Course Content
Welcome & Orientation
0/4
Welcome to Intro2Cyber: Start Here
00:00
Is Cybersecurity Right for You?
00:00
How to Think Like a Cybersecurity Pro (Even as a Beginner)
00:00
Intro2Cyber - Welcome & Orientation
What is Cybersecurity?
0/11
What is Cybersecurity?
00:00
Definition & Importance
00:00
The CIA Triad (Confidentiality, Integrity, Availability)
00:00
Understanding Access Control (The Mansion Analogy)
00:00
Types of Threat Actors (Script Kiddies, Hacktivists, APTs)
00:00
Common Attack Types (Phishing, Malware, Ransomware, DDoS)
00:00
Cybersecurity vs Information Security
00:00
Security Domains (Blue Team, Red Team, GRC)
00:00
Cybersecurity Career Landscape
00:00
Real-World Breaches and Lessons Learned
00:00
Intro2Cyber - What is Cybersecurity
Passive Recon & OSINT
0/6
What is Passive Reconnaissance?
00:00
Google Dorking: Advanced Search Techniques
00:00
WHOIS & DNS Enumeration
00:00
OSINT Tools & Social Media Recon
00:00
Your First Recon Report
00:00
Intro2Cyber - Passive Reconnaissance
IPv6 Overview
0/3
IPv6 Basics & Security Implications
00:00
IPv6 Recon & Attacks
00:00
Intro2Cyber - IPv6 Overview
Common Services, Threats & Attacks
0/5
Common Network Services
00:00
Mapping Attacks to Services
00:00
Common Attack Types
00:00
Threat Actors
00:00
Intro2Cyber - Threats & Common Services
Wireshark Fundamentals
0/9
What is Wireshark?
00:00
Analyzing Common Protocols
00:00
Installing Wireshark
00:00
Following Streams
00:00
Using Display Filters
00:00
Performing a Basic Packet Capture
00:00
Wireshark Section Wrap-Up — What’s Next
00:00
Mini Challenge: Capture & Analyze Ping Traffic
00:00
Intro2Cyber - Wireshark & Traffic Analysis
Home Lab Setup
0/10
Hardware & Virtualization Software
00:00
Why Build a Home Lab?
00:00
Networking Fundamentals for Lab Environments
00:00
Installing Your First Lab
00:00
Bonus: Realistic Practice Platforms
00:00
Vulnerability Scanning & Network Monitoring
00:00
SIEM, Log Analysis & Threat Detection
00:00
Maintaining and Expanding Your Lab
00:00
Adding More VMs & Operating Systems
00:00
Intro2Cyber - Home Lab Setup
Active Scanning & Enumeration
0/6
What is Active Scanning?
00:00
Nmap Fundamentals
00:00
SMB & NetBIOS Enumeration
00:00
Nmap Scripting Engine (NSE)
00:00
The Enumeration Workflow
00:00
Intro2Cyber - Active Scanning and Enumeration
Vulnerability Identification & Analysis
0/5
What is Vulnerability Assessment?
00:00
From Findings to Action
00:00
Nmap NSE for Vulnerability Scanning
00:00
OpenVAS and Nessus
00:00
Intro2Cyber - Vulnerability Identification & Analysis
Exploitation Fundamentals
0/5
What is Exploitation?
00:00
The Metasploit Framework
00:00
Shells and Payloads
00:00
Your First Exploit
00:00
Intro2Cyber - Exploitation Fundamentals
Post-Exploitation & Privilege Escalation
0/5
What is Post-Exploitation?
00:00
Windows Post-Exploitation
00:00
Linux Privilege Escalation
00:00
Pivoting and Lateral Movement
00:00
Intro2Cyber - Post-Exploitation & Privilege Escalation
Windows Active Directory Forensics
0/3
What is Active Directory?
00:00
Active Directory Attacks and Defense
00:00
Intro2Cyber - Windows Active Directory
SIEM & Log Analysis
0/4
What is SIEM?
00:00
Log Analysis Fundamentals
00:00
Introduction to Splunk
00:00
Intro2Cyber - SIEM & Log Analysis
Incident Handling & Response
0/3
The Incident Response Lifecycle
00:00
Practical Incident Response
00:00
Intro2Cyber - Incident Handling & Response
Capture The Flag (CTF)
0/3
What are CTFs?
00:00
CTF Methodology
00:00
Intro2Cyber - Capture The Flag
Career Paths & Next Steps
0/7
Career Paths in Cybersecurity
00:00
Essential Cybersecurity Tools
00:00
Certifications and Next Steps
00:00
Online Learning Resources
00:00
Relevant Certifications
00:00
Intro2Cyber - Career Paths & Next Steps
Intro to Cyber — Knowledge Check
Intro to Cyber
📺 Livestream Timestamp: 10:00 — What is Cybersecurity?

Common Attack Types (Phishing, Malware, Ransomware, DDoS)

Overview

Cybersecurity threats come in many forms — but a handful of attack types show up again and again in real-world incidents. Understanding these isn’t just academic. These are the attacks that take down hospitals, leak customer data, and cost companies millions. Whether you end up on the blue team defending against them or the red team simulating them, you need to know how they work.

Key Takeaways

Phishing is the #1 initial access vector in most breaches. An attacker crafts a convincing email (or text, or call) to trick a user into clicking a malicious link, downloading a file, or handing over credentials. Spear phishing is targeted — the attacker knows your name, your boss, your company. It’s harder to spot and more effective.

Malware (malicious software) is an umbrella term covering any software designed to harm, exploit, or gain unauthorized access. Viruses, trojans, worms, spyware, adware — they all fall under malware. Most phishing attacks are designed to deliver malware as the payload.

Ransomware is malware that encrypts your files and demands payment for the decryption key. Modern ransomware operations are sophisticated criminal enterprises with support desks, negotiation teams, and affiliate programs. A successful ransomware hit can take an organization offline for days or weeks.

DDoS (Distributed Denial of Service) floods a target — server, network, or application — with traffic until it can’t respond to legitimate users. The attack is distributed because it comes from thousands of compromised machines (a botnet) simultaneously, making it hard to block by IP alone.

Deep Dive

These four attack types often chain together in the real world. A phishing email delivers malware, which establishes persistence, which deploys ransomware — or exfiltrates data before encrypting. A DDoS attack may be used as a distraction while attackers move laterally inside the network. Understanding each piece helps you recognize the full chain when you see it in logs, alerts, or forensic evidence.

Part of the free Intro to Cyber course by Cover6 Solutions.

Previous
Next
Scroll to Top