Home | TheCyberPatch

The Cyber Patch

Security & Convenience: Finding the Right Balance

Cyber Knowledge Featured

Security & Convenience: Finding the Right Balance

Too much security can lead to a decrease in convenience, causing users to bypass controls and leave sensitive information vulnerable. Too little security can result in critical information being accessible to unauthorized parties.

CompTIA Feature: A Day in the Life of an Information Security Consultant

Career Development Featured

CompTIA Feature: A Day in the Life of an Information Security Consultant

CompTIA spoke with Lomar about his professional experience, and he offered direction to those interested in entering the cybersecurity field.

Part 1: The Beginning – My Journey to InfoSec

Career Development Featured

Part 1: The Beginning – My Journey to InfoSec

I began learning different programming languages to build programs I could share with friends. As none of my friends understood how I was doing what I was doing, and I felt like a genius. Wanting to re-live that feeling repeatedly, I began developing my programming skills more and more.

Data Privacy vs Data Security

Cyber Knowledge

Data Privacy vs Data Security

Data security and privacy are popular within data security regulations that impose strict penalties on companies that ignore ongoing threats from cyber attacks such as malware and intruders. But even some IT professionals aren't clear about the difference between data privacy and data security.

It Can Be Done: Preventing Data Breaches

It Can Be Done: Preventing Data Breaches

Infringement of sensitive information, whether personal information such as credit cards or proprietary information such as intellectual property or financial forecasts, can have serious consequences

Password Spraying Attacks: Detection and Defense Mechanisms

Password Spraying Attacks: Detection and Defense Mechanisms

It is important to note that given the nature of password spraying attacks, you cannot prevent them, but you can detect and stop them in their tracks. This blog post describes how this type of attack unfolds, how to detect ongoing attacks, and how to reduce the risk of becoming the next victim.

Watering Hole Attacks: What are they?

Cyber Knowledge

Watering Hole Attacks: What are they?

In nature, predators hide next to watering holes, where prey gathers and wait for the opportunity to attack. Unfortunately, cybercriminals have found ways to emulate this predatory behaviour. They prey on unsuspecting victims browsing regularly visited websites. This is called a watering hole attack

Stay Safe, Secure your Password

Cyber Knowledge

Stay Safe, Secure your Password

When you think of password security, what comes to mind? For me, it is what can I do to keep my password safe. However, it is more than that.

Beginner's Guide: Understanding SQL Injections

Beginner's Guide: Understanding SQL Injections

SQL injection (SQLi), is an attack on a web application by compromising its database through malicious SQL statements. As it's a common attack, let's examine what it is, how it happens, and how to defend yourself from it.

Security Through Obscurity: The Good, The Bad, The Ugly

Cyber Knowledge

Security Through Obscurity: The Good, The Bad, The Ugly

Security Through Obscurity is based on the premise that the secrecy of specific details or functions of a system can ensure Security. Let's explore this concept in its entirety to expose the good, the bad, and the ugly.

The 'S' in HTTPS is For 'Secure' Not 'Safe'

Cyber Knowledge

The 'S' in HTTPS is For 'Secure' Not 'Safe'

"Ensure that the website you are browsing or entering confidential information such as usernames, passwords, or credit card information uses HTTPS." While this tip is vital to bear in mind when browsing the web, many misunderstand it, and this article seeks to set the record straight.

Combating Insider Threats

Combating Insider Threats

Insider Threats represents the primary vector for 60% of data breaches, organizations need to examine the threats walking through their door every day with as much thoroughness as they show when securing the perimeter from external threats.

Cybersecurity is Everyone’s Responsibility

Cyber Knowledge

Cybersecurity is Everyone’s Responsibility

40% of employees believe that they assume no responsibility for securing information. This thought is why many organizations place the responsibility of cybersecurity on their IT departments' shoulders, but adequate security must be a companywide endeavor.

Classifying Cybercriminals

Cyber Knowledge

Classifying Cybercriminals

With law enforcement agencies continually challenged when finding, arresting, charging, and proving cybercrimes. This post will discuss five different classifications of these cybercriminals.

Understanding The Cyber Kill Chain

Cyber Knowledge

Understanding The Cyber Kill Chain

The cyber kill chain is a way to understand the sequence of events involved in cyberattacks from the early reconnaissance stages to data exfiltration.

How To Prevent Your Phone From Getting Hacked

How To Prevent Your Phone From Getting Hacked

There are many ways a hacker can get into your phone and steal personal and critical information. Here are a few tips to ensure that you are not a victim of phone hacking

Wi-Fi Hacking Methodology

Cyber Knowledge

Wi-Fi Hacking Methodology

Here are the steps an attacker or security professional might take when trying to exploit these networks.

VoIP: Threats and Attacks

Cyber Knowledge

VoIP: Threats and Attacks

Since VoIP shares the same infrastructure with a traditional data network, it inherits all security problems from data network. Furthermore, VoIP also has its own security problems coming from new protocols and network components.

Maintaining WLAN Security

Maintaining WLAN Security

It is easier for hackers to exploit the vulnerabilities of wireless networks to gain access to potentially secured networks. Without proper WLAN security, the integrity of valuable information can be compromised.

Threats to IoT Devices

Cyber Knowledge

Threats to IoT Devices

In recent years, IoT has become embroiled in controversy related to security and privacy issues. Anything connected to the Internet is open to threats. Here are five significant threats that affect IoT devices.

DDoS Attacks: Detection and Defense Mechanisms

DDoS Attacks: Detection and Defense Mechanisms

Distributed denial of service or DDoS is a well-known attack within the cybersecurity world. However, despite being around for a long time, it does not show any signs of slowing down

These Search Engines are Great for Passive Information Gathering

Cyber Knowledge

These Search Engines are Great for Passive Information Gathering

The Information Gathering phase is the most critical phase of any penetration test. It is the first phase of every security assessment. Information Gathering focuses on collecting as much information as possible about a target.

4 Wayback Machine Alternatives

Cyber Knowledge

4 Wayback Machine Alternatives

The Wayback Machine is not the only digital archive available today, and this post aims to highlight and discuss four alternatives and their key features.

Types of Penetration Testing

Cyber Knowledge

Types of Penetration Testing

Based on the level of intrusion provided by the client, the most relevant type of penetration test is used to assess the target system. There are five main types of penetration tests.

Part 3: The New Beginning – My Journey to Infosec

Career Development

Part 3: The New Beginning – My Journey to Infosec

Today, I’m a Senior Information Security Consultant, still pursuing growth and certifications. Pursuing certifications, However, have taken on a different meaning for me.

Part 2: The Turning Point – My Journey to InfoSec

Career Development

Part 2: The Turning Point – My Journey to InfoSec

I enrolled in the module, “Software and System Security,” which gave me hands-on experience in other areas of Security, such as system and network security. I credit a lot of my exposure and development to this module even though I enrolled in every Security related module the University had.