Some common types of attacks include the following:

Operating System Attacks
Attackers will search for vulnerabilities in an operating system design, installation or configuration and attempt to exploit these vulnerabilities. This includes buffer overflows, bugs in the operating system, unpatched systems etc.

Misconfiguration Attacks
Misconfiguration vulnerabilities affect systems such as web servers, application platforms, databases, networks or frameworks that may result in unauthorized access.

Application level Attacks
Attackers will attempt to exploit any vulnerability found in applications in place to host information systems etc. This includes buffer overflows, cross-site scripting, SQL injection, Man-in-the-Middle, session hijacking, denial-of-service and more.

Shrink Wrap Code Attacks
Attackers attempt to exploit default configurations and settings of off-the-shelf libraries and code.