Attacks & Threats
Man-in-the-Middle Attack
Also known as: MitM attack, On-path attack
Definition
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
Examples
- On an open café Wi-Fi, an attacker intercepts unencrypted HTTP traffic and replaces a software-update URL with a malicious binary.
- BGP hijack redirects a payment-service prefix through an attacker-controlled ISP that performs TLS interception.
Related terms
ARP Spoofing
A local-network attack that sends forged ARP messages to bind the attacker's MAC address to another host's IP, redirecting traffic through the attacker.
DNS Spoofing
An attack that injects falsified DNS responses to redirect victims from a legitimate domain to an attacker-controlled IP address.
SSL Stripping
A man-in-the-middle attack that silently downgrades a victim's HTTPS connection to plain HTTP so the attacker can read and modify the traffic.
Session Hijacking
An attack that takes over a victim's authenticated session by stealing or forging the session identifier so the attacker can act as the user without their credentials.
Evil Twin Attack
A Wi-Fi attack in which an adversary stands up a rogue access point that mimics a legitimate SSID, so victims connect to it and expose traffic or credentials.
Rogue Access Point
An unauthorised wireless access point connected to a network, either installed maliciously by an attacker or naively by an employee, that bypasses network security controls.