@ilyaasu-muhd.bsky.social
Web2 developer Exploring #WEB3 CyberSec. ุฑุจ ุฅูู ูู ุง ุฃูุฒูุช ุฅูู ู ู ุฎูุฑ ูููุฑ ๐คฒ
#BookSky
19.07.2025 08:15 โ ๐ 39398 ๐ 7840 ๐ฌ 546 ๐ 532
20.02.2025 23:17 โ ๐ 6 ๐ 2 ๐ฌ 0 ๐ 0
Day 18 of #35DaysOfLearningSecurity #NoFails #100DaysOfCyberSecurity
Cryptographyโ
Encryption and it's type โ
Hashing โ
Digital Signaturesโ
SSL AND TLSโ
Day 17 of #35DaysOfLearningSecurity #NoFailsand #100DaysOfCyberSecurity
Security control โ
Firewall โ
Intrusion Detection system โ
VPNsโ
Intrusion prevention system โ
Network segmentation โ
The Resident S02E01.
18.02.2025 08:50 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0I watched a movie series where Cyber attack occurred, the attackers targeted the hospital power system, seized the power and demanded for ransom. They exploited unpatch systems of the hospital using a code Malware created by another attacker for her own intent.
18.02.2025 08:50 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0Alleged to be run by north Korean government.
The group has operated for more than 10 years and is behind infamous cyber incidents such as wanna cry Ransomware attack in 2017.
Day 15 of #35DaysOfLearningSecurity #NoFailsand and #100DaysOfCyberSecurity
1.I've been Documenting all my journey both online and offline.
2. I haven't seen the link for the lazarus news but I made a research online and found lazarus as a group of unknown numbers of hackers
Lessons learned:
Network infrastructure security
Incident response plan
Transparent communication.
Talk Talk data breach occurred in 2015 targeting UK based telecommunications company, attackers exploited the vulnerabilities using DDoS attack and gained unauthorized access to systems, compromising users data.
16.02.2025 20:48 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0And exploited a known vulnerability in the Windows OS.
Lesson learned:
.Patch management
. Security awareness and Training
. Data backups.
Day 14 of #35DaysOfLearningSecurity #NoFails #100DaysOfCyberSecurity
Case study : Wanna cry and talk talk data breachs.
Wanna cry is an example of crypto Ransomware attack that happened. Where attackers targeted computers running Microsoft windows worldwide.
Benefits include:
Early warning
Awareness and education
Improved security software and
Protection for business.
Which includes collecting data from different sources, open source intelligence (Osint), closed source intelligence (Csint) etc to identify pattern and trends that could indicate a looming threat.
15.02.2025 21:42 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0Day 13 of #35DaysOfLearningSecurity #NoFails and #100DaysOfCyberSecurity
CTI cyber threats intelligence and analysis.
Is the act of gathering and analysing information on potential attacks that can harm organizations.
Day 12 of #100DaysOfCyberSecurity and #35DaysOfLearningSecurity #NoFails
Studied cyber attack techniques and anti virus software and endpoint protection.
Day 11 of #35DaysOfLearningSecurity #NoFails and #100DaysOfCyberSecurity
Dive deeper into vulnerability and exploit, Social engineering , how to recognize phishing attempts.
Full post coming up later.
I don't have one either, I desire to observe an example before I proceed with building my own.
14.02.2025 10:46 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0Okay, thanks
14.02.2025 10:27 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0I need a new Laptop ๐
13.02.2025 18:49 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0Then
HTTP VS HTTPS:
Is the layer protocol design to connect web traffic through hyperlinks. Https uses encryption to send data to web server.
Hactivist: motivated by social calls, they attack an environment they might think has negative impact on the society.
State-sponsored Attackers: APT Advanced Persistent Threat, they are backed by an entire nation, they have budget and capabilities to lunch highly complex attacks.
Types of threats actors:
Individual hacker: for fun, financial reasons.
Organized cybercrime groups: They fun for profit, form a wide organizations, partnership to offer products, services to each other. They are more complex and more threats.
Threat Actor is an entity, where an organization or individual involved in malicious activities.
Motives: for financial gain, political or ideological agendas and espionage.
Types:
Insider, the risk of employees or insiders misusing access privileges.
Data exposer, the potential for sensitive data to be exposed or leaked.
Zero day threats, the possibility of undiscovered vulnerabilities being exploited.
Day 10 of #35DaysOfLearningSecurity #NoFails
#100DaysOfCyberSecurity
Threats VS Attacks:
Threats are potential warning or danger.
Attack is when the harmful action actually happens.
Encryption: inverting plain text into chiper text before sending it to the receiver using key.
Symmetric uses one key called private key and
Asymmetric uses two keys private for the sender and public for the receiver.
Thank you.
Firewall help safeguard and secure our system by filtering the incoming and outgoing traffic within the network.
IDS: intrusion Detection system detect the malware and alert it to the administrator.
IPS: intrusion prevention system prevent malicious software from the system.
Security by design uses proactive approach to secure software, hardware and systems by integrating security into the design.
12.02.2025 08:44 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0
