Estimated difficulty: 💜💜💜🤍🤍 In light of recent worries around 5G and its effects on the population (in particular the theory of it causing COVID-19), I thought I would try to demystify the cellular network generations and provide an understanding of how they have developed; in particular, focusing on the security Continue Reading
You Shall Not Pass: Authentication 101
Estimated difficulty: 💜💜🤍🤍🤍 Authentication. A familiar “buzzword” we see that is parroted in all things security, a selling point for many vendors, and a well-known term written (quite a lot) by pen-testers in their final reports. But what exactly is authentication? Well, in reality authentication is a complex and sizeable Continue Reading
Misery Business: Sextortion Emails
Estimated difficulty: 💜🤍🤍🤍🤍
Content Warning: This post includes discussion of sensitive topics such as revenge porn and blackmail. This week I’m primarily going to cover sextortion phishing campaigns, and a little about how to deal with these sorts of emails. I’ll also include some resources at the end of the post discussing general (non-phishing) sextortion, and organisations who can help if somebody tries to blackmail you with, or releases your personal content without your consent.
B3st Pass**rd Pr@ct!ces
Estimated difficulty: 💜🤍🤍🤍🤍 Passwords have been a form of securing your accounts for years. They are your key to unlock the door to your account for want of a better metaphor. You are the only person that should know your password, as the creator and keeper of this information. My Continue Reading
STOP! In the Name of Web: Intercepting Traffic with BurpSuite (A Beginner’s Guide)
Estimated Difficulty: 💜💜💜🤍🤍 Another song themed blog, this blog will mostly cover BurpSuite interception basics (including how to setup BurpSuite). We will be demonstrating BurpSuite using Kali Linux, using the Community Version (1.7.35). As always, constructive criticisms and feedback are always welcome! Back to Basics Before we dive into the Continue Reading
Dank Docker Development
Estimated Difficulty: 💜💜💜🤍🤍 I’m sure you have all heard the whispers that Security folk dislike the Developer folk… However, the time has come for the Security-Developer to be born! I don’t know about you, but I am all for making my life easier and after a dissertation full of failures, Continue Reading
Thnks fr th Bnk Dtls: A Quick Guide to Fraud
Estimated difficulty: 💜🤍🤍🤍🤍 Hello, and welcome to another week of Security Queens! 🎉 This week I’ll try to give you a quick overview (not exhaustive) of a few common types of fraud, a bit of information about money laundering, and a little perspective about how it all ties into the Continue Reading
They See Me Scannin’, They Hatin’: A Beginner’s Guide to Nmap
Estimated Difficulty: 💜💜💜🤍🤍 Recon, Recon, Recon One of the most important phases of an attack, is the reconnaissance phase. Often abbreviated to recon, this phase usually consists of a variety of process and techniques to collect information about a target system. This phase may also be known as “Information Gathering” Continue Reading
Cryptography Terms
Estimated difficulty: 💜🤍🤍🤍🤍
Hey! This is a quick, simplified overview of some related terms for anyone who isn’t familiar with cryptography. I’ll add to this as time goes on to try and make sure it includes the terms used in other posts. 🥳
Bad Crypto 101: Spotting Red Flags
Estimated difficulty: 💜💜🤍🤍🤍 This post is heavily inspired by Simson Garfinkel’s A Field Guide to Spotting Bad Cryptography (2005) – link below – and aims to give you a quick, lightweight overview of things to look out for when you’re trying to assess the security of cryptography in the wild, Continue Reading