Experienced Cybersecurity geek | Passionate about Shoring Up Vulnerabilities and Protecting Against Threat Actors | Dedicated to Safeguarding Digital Assetsmabioragau.com Error: can't find the locationJoined May 2020
Phishing emails trick you into handing over passwords or clicking malicious links. They mimic trusted companies like your bank or Google. Always check the sender address and type URLs manually instead of clicking. Stay skeptical. #SSOT#InfoSec
A password manager stores all your logins in one encrypted vault. You remember one master password while it generates strong unique passwords for every site. No more reusing passwords across accounts. #SouthSudanCyber#CyberSecurity
Two-factor authentication adds a second lock beyond your password. A code from your phone or authenticator app stops hackers even if they know your password. Enable 2FA on every account you can. #SouthSudanCyber#CyberSecurity
A data breach means hackers stole your info from a company's database. Names, emails, passwords - all vulnerable. Use unique passwords everywhere so one breach does not leak everything. #SouthSudanCyber#CyberSecurity
Social engineering targets you, not your computer. Hackers call pretending to be IT support or your bank. They exploit trust, not code. No software stops a human trick. Stay skeptical of unexpected requests. #SouthSudanCyber#CyberSecurity
A security researcher has discovered serious vulnerabilities in the newly released FIFA 26.
ROOT CAUSE:
The root cause appears to be a fundamental architectural flaw: client-side authorization without corresponding server-side enforcement.
The game's internal applications use Microsoft Entra for authentication and role-based access control (RBAC). On the frontend, the Angular, React, or Vue applications inspect the JWT's role claims to determine which pages or features a user can access, displaying "Access Denied" when appropriate.
However, the backend APIs reportedly fail to enforce those same authorization checks. Instead, they trust that any authenticated tenant member is authorized, returning sensitive data regardless of the user's assigned roles.
In other words, the frontend enforces permissions in the user interface, but the backend does not. Since client-side checks can be bypassed, authorization decisions must always be validated on the server. Without server-side enforcement, an authenticated user may be able to access data or functionality that should have been restricted.
Read more: bobdahacker.com/blog/fifa-hack
A VPN creates a secure tunnel for your data. Everything you send goes through an encrypted pipe - no one on the wifi can read it. Your real IP stays hidden. Privacy on public networks. #SSOT#CyberSecurity
Encryption scrambles readable data into secret code. Only someone with the right key can unscramble it. The Caesar cipher shifts each letter by a fixed number. Julius Caesar used it 2000 years ago. Same idea powers modern HTTPS today. #SSOT#CyberSecurity
Data breaks into tiny packets when sent online. Each carries part of the message plus sender/receiver info - like a digital envelope. Routers forward each to its destination. Simple magic behind every website. #SouthSudanTech#CyberSecurity
An IP scan checks if devices on a network are online. Ping sends a tiny packet to an IP address - if the device replies it is alive and reachable. Network admins use this daily to map, monitor and troubleshoot. #SouthSudanTech#CyberSecurity
Linux is the free open-source OS that powers most of the internet. Unlike Windows it gives you total control over every file and process. Security pros choose Linux because transparency means fewer surprises. Start with Ubuntu today. #SouthSudanTech#CyberSecurity
The command line is a text-based way to talk to your computer. Instead of clicking icons you type commands like ls (list files) and whoami (who you are). Every cybersecurity pro starts here. It is simpler than it looks. #SouthSudanTech#CyberSecurity
A website is just files (text, images, code) stored on a server. When you type a URL, your browser ASKS the server to send those files — then displays them as the page you see. That's the internet in 60 seconds #SouthSudanTech#CyberSecurity
A port is a numbered door on your device. Port 80 handles regular web traffic (HTTP). Port 443 handles encrypted web traffic (HTTPS). An IP is your building address — ports are specific apartment numbers. #SSOT#CyberSecurity
A firewall is your computer's security guard. It inspects every piece of data trying to enter or leave and blocks anything suspicious. Without a firewall your device accepts ALL traffic — good and bad. Simple protection everyone needs. #SouthSudanTech#CyberSecurity
HTTP is the language websites use to send data. HTTPS adds encryption (the padlock). Without HTTPS anyone on your network can read what you send. That padlock means your data stays private. #SouthSudanTech#CyberSecurity
DNS is the internet's phonebook. Type a domain like google.com and DNS finds the matching IP address so your device can connect. Without DNS, you'd memorize numbers for every site instead of just typing a name. Simple. #SSOT#CyberSecurity
243 Followers 1K Following🛡️ | OffSec Specialist & API Security Pro | OSCP Certified 🧾 | Web & Mobile App Pentester 🌐📱 | DM me to Test & Secure your Digital Assets 👇
2K Followers 2K Following|🎓Public Policy & Admin |@MofaJapan_en Peacebuilding and Development South Sudan Recipient(FY2025)/Program Associate @HiroshimaUnivEn |Writer and Researcher |
1 Followers 2 FollowingConnecting South Sudan through innovation. Tech solutions in app & web development, cybersecurity, and more. Empowering enthusiasts to shape the future. 🌍💻
2K Followers 2K Following|life is 10% what happens to us and 90% how we react to it|Views are my own |Rais wa baadaye| EWB-UK Fellow|Oil and Gas| Safety Engineer| Researcher | DAAD LFA
243 Followers 1K Following🛡️ | OffSec Specialist & API Security Pro | OSCP Certified 🧾 | Web & Mobile App Pentester 🌐📱 | DM me to Test & Secure your Digital Assets 👇
1K Followers 15 FollowingCybersecurity Professional & Pentester. Focused on offensive security,CTF player, and training the next generation of security experts.
223K Followers 87 FollowingOne guy. Global cybercrime. Tracked so you don't have to. Ransomware, data breaches, dark web activity, darknet markets, IOCs & emerging threats. Stay informed!
2K Followers 2K Following|🎓Public Policy & Admin |@MofaJapan_en Peacebuilding and Development South Sudan Recipient(FY2025)/Program Associate @HiroshimaUnivEn |Writer and Researcher |
130K Followers 147 FollowingOfficial X Account of Vipers SC. 8 Time UPL Champs (2010, 15, 18, 20, 22, 23, 2025, 26), Uganda Cup (2016, 21, 23, 25), Super Cup (2015) & Super 8 Cup (2019).
7K Followers 0 FollowingVideos/historical research on espionage, intelligence, counter-intelligence, and secure communications. Always seeking more spy gadgets and stories! Contact us!
1 Followers 2 FollowingConnecting South Sudan through innovation. Tech solutions in app & web development, cybersecurity, and more. Empowering enthusiasts to shape the future. 🌍💻
31K Followers 820 FollowingUniversity administrator, academic, social activist, author of South Sudan: Path Not Taken, and blogs at https://t.co/aoh6ME81gA
7K Followers 143 FollowingWe create content and manage socials for your cybersecurity organization. 🚀
Sound good? 👉 https://t.co/H8NucTI4zJ
Founded by @hakluke
3K Followers 379 FollowingA Hub for Ideas, Art, Design, Tech & Entrepreneurship.
Located in the heart of Juba, South Sudan.
https://t.co/7LAWxxhaS8
For Inquiries: [email protected]