Security Information and Event Management (SIEM) I

Imagine this: an attacker has breached your organisation’s security infrastructure and is determined to steal customer information from your database systems. He navigates to the segment of your network housing the databases and commences a brute force attack to gain access to the databases. He performs several logon attempts on your databases, which are picked up by the Database Activity Monitoring (DAM) solution. These failed logon attempts … Continue reading Security Information and Event Management (SIEM) I

Kali Linux

Welcome to this Cyberkach series on Kali Linux. In the first part of this series, we will introduce Kali Linux and perform an installation walkthrough. Subsequently, we would dive into Kali Linux and explore its vast functionalities. What is Kali Linux? Kali Linux (Kali) is a Debian-based Linux operating system built for advanced Penetration Testing and Security Auditing. Kali contains several tools for various information … Continue reading Kali Linux

Security Incident Management Policy

Read this article for a simple introduction to cybersecurity policies. Cyber security policies are guidelines defined by management to define acceptable conducts to ensure confidentiality, integrity and availability of information systems and assets. One of the most important cybersecurity policy, which every organisation must define and document, is the Incident Management Policy, and considering that every organisation will face cyber incidents, not owning an incident … Continue reading Security Incident Management Policy

The CISA Certification Exam

A Personal Take After four hours of intensive brain activity, I was done with the CISA certification exam. I said a quick prayer then clicked “Submit”. An “Are you sure?” window popped up. Another quick prayer, then “Yes”. One more “Are you sure?” window later (!), and I had successfully submitted. Then came the worst part – I had to engage in a ten-minute survey … Continue reading The CISA Certification Exam

Cyber Security Certifications: A Simple Guide

“How do I get started in cybersecurity?” “What skills do I need?” “Must I get certifications to break into cybersecurity? Which certifications?” These are a sample of regular questions asked by newbies seeking guidance into the cybersecurity field. We all asked these questions, and most people coming after us will. So this is a small piece to answer one of those questions (Others are answered … Continue reading Cyber Security Certifications: A Simple Guide

Setting Up Your Penetration Testing Workstation II: Mobile Application Testing Tools

Read part I of this article here. What is mobile application security testing? Mobile application security testing is a subsection of VAPT (Vulnerability Assessment and Penetration Test) that is focused on mobile applications (iOS and Android). It involves ensuring there are no vulnerabilities in a mobile application that could be exploited by a malicious user.  The whole exercise involves simulating the actions of a malicious … Continue reading Setting Up Your Penetration Testing Workstation II: Mobile Application Testing Tools

Access Bank Hacked? What Exactly Happened…

On Monday, 31 August 2020, there were scares that Access Bank Plc, a Tier-1 Nigerian Bank, had been infiltrated by cyber-criminals and had customer information and funds at risk. Across social media platforms, Twitter and Instagram, Access Bank customers panicked at the thought of losing money during a global pandemic. But what actually happened? A video declaring a breach of Access Bank appeared on the … Continue reading Access Bank Hacked? What Exactly Happened…

Setting up Your Penetration Testing Workstation

You recently acquired a powerful laptop. You’re in love with the system specs and can’t wait to set it up with all the cool cyber tools. It’s time to hack the world! If you’re a newbie (as all of us once were), you may be wondering which tools would come in handy in your penetration testing journey. This piece will provide a guideline to the … Continue reading Setting up Your Penetration Testing Workstation

Twitter Hacked!: Everything You Need to Know

Wednesday, 15 July 2020, was a normal day for users of Twitter, the popular social media platform. At least until they realised that a coordinated hack had occurred at Twitter Headquarters and was manifested through several verified and/or largely followed influencer accounts. Dubbed “The Greatest Twitter Hack of All Time” by hacker news website @TheHackerNews, this cryptocurrency hack was used by malicious persons to amass … Continue reading Twitter Hacked!: Everything You Need to Know

Access Control Policy

As explained in this¬†CyberKach article here, cybersecurity policies are high-level governance document defined and documented by the IT / cyber team leadership to provide guidelines to employees on acceptable conducts to ensure the confidentiality, integrity and availability of the organisation’s information systems, network infrastructure and data. It’s been established, therefore, that management needs to communicate acceptable standards to employees through cybersecurity policies. The Access Control … Continue reading Access Control Policy