The Cyber Patch

Patch Tuesday: April 2021

April's Patch Tuesday came with patches for a total of 108 CVEs. This includes 20 CVEs rated a "Critical", 87 rated as "Important", and one single CVE rated as "Moderate".

Patch Tuesday

Patch Tuesday: March 2021

Today's release covers an additional 88 CVEs including 14 rated as "Critical", 73 rated as "Important", and 1 as "Low"

Career Development

CompTIA Feature: A Day in the Life of an Information Security Consultant

CompTIA spoke with Lomar about his professional experience, and he offered direction to those interested in entering the cybersecurity field.

Cyber Knowledge

The 'S' in HTTPS is For 'Secure' Not 'Safe'

"Ensure that the website you are browsing or entering confidential information such as usernames, passwords, or credit card information uses HTTPS." While this tip is vital to bear in mind when browsing the web, many misunderstand it, and this article seeks to set the record straight.

Career Development

Part 1: The Beginning – My Journey to InfoSec

I began learning different programming languages to build programs I could share with friends. As none of my friends understood how I was doing what I was doing, and I felt like a genius. Wanting to re-live that feeling repeatedly, I began developing my programming skills more and more.

Career Development

Caribbean Cyber Support Team Feature: Lomar Lilly

Lomar wears many hats under the umbrella of Information Security Consultant with Symptai Consulting Ltd in Jamaica and a member of the CCST group. He is passionate about the field of Cyber Security and enjoys giving clients peace of mind through his expertise.

Cyber Knowledge

Watering Hole Attacks: What are they?

In nature, predators hide next to watering holes, where prey gathers and wait for the opportunity to attack. Unfortunately, cybercriminals have found ways to emulate this predatory behaviour. They prey on unsuspecting victims browsing regularly visited websites. This is called a watering hole attack

Cyber Knowledge

Stay Safe, Secure your Password

When you think of password security, what comes to mind? For me, it is what can I do to keep my password safe. However, it is more than that.

Patch Tuesday

Patch Tuesday: February 2021

February is here and with it comes a relatively light Patch Tuesday. Only 56 CVEs are being patched today. That includes eleven rated as "Critical", 42 rated as "Important", and three rated "Moderate".

Vulnerability

Beginner's Guide: Understanding SQL Injections

SQL injection (SQLi), is an attack on a web application by compromising its database through malicious SQL statements. As it's a common attack, let's examine what it is, how it happens, and how to defend yourself from it.

Patch Tuesday

Patch Tuesday: January 2021

The first Patch Tuesday of 2021 is here and the year is starting out lighter than most. In all Microsoft is patching, ten vulnerabilities rated "Critical", 71 rated "Important", and two rated as "Moderate". The critical list covers both GDI+ and video codec Remote Code Execution (RCE) vulnerabilities and half

Cyber Knowledge

Security Through Obscurity: The Good, The Bad, The Ugly

Security Through Obscurity is based on the premise that the secrecy of specific details or functions of a system can ensure Security. Let's explore this concept in its entirety to expose the good, the bad, and the ugly.

Cyber Tips

Combating Insider Threats

Insider Threats represents the primary vector for 60% of data breaches, organizations need to examine the threats walking through their door every day with as much thoroughness as they show when securing the perimeter from external threats.

Cyber Knowledge

Cybersecurity is Everyone’s Responsibility

40% of employees believe that they assume no responsibility for securing information. This thought is why many organizations place the responsibility of cybersecurity on their IT departments' shoulders, but adequate security must be a companywide endeavor.

Cyber Knowledge

Classifying Cybercriminals

With law enforcement agencies continually challenged when finding, arresting, charging, and proving cybercrimes. This post will discuss five different classifications of these cybercriminals.

Cyber Knowledge

Understanding The Cyber Kill Chain

The cyber kill chain is a way to understand the sequence of events involved in cyberattacks from the early reconnaissance stages to data exfiltration.

Cyber Tips

How To Prevent Your Phone From Getting Hacked

There are many ways a hacker can get into your phone and steal personal and critical information. Here are a few tips to ensure that you are not a victim of phone hacking

Cyber Knowledge

Wi-Fi Hacking Methodology

Here are the steps an attacker or security professional might take when trying to exploit these networks.

Cyber Knowledge

VoIP: Threats and Attacks

Since VoIP shares the same infrastructure with a traditional data network, it inherits all security problems from data network. Furthermore, VoIP also has its own security problems coming from new protocols and network components.

Cyber Tips

Maintaining WLAN Security

It is easier for hackers to exploit the vulnerabilities of wireless networks to gain access to potentially secured networks. Without proper WLAN security, the integrity of valuable information can be compromised.

Cyber Knowledge

Threats to IoT Devices

In recent years, IoT has become embroiled in controversy related to security and privacy issues. Anything connected to the Internet is open to threats. Here are five significant threats that affect IoT devices.

Cyber Tips

DDoS Attacks: Detection and Defense Mechanisms

Distributed denial of service or DDoS is a well-known attack within the cybersecurity world. However, despite being around for a long time, it does not show any signs of slowing down

Cyber Knowledge

These Search Engines are Great for Passive Information Gathering

The Information Gathering phase is the most critical phase of any penetration test. It is the first phase of every security assessment. Information Gathering focuses on collecting as much information as possible about a target.

Cyber Knowledge

4 Wayback Machine Alternatives

The Wayback Machine is not the only digital archive available today, and this post aims to highlight and discuss four alternatives and their key features.

Cyber Knowledge

Types of Penetration Testing

Based on the level of intrusion provided by the client, the most relevant type of penetration test is used to assess the target system. There are five main types of penetration tests.

Career Development

Part 3: The New Beginning – My Journey to Infosec

Today, I’m a Senior Information Security Consultant, still pursuing growth and certifications. Pursuing certifications, However, have taken on a different meaning for me.

Career Development

Part 2: The Turning Point – My Journey to InfoSec

I enrolled in the module, “Software and System Security,” which gave me hands-on experience in other areas of Security, such as system and network security. I credit a lot of my exposure and development to this module even though I enrolled in every Security related module the University had.