Types of Cyber Threats | Cyber Security Tutorial - Learn with VOKS
Advance AI Bootstrap C C++ Computer Vision Content Writing CSS Cyber Security Data Analysis Deep Learning Email Marketing Excel Figma HTML Java Script Machine Learning MySQLi Node JS PHP Power Bi Python Python for AI Python for Analysis React React Native SEO SMM SQL
Back Next
Cyber Security
01. Introduction 02. Types of Cyber Threats 03. Cyber Security Domains 04. CIA Triad (Confidentiality Integrity Availability) 05. Career paths in Cyber Security 06. Certifications 07. Ethics and Responsible Disclosure 08. Laws and Regulation (e.g. GDPR, NDPR) 09. What is an OS? 10. Types: Window, Linus, macOS 11. Command-line vs GUI 12. OS Internals Overview (filesystems, processes, permissions) 13. Windows command prompt basics 14. Linux Bash Basics 15. File System Navigation 16. Basic Scripting 17. IP Addressing 18. DNS, DHCP 19. Mac Address 20. OSI VS TCP/IP Models 21. Ports and Protocols (TCP, UDP) 22. Common Protocols (HTTPS, FTP, SSH, etc.) 23. Packet structure 24. Firewalls, IDS/IPS, VPNs 25. Common attacks: MITM, Sniffing 26. Secure Network Practices 27. How the Web works 28. HTTP vs HTTPS 29. URLs, Headers, Cookies 30. Client-Server Architecture 31. Introduction To Web Security 32. OWASP Top 10 Overview 33. Common Threats (XSS, SQLi, CSRF) 34. Inpute validation and authentication flow 35. Basic Exploitation demo (e.g. XSS) 36. Burp Suite Introduction 37. Using a Browser For Testing 38. Password security 39. MFA-Antivirus 40. Cyber Hygeine Practice 41. Intro To Tools: Nmap, Wireshark, Netstat

Types of Cyber Threats

1. Malware (Malicious Software)

Malware means “malicious software.” It’s any software designed to harm your computer or steal information.

Types of Malware:

a) Virus

A virus attaches itself to a legitimate file and spreads when that file is opened.

Example: You download a free game. When you open it, it infects your computer and spreads to other files.

b) Worm

A worm spreads automatically across networks without needing you to click anything.

Example: It infects one computer and then spreads to others on the same Wi-Fi.

c) Trojan Horse

A Trojan pretends to be something useful but contains hidden malware.

Example: A fake “Free Antivirus” app that secretly steals your passwords.

d) Ransomware

Ransomware locks your files and demands money to unlock them.

Famous example:

  • WannaCry – infected hundreds of thousands of computers worldwide.

e) Spyware

Spyware secretly monitors what you do on your computer.

Example: Recording your keystrokes to steal passwords.

2. Phishing

Phishing is when attackers trick you into giving sensitive information (like passwords or credit card numbers).

They usually pretend to be trusted organizations like:

  • PayPal
  • Amazon
  • Microsoft

Example Phishing Email:

Subject: Urgent! Your Account Has Been Suspended

Dear User,
We detected suspicious activity. Click the link below to verify your account immediately:
http://fake-login-page.com

Failure to verify will result in permanent suspension.

⚠️ The link looks official but leads to a fake website.

3. Denial-of-Service (DoS) Attacks

A DoS attack floods a website with too much traffic so it crashes.

When many computers are used together, it’s called a DDoS (Distributed Denial-of-Service) attack.

Example: Thousands of fake users try to open a website at once, making it unavailable.

4. Man-in-the-Middle (MITM) Attack

In a MITM attack, a hacker secretly intercepts communication between two parties.

Example:

You connect to free public Wi-Fi at a café.

A hacker intercepts your login information while you check your bank account.

5. SQL Injection

This attack targets websites that use databases.

Attackers insert malicious SQL code into a login or search form.

Example of Vulnerable Code:

$username = $_POST['username'];
$password = $_POST['password'];

$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";

⚠️ Problem: The code directly inserts user input into the SQL query.

An attacker could enter:

' OR '1'='1

This could allow them to log in without a password.

6. Cross-Site Scripting (XSS)

XSS happens when attackers inject malicious JavaScript into a website.

Example:

<input type="text" name="comment">

If not protected, someone could enter:

<script>alert("Hacked!");</script>

When others visit the page, the script runs in their browser.

7. Zero-Day Exploit

A Zero-Day exploit attacks a software vulnerability that developers don’t know about yet.

Because there is no patch available, it’s very dangerous.

8. Insider Threat

An insider threat comes from someone inside the organization:

  • Employee
  • Contractor
  • Business partner

They may:

  • Leak sensitive data
  • Delete important files
  • Sell company secrets

9. Password Attacks

Attackers try to guess or steal passwords.

Types:

  • Brute-force attack (trying many combinations)
  • Dictionary attack (using common passwords)
  • Credential stuffing (using leaked passwords)

10. Advanced Persistent Threat (APT)

An APT is a long-term targeted attack.

Attackers:

  • Break into a network
  • Stay hidden
  • Steal data over time

These are often carried out by highly skilled groups.

How to Protect Yourself

Here are basic security practices:

Use strong passwords

Enable two-factor authentication

Keep software updated

Don’t click suspicious links

Use antivirus software

Avoid public Wi-Fi for sensitive tasks

Compilation of All Code Blocks (Combined)

Below is all the example code combined into one single block as requested:

// ------------------------
// Example 1: Phishing Email (Text Example)
// ------------------------
Subject: Urgent! Your Account Has Been Suspended

Dear User,
We detected suspicious activity. Click the link below to verify your account immediately:
http://fake-login-page.com

Failure to verify will result in permanent suspension.


// ------------------------
// Example 2: Vulnerable PHP Code (SQL Injection)
// ------------------------
$username = $_POST['username'];
$password = $_POST['password'];

$query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";


// ------------------------
// Example 3: XSS Example
// ------------------------
<input type="text" name="comment">

<script>alert("Hacked!");</script>


Example Code:
<br />
<b>Deprecated</b>:  htmlspecialchars(): Passing null to parameter #1 ($string) of type string is deprecated in <b>/home/voksinst/tutorials.voksinstitute.com/admin/topics.php</b> on line <b>265</b><br />
Cyber Security
Introduction Types of Cyber Threats Cyber Security Domains CIA Triad (Confidentiality Integrity Availability) Career paths in Cyber Security Certifications Ethics and Responsible Disclosure Laws and Regulation (e.g. GDPR, NDPR) What is an OS? Types: Window, Linus, macOS Command-line vs GUI OS Internals Overview (filesystems, processes, permissions) Windows command prompt basics Linux Bash Basics File System Navigation Basic Scripting IP Addressing DNS, DHCP Mac Address OSI VS TCP/IP Models Ports and Protocols (TCP, UDP) Common Protocols (HTTPS, FTP, SSH, etc.) Packet structure Firewalls, IDS/IPS, VPNs Common attacks: MITM, Sniffing Secure Network Practices How the Web works HTTP vs HTTPS URLs, Headers, Cookies Client-Server Architecture Introduction To Web Security OWASP Top 10 Overview Common Threats (XSS, SQLi, CSRF) Inpute validation and authentication flow Basic Exploitation demo (e.g. XSS) Burp Suite Introduction Using a Browser For Testing Password security MFA-Antivirus Cyber Hygeine Practice Intro To Tools: Nmap, Wireshark, Netstat
All Courses
Advance AI Bootstrap C C++ Computer Vision Content Writing CSS Cyber Security Data Analysis Deep Learning Email Marketing Excel Figma HTML Java Script Machine Learning MySQLi Node JS PHP Power Bi Python Python for AI Python for Analysis React React Native SEO SMM SQL