Glossary
Some security terms for reference below: [...]
Network protocols and their vulnerabilities
Introduction: In the ever-evolving digital landscape, understanding network protocols is not just a matter for tech aficionados; it’s a necessity for anyone venturing into the cyber world. Network protocols, the backbone of internet communication, ensure structured and reliable data transfer. However, these protocols can also be avenues for threat actors [...]
The Pivotal Role of SIEM Tools in Enhancing Cybersecurity: A Comprehensive Guide
In today’s digital era, with cyber threats escalating in complexity, Security Information and Event Management (SIEM) tools have become indispensable in safeguarding network and system integrity. This detailed guide explores the intricate workings of SIEM tools, shedding light on their advantages, the process they follow, and the significant role they [...]
Navigating the World of Cybersecurity: Understanding IDS, IPS, and EDR Tools
As the digital landscape evolves, cybersecurity remains a paramount concern for organisations globally. In this comprehensive guide, we delve into the essential tools at the forefront of protecting networks and systems from cyber threats: Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Endpoint Detection and Response (EDR). Understanding these [...]
Cyber Security Journaling Exercises
Cybersecurity Journal Description The Cybersecurity Journal is an academic exercise designed to inform and educate both the journaler and the reader. It’s a carefully curated record, capturing a series of simulated cybersecurity incidents and exercises. This journal is particularly valuable for professionals and students in the cybersecurity field, serving as [...]
Understanding Injection Attacks
Injection attacks, encompassing the notorious SQL injection and Cross-Site Scripting (XSS), stand as one of the most pernicious threats in the realm of cybersecurity. At their core, these attacks exploit vulnerabilities in web applications by injecting malicious code into otherwise benign and trusted systems. This nefarious code can manipulate databases, [...]
What is Phishing and What can I do about it?
Phishing dates back to the 1990s, coinciding with the global expansion of the internet. One of the first known phishing attacks targeted users of AOL Instant Messenger (AIM). In these attacks, cybercriminals sent emails impersonating AOL, asking users to verify accounts or provide billing information. These emails, convincingly crafted with [...]
The Crucial Role of Regular Updates in Cybersecurity
Have you ever caught yourself pondering, “Why must my devices perpetually need updates?” For many of us, updates are synonymous with enhanced performance, improved stability, and exciting new features. Yet, from a cybersecurity perspective, their significance is much more profound. Updates: The Unsung Heroes in Cyber Defence Recently we delved [...]
Navigating the Digital Terrain: Excelling in Open Source Intelligence for Advanced Cybersecurity
Introduction: In the ever-changing world of cybersecurity, staying a step ahead of potential threats is crucial. Open Source Intelligence (OSINT) stands out as a key element in this context. This detailed guide delves into OSINT, offering insights, practical advice, and tools to bolster your cybersecurity tactics. Understanding OSINT in Cybersecurity [...]
How to Conduct a Risk Assessment:
1. Identify the Assets: 2. Identify Threats and Vulnerabilities: 3. Assess Likelihood and Impact: Low 1 Moderate 2 Catastrophic 3 Certain 3 3 6 9 Likely 2 2 4 6 Rare 1 1 2 3 4. Determine Risk Level: 5. Develop Mitigation Strategies: 6. Implement Controls: 7. Monitor and [...]