When defining this CIS Control we can look no further than its’s name. Protection of data is a vital point for any organization's security. This control is responsible for developing processes to identify, classify, securely handle, retain, and dispose of data. Data for a while now is not kept inside an organization’s borders; it is stored in the cloud, on transportable end-user devices used by remote workers, and is frequently shared between partners or online services located anywhere outside the globe. …


After just finishing the fairly challenging cyber war game, I have decided to share some of the more interesting lessons and tricks learned from it. The first thing you are given in the game is an SSH port that leads you to the game server. The Host: bandit.labs.overthewire.org is located on port 2220, which you must access from terminal. I did this using a VM and an Ubuntu OS. The server leads you to the picture below to let you know you have gained access and then the fun begins!

The first levels were standard but necessary for laying out…


“Weaponization”: The Metaphor That Rejects Politics — Greggor Mattson

Weaponization is indeed the second phase of the cyber death chain. During the weaponization step of the cyber death chain, the threat actor creates malware that is particularly tailored to the vulnerabilities uncovered during the reconnaissance phase. The attacker will modify their toolset to match the unique requirements for a particular network based on the data collected during the reconnaissance phase.

For example, if a particular susceptible version of secure shell is identified, the attacker will create an exploit kit that exploits the vulnerability. The tool will not just focus on exploiting flaws. The kit’s architecture ensures that the attacker…


As the name indicates, a reconnaissance assault is an attempt by an adversary to collect and analyze data about a network depends before initiating more serious sorts of attacks. The reconnaissance attack is frequently carried out utilizing public information. Intelligence gathering from a reconnaissance attacker will concentrate on “Who” will most likely concentrate on privileged persons because of system access or access to private data. “Network” will concentrate on architectural and organization, as well as tools, devices, and protocols, as well as crucial infrastructure. It’s like a burglar recognizing the victim’s behavior and entering into the victim’s home.

Active vs…

Malware is unauthorized program or file in your device against your permission. It has the ability to connect itself to legitimate code and spread; it can hide in valuable software or duplicate itself around the Internet. Macro viruses infect programs like Microsoft Word and Excel. These specific viruses bind themselves to the initialization phase of a program. The virus sends out instructions while passing power to the program once the application starts. Then the virus copies and attaches this to other programs in the operating system.

Typically, File infector viruses bind itself to executable code, for example as .exe scripts…


Third-party web tools are used in XSS attacks to execute scripts as in unexpecting web browser and scriptable program. The attacker can inject a payload containing malicious JavaScript further into database of a website. Whenever the user demands a page from both the website, then sends the page to the victim’s browser, which runs the bad script since the attacker’s payload is included in the HTML body.

What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy (portswigger.net)

In instance, it could deliver the unware person’s cookie to such attacker’s server, where the attacker could retrieve and use that to infiltrate the session. Once XSS is used to circumvent additional bugs…


Gaining passwords would be a commonly utilized attack approach since passwords are perhaps the most widely used way to authenticate a user to a data system. Looking behind a person’s monitor, sniffing that network link to retrieve unencrypted passwords, employing social engineering, and getting entry to a password archive can all be used to gain admission to an individual’s password.

Brute Force Attacks: Password Protection | Kaspersky

One type is Brute-force password randomization which entails using a spontaneous strategy by attempting various passwords and ensuring that one of them works. Using logic, attempt passwords linked to the person’s name, work description, hobbies, or similar things. Then there…


The process of transferring emails that seem to be from reputable sources in order to obtain sensitive information or persuade people to do something is known as phishing. It mixes social psychology and technological sleight of hand. It may be an addition to an email that contains malware that infects your computer. It may even be a gateway to a malicious website designed to trick you into uploading malware or disclosing personal details.

Photo by Bermix Studio on Unsplash

Spear phishing is a highly focused form of phishing. Attackers carefully study their goals and craft communications that are specific and important to them. As a result…


A MitM attack happens when an intruder intercedes here between client and a server’s communications. An attacker hijacks a session between a trusting client and a network server in this form of MitM attack. While the server resumes the session, assuming it is connecting with the trusted client, the invading machine switches its IP address for the trusted client.

Ways in which a Session hijack may occur:

  1. A client establishes a connection with a server.
  2. Control of the client is transferred to the attacker’s monitor.
  3. The client is disconnected from the server by the attacker’s machine.
  4. The attacker’s computer spoofs…


A denial-of-service attack exhausts a system’s power, preventing it from responding to customer queries. A distributed denial of service (DDoS) attack is also an attack on device infrastructure, but it is initiated from either a large majority of other host computers compromised with malicious software managed by the attacker.

In contrast to threats that have been intended to allow the attacker to obtain or improve access, denial-of-service attacks do not have clear benefits to just the attacker. For any of them, the pleasure of service refusal is sufficient. …

Ivery Daniels III

Cyber Security Professional | Red Team

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store