The UK's National Cyber Security Centre (NCSC) details common cyberattacks, focusing on the stages of attacks (survey, delivery, breach, affect) and the vulnerabilities attackers exploit (flaws, features, user error). It categorizes attacks as targeted or untargeted and attacker capabilities as commodity or bespoke. The paper emphasizes the importance of implementing essential security controls, like those in Cyber Essentials and 10 Steps to Cyber Security, to mitigate risks. Finally, it includes case studies illustrating real-world attacks and how implementing basic security measures can prevent them.