# The Complete Cyberattacks Glossary

A comprehensive index of modern cyberattacks: what they are, how they work, and why they matter.

## Identity & Credential Abuse

Attacks targeting user identities, passwords, and authentication systems to gain unauthorized access.

- [Phishing](https://www.manageengine.com/products/desktop-central/attack-glossary/phishing.html)
- [Spear Phishing](https://www.manageengine.com/products/desktop-central/attack-glossary/spear-phishing.html)
- [Whale Phishing](https://www.manageengine.com/products/desktop-central/attack-glossary/whale-phishing.html)
- [Brute Force Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/brute-force-attack.html)
- [Business Email Compromise](https://www.manageengine.com/products/desktop-central/attack-glossary/business-email-compromise.html)
- [Privileged User Compromise](https://www.manageengine.com/products/desktop-central/attack-glossary/privileged-user-compromise.html)
- [Web session cookie theft](https://www.manageengine.com/products/desktop-central/attack-glossary/web-session-cookie-theft.html)

## Endpoint Abuse

Threats targeting endpoints such as desktops, laptops, and mobile devices to compromise or control them.

- [Malware](https://www.manageengine.com/products/desktop-central/attack-glossary/malware.html)
- [Ransomware](https://www.manageengine.com/products/desktop-central/attack-glossary/ransomware.html)
- [Spyware](https://www.manageengine.com/products/desktop-central/attack-glossary/spyware.html)
- [Viruses](https://www.manageengine.com/products/desktop-central/attack-glossary/viruses.html)
- [Drive-by Download Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/drive-by-download-attack.html)
- [Zero-Day Exploit](https://www.manageengine.com/products/desktop-central/attack-glossary/zero-day-exploit.html)

## Web Application Attacks

Exploits targeting web applications through injection, scripting, and other vulnerability-based techniques.

- [SQL Injection](https://www.manageengine.com/products/desktop-central/attack-glossary/sql-injection.html)
- [Cross-Site Scripting (XSS)](https://www.manageengine.com/products/desktop-central/attack-glossary/cross-site-scripting.html)

## Post-Exploitation

Activities performed after initial access to escalate privileges, move laterally, and maintain persistence.

- [Command and Control Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/command-and-control-attack.html)
- [Man-in-the-Middle Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/man-in-the-middle-attack.html)

## Infrastructure Availability

Attacks aimed at disrupting the availability of critical infrastructure, networks, and services.

- [DDoS Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/ddos-attack.html)
- [DNS Tunneling](https://www.manageengine.com/products/desktop-central/attack-glossary/dns-tunneling.html)

## Cloud & SaaS Abuse

Threats exploiting cloud services, misconfigurations, and SaaS platforms to access or manipulate data.

- [DDoS Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/ddos-attack.html)
- [DNS Tunneling](https://www.manageengine.com/products/desktop-central/attack-glossary/dns-tunneling.html)

## Trust Abuse

Attacks exploiting trust relationships between systems, supply chains, and organizational partnerships.

- [Supply Chain Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/supply-chain-attack.html)
- [Insider Threat](https://www.manageengine.com/products/desktop-central/attack-glossary/insider-threat.html)

## Advanced Techniques

Sophisticated attack methods used by APTs and skilled threat actors employing cutting-edge tactics.

- [Advanced Persistent Threat](https://www.manageengine.com/products/desktop-central/attack-glossary/advanced-persistent-threat.html)
- [Meltdown and Spectre Attack](https://www.manageengine.com/products/desktop-central/attack-glossary/meltdown-and-spectre-attack.html)