I am here to learn from all of you about the various methods that can be employed to carry out security attacks within this discussion topic.
I only have the experience of learning “Phishing Attacks” in my workplace at the IT security awareness training by the IT professionals to raise awareness regarding our use of Microsoft email, as it directly pertains to our organization. We were educated that ‘Phishing’ involves the deceptive practice of sending emails or messages that impersonate reputable companies and legitimate institutions, with the intention of tricking individuals into divulging personal information, such as passwords and credit card numbers. It was noted that such security attacks pose significant risks to any organization, and we were encouraged to remain vigilant and promptly report any instances.
I also explored whether there are any other kinds of security attacks and noticed two things: the first one is “Zero-Day Exploit” which is noted as the attackers take advantage of vulnerabilities in software or hardware that are not yet known to the vendor or have not been patched, giving them a window of opportunity to attack. It is an attack that occurs before the software developer has had the opportunity to create and distribute a patch or fix for the vulnerability. Another interesting one is the “Supply Chain Attack”, in this type of attack, the attackers compromise the supply chain by introducing malicious components or software into products or services that organizations unknowingly deploy. These two would be also the possible means to conduct the security attack and we should remain informed about them.