modifies data that is transmitted between two devices.
A drive-by download is a cyber-attack that unintentionally downloads malicious code onto a computer or mobile device that exposes the users to different threats
AI can be used to breach security systems, steal critical data from organizations, and even impersonate users.
It is a cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites.
Cross-site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website.
Phishing is the most common type of social engineering, the practice of deceiving, pressuring, or manipulating people into sending information or assets to the wrong people.
Chatgpt was a public discourse for months but in late March, ChatGPT announced that they experienced a data breach. A representative from OpenAI, a parent company of ChatGPT said, "Some users could see the first and last name, email address, payment address, and the last four digits of a credit card number and expiration date. However, the full credit card numbers were not exposed at any time.
A data breach was confirmed by a popular fast food chain Chick-fil-A. The data breach of their mobile app exposed customers' personal information. The company noticed unusual login activity and identified that the cyber-attack occurred within the first few months of 2023. Information like membership numbers, names, emails, addresses, etc. However, the breached data accounts for less than 2%.
Activision- a video game publisher confirmed that they suffered a data breach in December. The attack used by the hacker was an SMS phishing attack on an HR employee to gain access to employee data, including emails, cell phone numbers, salaries, and work location. In addition, a security research group reported after investigating the breach that the hacker also gained access to gaming companies' 2023 release schedules.
Google fi- an MVNO telecommunications service provider reported a data breach that intended to deceive users into clicking links that would allow hackers to access the information. The cyber-attack at Google fi was a consequence of a data breach that occurred at T-Mobile because Google managed the data on T-Mobile's network.
An email marketing platform MailChimp recently issued a notice to its customers that they suffered a data breach caused by a social engineering attack that allowed unauthorized users into an internal customer support tool. Through this attack the hackers gained access to employee information and credentials however, such accounts were identified by the company and suspended.
Norton Life Lock suffered a data breach recently due to a stuffing attack which occurs when previously compromised passwords are used to hack into accounts that use a shared password. They sent an alert to their customers that more than 6,000 accounts were breached and Gen Digital a parent company of Norton Life Lock also sent the notice to accounts they believe could have been compromised and recommended changing passwords and enabling two-factor authentication.
Electric, 2023. High-Profile Company Data Breaches 2023
Biju, J.M., Gopal, N., Prakash, A.J., 2019. Cyberattacks and their different types.
