Keylogging and spyware: Malware specifically designed to covertly collect, monitor and log the actions of a system user.

Backdoor or command/control: Tools that provide remote access to or control of infected systems, or both, and are designed to run covertly.

SQL injection: An attack technique used to exploit how Web pages communicate with back-end databases.

Abuse of system access/privileges: Deliberate and malicious abuse of resources, access or privileges granted to an individual by an organization.

Unauthorized access via default credentials: Instances in which an attacker gains access to a system or device protected by standard preset (widely known) usernames and passwords.

Violation of acceptable use and other policies: Accidental or purposeful disregard of acceptable use policies.

Unauthorized access via weak or misconfigured access control lists (ACLs): When ACLs are weak or misconfigured, attackers can access resources and perform actions not intended by the victim.

Packet Sniffer: Monitors and captures data traversing a network.

Unauthorized access via stolen credentials: Instances in which an attacker gains access to a protected system or device using valid but stolen credentials.

Pretexting or social engineering: A social engineering technique in which the attacker invents a scenario to persuade, manipulate, or trick the target into performing an action or divulging information.

Authentication bypass: Circumvention of normal authentication mechanisms to gain unauthorized access to a system

Physical theft of asset: Physically stealing an asset.

Brute-force attack: An automated process of iterating through possible username/password combinations until one is successful.

RAM scraper: A fairly new form of malware designed to capture data from volatile memory (RAM) within a system.

Phishing (and endless “ishing” variations): A social engineering technique in which an attacker uses fraudulent electronic communications (usually e-mail) to lure the recipient into divulging information.