This week’s tasks were to post on our Twitter and LinkedIn about anything relating to Android Security, make a google slide relating to Android Security, and complete four tryhackme rooms. The following tryhackme rooms: Android hacking 101, Android Malware Analysis, Linux backdoor, and Nmap. To be honest, I am tired of doing google slides about different cybersecurity topics. Anyone knows how to make a google slide presentation, so I’m not learning a new skill. Also, I am tired of the tryhackme rooms as well. Tryhackme is a great tool to learn cybersecurity skills, but I am a little burnout. Hopefully, we are not assigned any more Tryhackme rooms.
On Friday’s mandatory zoom meeting, I found it informative because he was telling us to not just apply to cybersecurity just to break into the IT industry. He advised us to find what we find interesting in cybersecurity and specialized in it. You don’t want to end up in something you have no interest in just to have a job because that can lead to hating your job and burnout. You wasted your time doing something you aren’t passionate about. Your cybersecurity job is supposed to be something you enjoy, so take the time to build your cybersecurity skills to get your dream job.
I agree with everything that was said in the meeting. You should apply for jobs that you are interested in. However, I understand how frustrating it is to apply to multiple job postings and just received rejection emails after rejection emails. Recruiters reached out and ghost you. You apply to jobs and hear nothing back. In a perfect world, everyone would take the time to find their dream job. However, we live in a capitalist society where everything costs money. People need money to provide for their families, so I understand why anyone would apply for anything just to get their foot in the IT space. Once you are in, you are in. It gets easier to get the next IT job.
The main takeaways this week were learning about Android Security and Nmap room on tryhackme. Mobile security is an important topic to learn because cyberattacks don’t only affect computers, but our mobile devices as well (Apple fanboys do not tell me about how secure iOS is. A cyberattack is going to happen regardless of the OS system. Hello, have you guys heard about zero-day attacks). Recently, Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems. This vulnerability affected multiple Android Apps that exposed users to remote or local attacks. Here is the link to the article if you want to read more about it: https://www.microsoft.com/security/blog/2022/05/27/android-apps-with-millions-of-downloads-exposed-to-high-severity-vulnerabilities/?ranMID=24542&ranEAID=TnL5HPStwNw&ranSiteID=TnL5HPStwNw-dWS2JHW1zdoPXWDICq7FzQ&epi=TnL5HPStwNw-dWS2JHW1zdoPXWDICq7FzQ&irgwc=1&OCID=AID2200057_aff_7593_1243925&tduid=%28ir__pbmibpnu1skf62ukw3vqb3dq122xvh203du01xb200%29%287593%29%281243925%29%28TnL5HPStwNw-dWS2JHW1zdoPXWDICq7FzQ%29%28%29&irclickid=_pbmibpnu1skf62ukw3vqb3dq122xvh203du01xb200.
The Android Hacking 101 room was difficult. It was hard to follow and the instructions were not clear. I felt completely lost and had to use a walkthrough to complete this room. The Nmap and Linux backdoor were my top two favorite rooms. Nmap was informative and interactive. I was already familiar with the command, Nmap due to Fullstack Academy. This room went into depth about Nmap and how to use it as well. Nmap is a very powerful scanning tool. Definitely, I recommend this room to anyone getting started in cybersecurity or interested in offensive cybersecurity(pen testing). It was interactive and fun. The Linux backdoor room was very informative, but not very informative. You learn about different techniques such as SSH backdoor, PHP backdoor, CronJob backdoor, .bashrc backdoor, and pam.unix.so backdoor. I wish this was interactive. It would have been cool seeing this backdoor in action.
Overall, this was a good week. It was very informative and might I say inspiring that my dream cybersecurity job is out there. I just have to be patient and keep on building my skills.
Thank you for reading my post. Yes, I received my certificate to move on to week 7. Please follow along to continue with my cybersecurity internship series. See you guys next time.
Update week 7 post: https://dijah.medium.com/week-8-exciting-e509e0154f06