Executive Summary

Operating since 2018, BazarLoader (also known as BazarBackdoor) is a type of malware, often attributed to the TrickBot Trojan, which typically utilizes spam emails and spear phishing campaigns as infection vectors to gain backdoor access their victim’s system. Criminals then use this backdoor to send follow-up malware for further exploitation…


In a previous post, I covered the importance of hashing, as it relates to the Integrity component of the CIA Triad — a security model designed to guide policies for data security within an organization.

The CIA Triad is comprised of three major areas of information security: Confidentiality, Integrity, and…


Brad Duncan, who runs the website Malware-Traffic-Analysis.net, posted a new packet capture, which you can find here. This is a great website for learning how to analyze Windows malware-compromised network traffic, using Wireshark, Security Onion IDS alerts, and threat intelligence sharing platforms.

I am preparing to take the CompTIA CySA+…


A DMZ, or De-Militarized Zone, is a term originally coined by the military. Wikipedia defines a DMZ as:

“An area in which treaties or agreements between nations, military powers or contending groups forbid military installations, activities or personnel. …


In cybersecurity, there is a concept known as the CIA Triad — Confidentiality, Integrity, Availability:

  • Confidentiality ensures that data is accessible to only those that have authorized access. One example of this strong encryption of data, both in-transit and at-rest. This prevents sensitive data from being intercepted and/or exfiltrated.
  • Integrity

One dictionary defines imposter syndrome as:

“Anxiety or self-doubt that results from persistently undervaluing one’s competence and active role in achieving success, while falsely attributing one’s accomplishments to luck or other external forces.”

This seems to be a common thing, especially among people like myself, who are trying to get…


I generally prioritize organization and structure. One thing that I have made a point to do in my cybersecurity journey is take notes, and keep them organized and updated.

A great note-taking app is called Notion. It’s free to use, and it’s compatible with mobile and desktop platforms. Users sign…


There is such a vast amount of responsibilities and skills that go into cybersecurity. It is impossible to learn it all. Quite a few security professionals tend to have some sort of niche that they most closely identify with. …


This is a walkthrough for the Malware-Traffic-Analysis.net case called Infection at the Japanese office. The link to the page at MTA is here, which includes a prefaced incident description (also shown below), PCAP file, and corresponding Snort and Suricata alerts as text files. …


A report by the FBI found that business email compromise (BEC) scams cost American organizations over $1.8 billion in 2020. The average cost of a data breach is approximately $3.2 million. …

Jacob Stickney

CSAP (CySA+, Security+) security analyst, pursuing a career in cybersecurity.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store