Search for:
  • Home/
  • Month: November 2023

Roles in Incident Response: A Guide

Welcome to our exploration of the National Institute of Standards and Technology (NIST) Incident Response Lifecycle, a four-phase framework essential for handling security incidents. These phases are: In security, the role will involve team-based monitoring, detection, and incident response. We’ve previously discussed the Computer Security Incident Response Team (CSIRT) and [...]

Cyber Security Journaling Exercises

Cybersecurity Journal Description The Cybersecurity Journal is an academic exercise designed to inform and educate both the journaler and the reader. It’s a carefully curated record, capturing a series of simulated cybersecurity incidents and exercises. This journal is particularly valuable for professionals and students in the cybersecurity field, serving as [...]

The Essence of Threat Modeling

Threat modeling is a structured approach to identifying and addressing potential security vulnerabilities and threats. It’s a crucial component in the field of application development, helping to fortify software against potential attacks. The Diverse Landscape of Application Security With the proliferation of web and mobile applications, the significance of application [...]

Understanding Injection Attacks

Injection attacks, encompassing the notorious SQL injection and Cross-Site Scripting (XSS), stand as one of the most pernicious threats in the realm of cybersecurity. At their core, these attacks exploit vulnerabilities in web applications by injecting malicious code into otherwise benign and trusted systems. This nefarious code can manipulate databases, [...]

An Introduction to Malware

Malware, the bane of digital security, has evolved significantly since its inception on early personal computers. Recognising different types of malware and their methods of propagation is crucial in today’s digital landscape. Types of Malware and Their Spread Key Takeaways Understanding the intricacies of malware types and their propagation methods [...]

What is Phishing and What can I do about it?

Phishing dates back to the 1990s, coinciding with the global expansion of the internet. One of the first known phishing attacks targeted users of AOL Instant Messenger (AIM). In these attacks, cybercriminals sent emails impersonating AOL, asking users to verify accounts or provide billing information. These emails, convincingly crafted with [...]