Malware is any malicious software designed to exploit systems, steal data, or disrupt operations. Cybercriminals use viruses, worms, trojans, ransomware, and spyware to compromise personal and enterprise security. Ransomware, for example, encrypts a victim’s files and demands payment—usually in cryptocurrency—to restore access. Attackers often gain access through phishing emails, drive-by downloads, and unpatched vulnerabilities.
To defend against these threats, it’s crucial to keep systems updated, use offline backups, and implement layered security measures. Antivirus and anti-malware software with signature-based detection help identify known threats, while behavior-based analysis can detect new attack patterns. By staying proactive, both individuals and businesses can significantly reduce their exposure to cyber threats.
OSINT: Investigating Cyber Threats with Open-Source Intelligence
Another area I’m exploring is OSINT (Open-Source Intelligence), which involves collecting and analyzing publicly available data for cybersecurity and investigative purposes. OSINT is widely used in penetration testing, fraud detection, and cyber threat intelligence.
Some useful OSINT tools I’ve been researching include:
🔹 Pimeyes – A reverse image search tool to find similar faces online.
🔹 WhatsMyName – Helps identify usernames across various platforms.
🔹 ExifInfo – Extracts metadata from images and documents, revealing location, timestamps, and device details.
🔹 Google Dorking – Uses advanced search queries like site:tesla.com filetype:xlsx to find hidden files online.
Next, I plan to dive deeper into sock puppet accounts, using tools like Fake Name Generator and privacy-focused payment methods for online anonymity. OSINT plays a crucial role in cyber investigations, threat hunting, and penetration testing, and I’m excited to keep expanding my knowledge in this area.
Job Search Update: Developer Role in Cybersecurity
As part of my cybersecurity career journey, I recently applied for the Sr. .Net, C#, Angular Developer for Criminal Justice System role with Computer Consultants International. This role aligns with my background in IT and programming while allowing me to apply my cybersecurity expertise in software development.
One of the challenges I’ve encountered in my job search is navigating different industry expectations. Some roles require security clearances, while others focus on hands-on experience with network security, penetration testing, and malware analysis. I’m continuously refining my resume and skills to match employer needs, and I plan to incorporate OSINT techniques into my cybersecurity work.
Think Positive Cyber 
2 responses to “Understanding Malware, OSINT, and My Cybersecurity Journey”
[…] j03.page. For example, penetration testers use OSINT to research a target company’s exposed information (like leaked credentials or misconfigured servers) before attempting an authorized hack. Fraud investigators might use OSINT techniques to track down online evidence of crime, and threat intelligence analysts collect OSINT data to understand new threats. The beauty of OSINT is that it doesn’t require special access – just clever searching. […]
LikeLike
[…] j03.page. For example, penetration testers use OSINT to research a target company’s exposed information (like leaked credentials or misconfigured servers) before attempting an authorized hack. Fraud investigators might use OSINT techniques to track down online evidence of crime, and threat intelligence analysts collect OSINT data to understand new threats. The beauty of OSINT is that it doesn’t require special access – just clever searching. […]
LikeLike