the.com/attack vectors
every unlocked door a hacker could actually walk through, ranked by how badly you forgot it existed.
means an attack vector is the specific path or method used to gain unauthorized access to a system, from a phishing email to an unpatched server.
from borrowed from biology, where a vector is the organism that carries a disease into a host; security folks kept the metaphor because malware needs a carrier too.
human errorinvolved in over 80 percent of breaches
widest doorphishing remains the top initial vector for years
expanding surfaceevery new iot device is a fresh vector
zero dayunknown vectors sell for millions on dark markets
for instance
target 2013 — attackers entered through a hvac vendor's stolen credentials
solarwinds 2020 — supply chain vector compromised 18000 organizations at once
wannacry 2017 — exploited an unpatched smb vector across 150 countries
colonial pipeline 2021 — single leaked password vector shut down us fuel supply