Backdoors and Trapdoors
These are hidden methods used to bypass normal security procedures by creating undocumented access points into a network. One type is often added by system owners for convenience, while the other may be deliberately embedded or accidentally left open due to software flaws. Though not attacks themselves, they can be exploited to gain unauthorized access and launch malicious actions.
Covert Channels
These are techniques for transmitting information through methods not originally designed for communication by system developers. Although they don’t exceed authorized access levels, they violate security policies by enabling data exchange in small, concealed fragments. There are two main types, categorized by how the hidden information is embedded.
Buffer Overflows
This vulnerability occurs when a program’s temporary storage area is overwhelmed with more input than it was designed to handle. The excess data can overwrite adjacent memory, potentially causing the application to crash or behave unpredictably. Attackers may exploit this flaw to inject harmful code or gain control of the system
Man in the Middle
This type of attack involves an adversary secretly intercepting communications between two parties, pretending to be a trusted participant in the exchange. As data flows between the original parties, the attacker can read, alter, or redirect the information without detection.
Port Scanning
This technique involves scanning a network to identify open communication endpoints. Attackers use it to detect vulnerabilities that could allow unauthorized access into an organization’s systems. It’s a common reconnaissance method used before launching more invasive attacks.
Reverse Shell Attacks
This type of cyberattack involves a victim’s machine initiating outbound communication to an external adversary. Because the connection originates from inside the network, it bypasses typical firewall protections. Once the link is established, the attacker can remotely control the compromised system without triggering standard security filters.
Replay Attacks
This attack involves intercepting secure network communications and then resending the captured messages to the original recipient. By replaying the data, the attacker can gain access to protected systems or information—without needing to decrypt the original message—because the system treats the replayed message as legitimate.
Return Attacks
This advanced attack technique chains together small fragments of legitimate system code to perform malicious actions. Each fragment ends with a specific instruction that triggers the next one in the sequence, allowing the attacker to execute complex operations without injecting new code.
