Types of Cyberattack, Specific Risks and How to Mitigate those Risks
Please note that the list of cyberattack types is distributed by the Canadian Centre for Cyber Security and the means to mitigate is provided by third parties. This information is not meant to be exhaustive and Skyway West is not responsible for omissions or mistakes.
What is the SSH “Terrapin Attack” Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Secure Shell (SSH) allows commands to be sent securely to computers remotely across unsecure networks (like the Internet). Certain versions of SSH allow an attacker with the ability to intercept SSH traffic, downgrade connection security and force the usage of less secure client authentication algorithms. This vulnerability is called the “Terrapin Attack”. The link below ...What is the Fortinet (cve-2022-42475) Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Fortinet offers virtual private network (SSL VPN) and firewall products as part of FortiOS and FortiProxy. Why is it a risk? An attacker can overflow a buffer to allow remote, unauthorized, execution of arbitrary code. This is considered a CRITICAL problem of VERY HIGH risk. How can you mitigate the risk? The only mitigation is to upgrade to ...What is the Windows HTTP.sys (cve-2015-1635) Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Microsoft Windows (versions 7, 8 and Server versions 2008-2012) HTTP.sys file could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. The Microsoft link below provides a description and a list of specific Windows versions effected by this vulnerability. Why is it a risk? An attacker who ...What is the Microsoft Exchange Server On-premises Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Microsoft Exchange Server (2016, 2019 and Subscription) on-premises has a vulnerability allowing an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud environment without leaving easily detectable and auditable trace. Why is it a risk? Users with escalated privileges can run arbitrary commands both ...What is the Microsoft Exchange Server Unapproved Code Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Microsoft Exchange Server has a number of vulnerabilities that allow attackers to infect your computer (or use your comupter to attack others). Why is it a risk? Although each is slightly different, in general these vulnerabilities allow attackers to run unapproved code on your server. That code can damage your organizational data, interrupt network traffic ...What is the SMB version 3.1.1 Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Server Message Block (SMB) is a long-standing protocol for sharing files, printers, named pipes, and other network resources. Windows Exchange Server (2016, 2019, 2022) all use SMB version 3.1.1 Why is it a risk? Certain carefully crafted commands, sent to SMB version 3.1.1 can allow execution of remote commands without authentication which can crash the target ...What is the Microsoft Exchange Server / Local Exchange Server Vulnerability, what is the risk and how can you mitigate that risk?
What is it? On 06 Aug 2025, Microsoft disclosed a vulnerability in Microsoft Exchange Server which allows an administrator of a local Exchange Server to elevate their priviledges and gain access to other users’ Exchange Online cloud accounts. Why is it a risk? Although there are no known exploits of this vulnerability as of 07 Aug 2025, he ...What is the Exim “21nails” smtp Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Exim is a very popular mail transfer agent (MTA). In 2020, researchers found 21 unique vulnerabilities in Exim. Collectively, these threats are called “21nails.” Why is it a risk? While each of the 21 vulnerabilities is a threat, some of the vulnerabilities can be chained together to obtain a full remote unauthenticated code execution and ...What is the Microsoft Sharepoint (Subscription Edition, 2019 and 2016) on-premises servers Attack, what is the risk and how can you mitigate that risk?
What is it? Microsoft Sharepoint (Subscription Edition, 2019 and 2016) on-premises servers are being actively attacked (as of 2025-07-19). Why is it a risk? Using this vulnerability, an attacker can execute arbitrary code on your server from a remote location. This is considered a CRITICAL vulnerability. How can you mitigate the risk? Follow the directions provided in the Microsoft link below. The ...What is the Huawei HG532 router Vulnerability, what is the risk and how can you mitigate that risk?
What is it? A weakness has been identified in the Huawei HG532 router. This weakness has been observed being exploited “in the wild.” The source code for this exploit has been published, increasing the risk of copy-cat threats. Why is it a risk? An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead ...What is the Scanner Vulnerability, what is the risk and how can you mitigate that risk?
What is it? A honeypot is a trap intentionally set to attract malicious software or users. A simple example is a form field on a web page labelled “User Name” but which is rendered invisible when displayed on the screen. A computer scanning the page will fill this field in, but a human will not. A scanner ...What is the Exposed Service Telnet Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Telnet allows a user to open a command terminal on a remote computer or device and execute commands. Telnet runs on port 23. Telnet is primarily used to log in to a remote server, but it can also be used to log in to routers and other network devices. Why is it a risk? When ...