munaza jameel

7 Phases of a Cyberattack Explained! Introduction to Cyber Kill Chain: Cyber Kill Chain means the phases of attack performed in ethical hacking. It is like a kind of hacker’s playbook. Cyber Kill Chain is a structured series of steps that attackers follow to breach systems and carry out their malicious missions. These steps help organizations to detect and stop the threats early. Cyber Kill Chain was originally developed by the defense contractor Lockheed Martin to understand how real-world cyber-attacks happen and how to defend against them. These are mainly 7 Phases of cyber kill chain. 1. Reconnaissance: The first phase of Cyber Kill Chain is known as Reconnaissance. Where cyber attackers act like a digital investigator. In addition, their goal is to gather as much information as possible about the target before launching the actual attack.  There are two types of Reconnaissance.  In passive reconnaissance, attackers gather publicly available information without interacting directly with the target. For example, checking websites, social media handles, and using tools like OSINT, (Open Source Intelligence). In active reconnaissance, attackers directly engage with the target’s system, such as scanning the network to find open ports or vulnerabilities. It’s like trying to open a door knob without actually entering the house door key. Hackers may also use social engineering during this phase to trick the people into giving away system information, like passwords, OTPs, through phishing emails, or by playing with their psychology. Some even go to the extent of a dumpster. Reconnaissance is basically about gathering clues before attack launch by attacker. 2. Weaponization: The second phase of Cyber Kill Chain is known as Weaponization means building the cyber weapon.  In this stage, attackers create a malicious payload based on the information they gathered. This could be a virus, ransomware, or often combined with a normal looking file like with a PDF or Word document. The goal is to turn their plan into a working digital weapon that can harm the target system when delivered and activated. In simple words, weaponization is this phase where attacker creates a weapon to attack on the target. 3. Delivery: The third phase of Cyber Kill Chain is known as Delivery. Delivery means sending the malware to the target. Once the cyber weapon is ready, it needs to be delivered to the target. Delivery is all about finding a way to send the malware without knowledge of target. Some common delivery methods include; This phase is like a secret drop-off operation to deliver the weapon without being noticed. In simple, delivery means the delivery of that prepared weapon to the target. 4. Exploitation: The fourth phase of Cyber Kill Chain is known as Exploitation. It means taking advantage of weaknesses of target’s system. After delivery the next phase is where the malware gets triggered and take advantage of system weakness or vulnerabilities. The main goal here is to gain unauthorized access of target system. For example, if there is a flaw in software program that was not updated or password protected, attackers can exploit it to break in. This stage reminds us why it’s important to regularly patch and update the software so these vulnerabilities are closed before the attackers can use them. In simple, take advantage of weakness and enter into system of target. 5. Installation: The fifth phase of cyber kill chain is known as Installation. It means creating a foothold inside the system. Now that the system is compromised by using exploitation of any vulnerability, attackers need to ensure that they stay inside. In Installation phase, they install the malware or open the backdoors that let them control the system later. It’s also known as Advanced Persistent Attack, means to maintain a system control for a long time. For that they add the persistence mechanism so that even if the system restarts or tries to clean up, the malware stays. It’s like a hidden software looks like book icon into a system and hiding inside but in actual it’s not real book, so the target will thought it’s just a normal book.  Leaving behind a secret door or a secret key to open back whenever they want. Some examples include remote access tools, hidden software, or files disguised as normal programs. 6. Command & Control (C2): The sixth phase of Cyber Kill Chain is known as Command and Control. It means a remote communication. After setting up inside the system, attackers want to control it remotely. The Command and Control phase is where they set up convert communication channels to send instructions to the compromised device. This can involve; This phase allows attackers to steer the attack from anywhere. In simple, to perform attack from anywhere in the world and have complete control of it. 7. Actions on Object: The seventh and the last phase of cyber kill chain are known as actions on object. It is the final goal of performing attack. Finally the attacker executes their real purpose, so this could be; This is the phase where real damage happens, whether it’s theft, destruction, or financial loss. Conclusion: The Cyber-Kill chain provides us with a step-by-step understanding of how cyberattacks occur. We have an opportunity to identify, halt, or avoid the attack at each stage. Defenders can prevent significant system damage if they can detect and stop the attack early, for example, during the reconnaissance or delivery phase. So if you want to start learning ethical hacking start with free resources available on YouTube and read books. You can go short term diploma or you can also enroll in full time degree as well. Just start Learning and share you journey with me. If you found this guide useful. keep an eye out for additional cybersecurity tutorials for beginners! Stay tuned with my blog for additional real life cyber security walkthroughs. Just check out the cyber security roadmap for beginners. https://munazajameel.site/cybersecurity-roadmap-2025-beginners/. OR you can check out my youtube channal for better content. https://www.youtube.com/@itzmunazahSee you next time!

OWASP Top 10 Vulnerabilities! OWASP (Open web application Security Project). Is an organization that publishes the list of top 10 vulnerabilities after every 3 years. So the most common OWASP Top 10 Vulnerabilities explained in simple wording so that everyone can understand what does these all mean and how it works. 1. Broken Access control: In Simple words, it Mean you are doing any unauthorized thing due to any vulnerability caused by human error. The resources which is not available for us but still we can access it, called as broken access control. For example; in Facebook, we have only access to create changes in our own account but due to any vulnerability in Facebook systems we can make changes in other user’s accounts. 2. Cryptographic Failure: Cryptographic mean change of normal plan text to encrypted text (unreadable). So when we aren’t able to do proper encryption of text, the encrypted text can be decrypt easily it’s called as cryptographic failure. For example, if we visit any website the information of that website is end to end encrypted between us and servers, so when someone decrypt that information between us, called as cryptographic failure. 3. Injection Vulnerability: Mean when we put or enter any data and our server accepts it without verification it’s called as injection vulnerabilities. Like SQL Injection (make changes in code of database), Command injection (make changes in code of system to control servers). When we put any payload (actual data/code send to website during attack) in parameters (piece of data like search through URL) of website and it became executed at servers. Payload is attached inside the parameter to attack a website. For example, we make malicious input query on any database and server accept it and execute it without any verification. It’s called Injection vulnerability. Like with the help of SQL Injection we can access any sql database and then delete it, modify it or make changes in that database. 4. Insecure design: When we disable security parameters of any product design during development phase, when the design of website is not properly secure. its called as Insecure design vulnerability. This is considered as the most common vulnerable in OWASP Top 10 Vulnerabilities 5. Security Misconfiguration: When we didn’t do proper security configuration in devices and systems. Like Enable unnecessary features and use of unsecure protocols (HTTP, FTP) and use of weak passwords. This is called as security misconfiguration. 6. Vulnerable and outdated software: Mean when we do no proper regular updates. Sometimes companies use outdated plugins and software’s that became easily vulnerable. This is considered as the most vulnerable in OWASP Top 10 Vulnerabilities 7. Identification and Authentication failure: When someone steals our cookies and uses it for access to our account and server allows it without any verification, it’s called as Identification and authentication. Like when we do save login information’s of accounts in browser and system store some cookies (where our login sessions are stored). So if someone steal those cookies and load it to their browser they can access account without login credentials. So when server can’t do proper authentication and verification it’s known as Identification and authentication failure vulnerability. Brute force attack (guessing of passwords) on account is also example of that. 8. Software and data integrity failure: Data Integrity means the data remain unchanged and when someone codes or files and system didn’t verify it, called as Integrity failure. For example when we use third party plugins, software or sources for the better performance or for functionality betterment on our web app or system, and which is not checking the data integrity. Like may be hacker already changed the hashes (digital fingerprint of file) of software or plugin. So if there is any change in hashes of software or system source it’s called as software and data integrity failure vulnerability. 9. Security login and monitoring failure: Mean if we enable login and monitoring to see who did login again and again and from which IP address or to see if any kind of attack performed on our web app. So if we are unable to see those actions then vulnerability is known as security login and monitoring failure. This is considered as the common vulnerability of development stage in OWASP Top 10 Vulnerabilities 10. Server site request forgery (SSRF): The request to specific page through URL of page is known as server site request. The server serve the unauthorized request is known as SSRF. Like if we want to go to groups on Facebook then Facebook server will take our request with URL of group page on Facebook and then open that required page. On the other hand, if server of Facebook is not properly configured and not validating URL and follow the path of our given URL request and give us details which is not in our permissions. Request through fake URL request and give access to internal data known as SSRF. Conclusion of OWASP Top 10 Vulnerabilities: https://www.youtube.com/@itzmunazah.So at the end I just want to say you Scammers are smart, so you have to be smarter. Stay aware with new threats and Vulnerabilities of cybersecurity world. So FOLLOW my blog https://munazajameel.site/blog/ for the latest awareness, protection tips and real learnings. Also you can content me or follow me on my other social media handles like tiktokhttps://www.tiktok.com/@itzmunazah?lang=en, instagramhttps://www.instagram.com/itzmunazah/?hl=en or YouTube https://www.youtube.com/@itzmunazah. #Also you can visit OWASP official website for better learnings and understanding! https://owasp.org/

Introduction In today’s post we will discuss about the most common attack happening right now in the world of cyber security, which is Social Engineering scam. When attacker play with your emotion and mind to get personal info, Passwords, or OTPs is called as social engineering. So let’s deep dive, today I will share a real Incident that really happens to me. I will tell you complete game plan of scammers and how you can protect your self-form social engineering attack. How Scammer Call? It was just a random day and a scammer called me through my mobile phone number and he was pretending to be a person from my Bank. A call from an unknown number appeared on my cell phone, so I received it and a person said Miss Munaza speaking? And I replied yes. He said mam am calling you from sad pay bank and your account is block. So if you want to activate your account I am sending you an OTP on your phone so just confirm me the OTP so that I unblocked your account. I became worry because I used that bank account so frequently. He said so many mails you were receiving from bank but you ignored all that’s why it happened. I was I shock because I never received any mail. But then I open my OTP message and read in OTP it’s clearly saying never share your OTP. Even bank will never ask for it. Immediately, something hit me and my mind clearly said it’s a red flag. So I hang-up call and just blocked that number and report it. How to React on Social Engineering Scam? As I was a student of cyber security, so I had already familiar with these common types of cyber-attacks. But I just want to say still for a Nano second I was trapped. I don’t know what did happened to me but I was thinking to tell him my OTP because he created so much panic and I was worried about my bank account. So I just want to tell you stay alert and smart. These types of attacks are happening now a days very commonly. One other attack like that is phishing attack which is also very common now days. Like you received a message from any unknown number and they said you win a prize of money so just click on Link. Some time it on name of BISP (Benazir income support Program) and to receive this money contact us on WhatsApp number. It’s also very common, so these messages are all scam so never click on any link or never contact them through WhatsApp. What is Social Engineering? In these types of attacks, scammer collect you information like ID card number, Passwords of accounts, or PIN number or OTPs from you by tricking you emotionally or create panic to play with human psychology and then use them against you. In simple words, when someone tricks you to gave your personal data by playing with your mind is called as Social Engineering. Tips for Security I learned from my experience that it’s not just about educated or aware about cyber security. It’s also about your emotional control as well; never panic in these kinds of situations. Just use your mind and stay calm and never share your information’s with anyone else. Even some time they spoofed numbers as well so sometimes it looks like the original number. But when they ask you about your sensitive data just cut off immediately. And contact your bank as soon as possible. Conclusion: So at the end I just want to say you Scammers are smart, so you have to be smarter. Stay aware with new tricks which scammers used for social engineering scam. Never trust so easily because your small step can cost you anything big. As the digital world is evolving and making our lives easy but it’s also becomes dangerous if we don’t stay prepared and aware. So FOLLOW my blog https://munazajameel.site/blog/ for the latest awareness and protection tips. Also you can content me or follow me on my other social media handles like tiktokhttps://www.tiktok.com/@itzmunazah?lang=en, instagramhttps://www.instagram.com/itzmunazah/?hl=en or YouTubehttps://www.youtube.com/@itzmunazah.

Cybersecurity Basics: A Complete Beginner’s Guide to IT, Data Security, and Career Paths When we learn about cybersecurity basics, Data first thing to understand, it is typically available in 3 forms on internet, This means data is stored on devices or storage medium. For example, data stored on USB, hard drive or database. Data actively being used or processed by an application. For example, when you copy a file or when a website processes your login info. Data being transmitted from one place to another over a network. For example, sending a file through WhatsApp or Email. Data Security means protecting data from unauthorized access, corruption, or theft. For example, Password protecting a pdf file or using encryption While Cyber Security means protecting computers, networks and systems from digital attack. For example, using firewall or antivirus software to block hackers. Information security means protection of all forms of data either digitally or physically. It ensures (CIA Triad) Confidentiality, Integrity, and Availability. For example locking physical files + encrypting digital files = inforsec Internet is global network of computers interconnected to share data. It is network of networks. Like access YouTube using internet. IT refers to using computers, software, networks, and systems to store, retrieve, transmit, and manipulate data. For example, Managing servers in an office, working with databases, or handling emails all fall under IT.                          Network Security                                                                              Internet Security Protects internal network (LAN, etc.) from threats. Protects data and devices from threats via the internet. Deals with firewalls, VPNs, network segmentation. Deals with antivirus, anti-malware, browser security. Example: Securing a Wi-Fi network in an office. Example: Protecting your PC from phishing emails. Cryptography is the science of securing information using codes and encryption. Cryptography is code word language to communicate. It helps in private communication, even if someone intercepts it, like WhatsApp end-to-end encryption is based on cryptography. Branches of Cyber security IT =  part of IT is Information security while part of Information security is cyber security. Information Technology (IT) └──> Information Security (IS)       └──> Cyber security (a sub-part of IS) · IT is the broad field. · Information Security is a part of IT focused on protecting data. · Cyber security is focused on digital threats (hacking, malware, etc.). 3 Common learning paths in cyber security. Top 5 Best and most trending Job roles in Cyber Security: · Cybersecurity Analyst · Penetration Tester (Ethical Hacker) · Security Engineer · SOC Analyst (Security Operations Center) · Cloud Security Specialist 1. Good Understanding of Cybersecurity Basics 2. Familiarity with Security Frameworks & Standards 3. Incident Detection & Response Skills 4. SIEM Tools Experience 5. Strong Reporting & Documentation Skills 6. Communication Skills 7. Basic Scripting or Programming Knowledge 8. Certifications (Often Preferred or Required) 9. Experience with Firewalls 10. Cloud Security Knowledge  Bonus Traits Also Valued: What SIEM Does: Task Example Log Collection Collects login records from servers, firewall alerts, etc. Monitoring Watches for patterns like multiple failed logins (could be brute-force attack). Correlation Links events together (e.g., same user logging in from two countries within minutes). Alerts Sends warning if suspicious activity is detected. Reporting Generates reports for audits (e.g., PCI-DSS, ISO27001). Examples of SIEM Tools: Why SIEM is Important in Cybersecurity: So If you’re starting in cybersecurity, focus on: For more blogs check https://munazajameel.site/network-threats-and-security-controls-part2/ or visit tiktok & Instagram @itzmunazah https://www.tiktok.com/@itzmunazah?lang=en See yaa naxt time.

Difference between CDMA vs TDMA. What is CDMA ? The CDMA stands for Code Division Multiple Access. It is multiple access method used in wireless communication where multiple users share the same frequency channel by assigning them unique codes. In CDMA everyone can transmit at the same time. But each user’s signal is spread over the entire band and separated using unique codes. Everyone uses same channel but different code/ language. For Example, 6 students in same class and they speak at same time but in different language. Everyone has their own language to communicate. Like you could not use voice and data at the same time The TDMA stands for Time Division Multiple Access. It is multiple access method where each user gets a different time slot on the same frequency channel. In TDMA everyone take turns to transmit at the time. Each user is assigned a specific time slot, like queue system. So everyone have same channel but different time. For example, imagine a classroom where only one student speaks at a time while others wait for their turn to speak. Like you could talk and text with switching time slots in Nokia Mobiles. CDMA VS TDMA Difference Summary Table: Feature CDMA TDMA Access Type Code-based (everyone at once) Time-based (one after another) Channel Sharing Same frequency, different codes Same frequency, different time slots Interference Lower (spread spectrum tech) Can increase with more users Call Quality Often better in crowded networks May degrade with too many users Complexity More complex system & phones Simpler compared to CDMA Example Use CDMA 2000, Verizon (3G) GSM, older Nokia phones (2G) Concept CDMA TDMA Analogy Everyone talks together but in different languages Everyone talks in turns, one by one Sharing Shared by code Shared by time Type Simultaneous Sequential So that’s it for day 8, and see yaa in next day!!! Read all Previous blogs fore detail lectures. https://munazajameel.site/blog You can visit Instagram https://www.instagram.com/itzmunazah/?hl=en

OSI VS TCP/IP in Cyber Security Two main Parts of Networking. OSI Model vs TCP/IP Model – What’s the Difference? Feature OSI Model TCP/IP Model Layers 7 Layers 4 Layers Concept Type Theoretical Model Practical & Real-World Used For Teaching/network design Real Internet communication Example Protocols FTP, HTTP, TCP, IP, etc. TCP, IP, HTTP, DNS, SMTP 7 Layers of OSI Model (Top to Bottom): Layer Name Simple Role Example 7 Application What user interacts with Chrome, WhatsApp, Gmail 6 Presentation Translates/Encrypts data JPEG, MP4, SSL/TLS encryption 5 Session Starts & ends communication Keeps you logged into a website 4 Transport Splits data into packets, error check TCP/UDP protocols (TCP = reliable) 3 Network Chooses route for data IP address, routers 2 Data Link Moves data between devices on same LAN MAC address, switches 1 Physical Hardware sends data as signals Cables, Wi-Fi signals, Ethernet Image for OSI VS TCP/IP in Cyber Security from note. OSI Model TCP/IP Model 7. Application 4. Application 6. Presentation 4. Application 5. Session 4. Application 4. Transport 3. Transport 3. Network 2. Internet 2. Data Link 1. Network Access 1. Physical 1. Network Access TCP/IP combines OSI layers into 4 real-world layers/ OSI VS TCP/IP in Cyber Security 6 Hacking attacks that everyone should must know!!! That’s it fr day 7 , see yaaa!!! For previous lectures follow Day https://munazajameel.site/day-5-part-2-of-learning-cybersecurity/ Also can check out my instagramhttps://www.instagram.com/itzmunazah/?hl=en & tiktok https://www.tiktok.com/@itzmunazah?lang=en