Cyber Vocab Session 4

Whaling, Firewall, Teams, Javascript, Access Control

Author

@ronantech
November 17, 2023

Session 4

Welcome to the fourth session of the Cyber Vocab newsletter!

This is Ronan from Cyber Vocab.

Today’s read time: 65 seconds

Let’s get right to it! ⬇️

Study Session 📚

Here are the five terms you’ll need to master by next week!

1. Whaling (Category: Common Vulnerabilities)

Whaling is a specific form of phishing attack that targets high-profile individuals (corporate executives, politicians, or celebrities), referred to metaphorically as "the big fish."

Whaling can lead to data breaches, privilege escalations, ransomware attacks, and espionage.

Whaling can be avoided by training whaling targets to have low profiles, avoid social engineering attacks, and enable tight security for their online accounts (Strong passwords, 2FA).

2. Firewall (Category: Networking)

A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies.

Firewalls filter networks from incoming malicious network traffic by analyzing the contents of network packets (IP address, port number, transferred data) and deciding if the packet can be accepted.

Firewalls can be hardware-based, software-based, or a combination of both, and are essential tools in preventing unauthorized access and data breaches.

3. Teams (Category: General)

Jobs in cybersecurity are labeled by team names.

🔴 Red Team: Professionals responsible for running penetration tests on organizations to simulate cyber attacks.

🔵 Blue Team: Professionals responsible for defending organizations and implementing security features.

🟣 Purple team: Professionals who do a mix of both red and blue team jobs.

🟡 Yellow Team: Professionals responsible for building and engineering the security features of organizations.

🟢 Green Team: Professionals responsible for automating security features for organizations.

🟠 Orange Team: Professionals responsible for educating cybersecurity to individuals and organizations.

4. Javascript (Category: Application Security)

Javascript is a programming language used to build web-based applications and some mobile applications.

Hackers can use JavaScript maliciously by injecting snippets of JavaScript into insecure applications and conducting attacks such as XSS and CSRF.

Sanitizing user input and implementing protocols such as Content Security Policy (CSP) can help applications avoid Javascript-based cyberattacks.

5. Access Control (Category: Common Vulnerabilities)

Access Control is a fundamental security strategy that dictates how users are authenticated and authorized to access computer resources, networks, and data.

Access Control is the system that dictates if a user is a public user, a premium user, or an admin user.

Broken Access Control (when hackers can change the status of their account) was ranked the No. 1 vulnerability in OWASP Top 10 2021.

Are you up for the challenge? 😈

Every week, you will be quizzed on whether you remembered the words from last week’s session.

Score well on the weekly quizzes and get placed on the scoreboard!

MCQ Quiz Length: 90 Seconds

Scoreboard 🏆

1. adomcecil0240

2. cyberbored07

3. markwstar45

Wanna talk with me 1-1?

If you want to talk tech with me or have questions about SWE / Cybersecurity,

send an email to [email protected] 

My inbox is open 24/7.

Sponsors 🤝

This week’s session is sponsored by Notion.

Notion is an all-in-one workspace for note-taking, project management, and task organization.

Start using Notion using this link.

What I’m Doing

What I’m studying

I’m going through IBM’s DevOps Course.

What I’m working on

Currently working on an IoT project using an ESP32-CAM.

What I’m reading

I’m reading about OpenAI’s new features.

That’s it for this week! I’ll see you again! 👋

PS: If you haven’t followed me on all my other socials, do so below ⬇️