KoreField
Lessons/Cybersecurity and AI Security/Beginner/Threat Awareness

Common Attack Vectors and Threat Landscape

30 min Video + Text
Identify common cyber attack vectorsUnderstand the OWASP Top 10Recognise social engineering tactics

AI Avatar Lesson

Video will be available when Cloudflare Stream is configured

30 min
Coming Soon

The Modern Threat Landscape

Cyber threats evolve constantly. Understanding the most common attack vectors helps you build defences that address real risks rather than theoretical ones. The OWASP Top 10 is the industry-standard reference for web application security risks.

Common Attack Vectors

  • Phishing — fraudulent emails or messages tricking users into revealing credentials
  • SQL Injection — inserting malicious SQL into application queries
  • Cross-Site Scripting (XSS) — injecting scripts into web pages viewed by other users
  • Credential stuffing — using leaked username/password pairs across multiple services
  • Ransomware — malware that encrypts data and demands payment for decryption

Social Engineering

Social engineering exploits human psychology rather than technical vulnerabilities. Phishing, pretexting, and baiting are all social engineering techniques. Technical controls alone cannot prevent them — security awareness training is essential.

Over 80% of breaches involve a human element. Technical defences must be paired with security awareness training.

Key Takeaway

Know the OWASP Top 10, recognise social engineering, and build layered defences that address both technical and human vulnerabilities.

Review Questions

1. What is the primary goal of a phishing attack?

2. What does the OWASP Top 10 represent?

Previous LessonNext Lesson