Originally a Top 10 list, but with a bunch of additions. Basically the most common ways people, applications, and systems get hacked.

One of the things you may notice is there’s (almost) no “inject the HTML into the firewall!” nonsense here.1 Meaning the take-home is exactly what it looks like: most hacking is “boring”, most successful attacks have well-known vectors, and ever has the industry been thus.

  1. Buffer overflow exploits used to gain elevated privileges are the “closest” thing to Hollywood concepts of hacking, but even then, they’re rarely executed in the 2-idiots-1-keyboard way.