Cybrary’s Cyber Security Blog

Enjoy this Blog?
Share now!
Facebook
Twitter
Google+
LinkedIn
Email
Join Cybrary
Cybrary’s official company blog.

New-Cybrary-Logo-2016---White-Background

You’ll find official announcements and other news and stories from the team and our friends in the cyber security industry.
The product is evolving at a rapid pace, check back for product updates.


Published Cyber Security Blog Posts

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here
Published: December 9, 2016 | By: Olivia | Views: 114
  #deeplearning Fortune 500 Companies have a new secret weapon against cyber crime: IBM’s Watson for Cyber Security.  This overachieving supercomputer uses machine learning and language processing to sift through vast amounts of data, both structured and unstructured. As Watson distinguishes patterns, it is able to apply context to those patterns, helping professionals identify if activity is harmful. The best part? Watson’s technology spans across industries and among those c ... Continue Reading >>

Published: December 8, 2016 | By: rcubed | Views: 126
The most enduring principle of detective work is Locard’s exchange principle. Developed by the father of Forensic science, Dr. Edmond Locard (1877-1966), it states that a perpetrator of a crime will both take something from the scene of the crime as well as leave something behind. Whether a fingerprint, a cigarette butt, a bloody glove, or the murder weapon itself as in the literal “smoking gun,” most criminals slip up and get sloppy in the commission of their crimes. Fast forward over one ... Continue Reading >>

Published: December 7, 2016 | By: Olivia | Views: 658
Do you remember the Geico marketing campaign from a few years ago featuring cavemen with the slogan, “So easy a caveman could do it”? The driving message of this snarky humored campaign was that getting insurance is so, so easy, why wouldn’t you do it? My message is the same. And while I’m not calling you a caveman, I am saying that taking Cybrary’s skill certification tests is simpler than you may think, so why not at least try?  I like to believe that I am an expert at a lot of thin ... Continue Reading >>

Published: December 6, 2016 | By: rcubed | Views: 1020
Not long after the Internet and World Wide Web were unleashed on the public, plans were already underway to increase the potential pool of IP addresses available for allocation. The version of the IP protocol standard most in use today, IPv4, was released way back in 1981 and deployed in 1982. This version is a 32-bit protocol with 2^32 possible addresses. That’s over four billion possible IP addresses. Back in the early 1980s, that seemed like more than we’d ever need, but by 1998 the Inter ... Continue Reading >>

Published: December 2, 2016 | By: Olivia | Views: 696
I’ve got a buzzword for you. ‘Deep learning.’ Perhaps you’ve heard of it, or maybe not. But if you’ve been following the IoT trend like I have, you’ll hear its praise there. Deep learning is a branch of machine learning, and the one you can thank for improved voice search on smartphones and better image recognition across the internet. The concept is based on a set of algorithms that attempt to model high level abstractions in data by using a deep graph with multiple processing layer ... Continue Reading >>

Published: December 1, 2016 | By: rcubed | Views: 792
When we hear about cybercrime and hacking exploits we tend to immediately assign blame to the usual suspects: the Russians or the Chinese. Next in line are hackers from other Eastern European countries formerly part of the Soviet Union such as Romania and other satellites. Increasingly, cyber “bad guys” from Russia are hogging most of the press attention. Cyberattacks on computer systems at the DNC and the trove of confidential US government information delivered to WikiLeaks have bo ... Continue Reading >>

Published: November 29, 2016 | By: Olivia | Views: 765
Today, I’m a psychic. And my prediction for the upcoming year is this: Mobile applications will become hacker’s target of choice. According to Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute, a research think tank dedicated to advancing privacy and data protection practices, “The average organization tests fewer than half of the mobile applications it builds, and 33 percent of the surveyed companies never test their apps.” Not only is the lack of testing an issue, but th ... Continue Reading >>

Published: November 29, 2016 | By: rcubed | Views: 1552
The age-old battle of supremacy between PC and Mac users dates back to the introduction of the first Mac back in 1984. I jumped on the Apple bandwagon back then with a purchase of the original Mac 128k machine. I loved it and the MS DOS machines I was using at work couldn’t hold a candle to my smiling Mac at home. But peer pressure from colleagues at work and the sky-high cost of outfitting my Mac with peripherals and software drove me back into the PC camp where I’ve remained ever since. Ov ... Continue Reading >>

Published: November 25, 2016 | By: rcubed | Views: 1014
Being that it’s Black Friday, I thought it only fitting to revisit the infamous Target Security Breach of holiday shopping seasons past. For Cybrarians, there’s a lot to take from the case, particularly in the area of pentesting and fundamental network security best practices. And finally, there are the painful lessons of the high cost of being lax and basically clueless when it comes to protecting your organization’s most valuable assets: money and the public trust. The breach occurred be ... Continue Reading >>

Published: November 24, 2016 | By: Rachel Laura M | Views: 1293
Even though the average person might not be aware of it, software is everywhere in our daily lives. Everything from online transactions, buying a smartphone, to driving a car involves software. As consumers, we assume and take for granted that the software used to take care of things in our daily lives will not only work as we need it to, but that it is safe. But this is the reality? Disturbingly enough, software programmers are often asked to perform illegal and unethical tasks that can have s ... Continue Reading >>

Published: November 23, 2016 | By: Olivia | Views: 467
Dust off your comic books, Superman is back. Imagine this: In the latest issue, Superman sets up a secure perimeter around Metropolis. Or at least, he thinks it’s secure. While he’s leading his other life as Clark Kent, Lex Luther takes advantage of his accidental neglect to breach the boundaries Superman has set up, destroying the lives of millions in Metropolis and planting a heaping amount of Kryptonite for Superman to return to. The moral of the story? Just because a company has set-up d ... Continue Reading >>

Published: November 23, 2016 | By: BrBr | Views: 494
http://traffic.libsyn.com/brakeingsecurity/2016-046-Black_Nurse_buenoware_IoT_pwnage.mp3   This week, Mr. Boettcher found himself with an interesting conundrum concerning what happened when he converted a Windows DOCX file to a PDF using a popular #PDF converter software. We discuss what happened, how Software Restriction Policy in Windows kept him safe from a potential malware infection, and about the logging that occurred. After that, we discuss some recent vulnerabilities, like the Blac ... Continue Reading >>

Published: November 22, 2016 | By: rcubed | Views: 1082
There are currently 2 billion smartphone users in the world. These users have amassed over 268 million downloads. It should then come as little surprise that cybercriminals have turned their attention to attacking mobile devices and the users to which they’re attached. Mobile devices infected with malware currently stands at 1.12% as reported by IBM Trusteer. This malware infection rate has drawn equal to PC infection rates. These figures clearly indicate that there must be money to be made pr ... Continue Reading >>

Published: November 22, 2016 | By: Olivia | Views: 1876
My Kindle is my best friend. There I said it. And if you’re like me then chances are you want to soak up every ounce of knowledge you can when it comes to the topics you love. Books are a great source for that, and expanding your interests to the furthest corners of the industry will only help you become a more well-rounded learner. Whether you’re an expert in cyber security or just getting started, hearing the story behind why your skills are needed is just as valuable as learning those ski ... Continue Reading >>

Published: November 21, 2016 | By: Rachel Laura M | Views: 1148
The following statistics are very sobering and disturbing: More the 80% of US-based companies have been hacked This number includes major companies such as Target, Sony, and Home Depot These incidents caused consumer’s sensitive personal and financial information to be exposed, making millions vulnerable to things such as identity theft and tax fraud (to name only two of many possibilities) Cyber crimes continue to rise and cost an estimated $445 billion worldwide With increasing techn ... Continue Reading >>

Published: November 20, 2016 | By: Rachel Laura M | Views: 986
A certified ethical hacker is a computer programmer hired by a business to attempt to break into a computer system with the purpose of discovering vulnerabilities and other things a malicious hacker could potentially exploit, resulting in significant damage. Ethical hackers use the same methods and programs as their harmful counterparts but instead of using them to cause problems, ethical hackers take copious notes and document everything. This information is then used to evaluate the security o ... Continue Reading >>

Published: November 20, 2016 | By: Rachel Laura M | Views: 827
According to US News and World Report, software developers enjoy a median salary of $95,510 annually. In addition to this higher than average salary, the unemployment rate is very low (about 2.5%) and people in this field enjoy a nice work-life balance. It is a constantly changing, ever evolving field. Given all the positive aspects surrounding this field, it is no surprise that people are interested in what it takes to obtain a position in this ever-growing and lucrative field of cyber security ... Continue Reading >>

Published: November 18, 2016 | By: Olivia | Views: 1332
You probably opened this blog because you thought I’d be making a lot of drug references. Sorry, but I’m fresh out of Adderall. I do want to talk to you about addiction, and not as a disappointed parent. If I’m lucky, by now you’ll have read my blog on CPE. Hopefully, it has you fired up about the endless possibilities of learning for free and having the certifications to back your knowledge. But, if you’re like me, and fairly new to the cyber security industry, or the IT industry in g ... Continue Reading >>

Published: November 18, 2016 | By: Rachel Laura M | Views: 490
With today’s modern and sophisticated technology such as slim and fast laptops, smartphones, tablets and programs such as Skype and FaceTime, today’s employees are no longer married to the five day, 40 hours a week of being in the office, working at a desk. Rather, they can have the flexibility of working from home, sometimes even as a full time set up because these days if your company is based in LA but you live in New York City? No problem! Simply telecommute. According to Nemertes Resea ... Continue Reading >>

Published: November 17, 2016 | By: rcubed | Views: 340
A DOE contractor feeling the pressures of rising debt attempted to sell stolen uranium parts to agents of a foreign government. A government researcher who experienced a hostile work environment accessed a secured facility and intentionally left 4,000 biological samples to thaw resulting in a $500,000 loss to the project and setting it back months. And then there was the case of the IT contractor working for the NSA who absconded with a trove of classified data exposing the inner workings of the ... Continue Reading >>

Published: November 17, 2016 | By: Olivia | Views: 486
Let me start by asking you a question. What is your education worth to you? If your immediate thought was, well, not too much, then let me ask you another question. Would you be willing to spend about 40 minutes to learn a whole heck of a lot and get the certification to back what you just learned? Maybe you’d rather spend that time watching 2 episodes of The Office instead. Or maybe, your education means a heck of a lot, but you don’t see the added value of the certification itself. That’ ... Continue Reading >>

Published: November 16, 2016 | By: BrBr | Views: 300
http://traffic.libsyn.com/brakeingsecurity/2016-041-Ben_johnson.mp3     Ben Johnson from Carbon Black has been around the industry for a good while, and has seen a lot of ugly things in our industry. Ben had written a recent blog post (https://www.carbonblack.com/2016/08/12/benvlog-3-negative-forces-driving-security/) detailing the issues that seem to plague many companies and many people in the infosec community. We talked about these issues in depth, and how companies and even the em ... Continue Reading >>

Published: November 16, 2016 | By: BrBr | Views: 232
http://traffic.libsyn.com/brakeingsecurity/2016-045-aamir_lakhani-the_dark_web-creating_reputation.mp3   Mr. Boettcher and I met Mr. Aamir #Lakhani at DerbyCon this year, and immediately intrigued with his work on the Dark Web. He has assisted with law enforcement investigations, a known member of the dark web, to the point where people with #malware or bots will seek him out in an effort to ‘legitimize’ their work, similar to how being reported on by #blogger/#journalist Brian ... Continue Reading >>

Published: November 15, 2016 | By: rcubed | Views: 723
Each holiday shopping season has a must-have gift item. Holidays past had their Cabbage Patch Kids, Mighty Morphin Power Rangers, and Legos as perennial favorites. Holiday 2016 is shaping up to have several contenders, but no clear favorite has yet emerged. At least Pokemon characters are in the mix coming off the summer craze the Pokemon Go app created. But what is emerging as an unexpected – and unwelcome participant in this holiday season, not too unlike the Grinch – are counterfeit mobil ... Continue Reading >>

Published: November 14, 2016 | By: Rachel Laura M | Views: 749
The US Presidential Election, which took place on November 8th, 2016 was unprecedented and will likely go down in history as the biggest political upset of all time. Former Secretary of State and First Lady Hilary Rodham Clinton ran against billionaire New York businessman Donald Trump. Polls and news outlets all over the country and world all predicted a victory for Clinton but around 3am Eastern Daylight Savings time on November 9th, 2016, Donald Trump was declared the winner. After a controve ... Continue Reading >>

Published: November 10, 2016 | By: rcubed | Views: 507
Exploding lithium ion (Li-ion) batteries in hoverboards made in China last holiday season and more recently, exploding batteries in Samsung’s Galaxy Note 7 phones has raised awareness – and paranoia – over this battery technology. It’s a technology that’s been commercially available for 25 years, so why the rash of explosions all of a sudden? That’s what we’ll investigate in today’s post along with what the future holds for rechargeable battery technology. First, I should point o ... Continue Reading >>

Published: November 8, 2016 | By: rcubed | Views: 564
Managing the sheer number of alerts that get raised by incident response systems on a monthly basis has reached the point of overwhelm in many organizations. For the most part, it’s reached the point where InfoSec professionals have been forced to dial back the sensitivity of detection systems or simply ignore a large percentage of alerts according to a recent survey cited by DarkReading.com. Attempting to manually review log files and threat intelligence quickly succumbs to the “Mongolian H ... Continue Reading >>

Published: November 3, 2016 | By: rcubed | Views: 2393
I thought it might be both interesting and challenging to examine the recent revelation about the newly discovered emails on Anthony Weiner’s laptop. Emails that the FBI feels may be pertinent to the Hillary Clinton Email case. It should be an Interesting topic for Cybrarians taking any of the courses here on Cybrary.it dealing with computer forensics, not to mention challenging in terms of keeping politics out of the discussion. I’ll attempt to do my best to deliver on both scores. FBI Dire ... Continue Reading >>

Published: November 1, 2016 | By: rcubed | Views: 2265
LinkedIn.com recently reported a spike in job applications for October 2016. At the same time, they revealed their Top Skills of 2016, an annual list of skills employers need most. If that weren’t enough, LinkedIn.com broke things down on a global scale and included top skills across 14 countries. I suppose if you’re so inclined, you could consider a relocation to find the ideal fit for your skill set and lifestyle preference. Thanks, but I was only interested in top skills in the U.S. It is ... Continue Reading >>

Published: October 28, 2016 | By: TREVORH | Views: 503
Introduction Learning is a tricky thing. Research suggests 3 primary learning styles: auditory, visual, and tactile. Each person is different in the way they learn, and each technique offers various suggestions and strategies to optimize the learning experience. The Cybrary Team spent the past few weeks researching these learning styles and found something truly fascinating, all 3 styles recommend the use of Flashcards. Sifting through research paper after research paper it became abundantly cl ... Continue Reading >>

Published: October 28, 2016 | By: rcubed | Views: 1227
Friday morning October 21, 2016 didn’t get off to a good start for me. Shortly before 9 am EDT I was attempting to make an online purchase using PayPal as my payment processor of choice. When I clicked the “Submit” link (the button graphic wasn’t displaying), my browser spun its wheels for a few seconds and then tossed up the dreaded 404 “server not found” error page. My first thought was that PayPal was undergoing a DDoS attack. It made sense considering all the shenanigans that hav ... Continue Reading >>

Published: October 27, 2016 | By: rcubed | Views: 564
Elon Musk, CEO of Tesla Motors, recently announced that all the electric cars coming off Tesla’s assembly line will now be equipped to be full-on autonomous. It appears that the quest for truly self-driving cars – ones where you don’t have to sit in the driver’s seat anxiously hovering over the wheel in case human intervention is required – is upon us. This next generation of autonomous vehicles from Tesla will be outfitted with an impressive array of gear. Eight surround cameras will ... Continue Reading >>

Published: October 26, 2016 | By: rcubed | Views: 3231
When it comes to IT certifications most would agree that the “Big-3” essentials are CompTIA A+, CompTIA Network+, and CompTIA Security+. From there, a few specialized certs along the lines of Cisco CCNA, Linux and Microsoft certifications as well as a few other vendor and technology-specific certifications, are a good bet for adding the next layer to your certs portfolio. A solid collection of technology certifications in combination with hands-on experience is a good recipe for making you m ... Continue Reading >>

Published: October 18, 2016 | By: rcubed | Views: 862
We’ve all heard the scare stories about how hackers will one day successfully launch a power grid attack in the US. You may have even tried to imagine it by comparing it to something you can recall from recent history such as the infamous Northeast Blackout of 2003. A cascading series of calamitous events caused a large swath of the northeastern United States and portions of southeastern Ontario to lose electrical power. It created an evening commuter nightmare in New York City and forced many ... Continue Reading >>

Published: October 17, 2016 | By: Tatianna | Views: 1403
  To get you prepared for our newest addition, the “Incident Response and Advanced Forensics” course, we’ve put together this little list of Incident Response topics just for you! Let’s dig in, shall we? Intro to Incident Response Intro to Forensics IR and Business Continuity Overview Security Incident Response Types of Incident Response Major Issues Facing IR IR Procedures Top 0P3N Topics in Incident Response OWASP Top 10 Guidance for Incident Response Access all of ... Continue Reading >>

Published: October 13, 2016 | By: rcubed | Views: 875
Groups with ominous-sounding names such as Lizard Squad, Team Poison, and the Armada Collective are making a virtual killing from cybercrime. But the attack surfaces they target aren’t what you may have come to expect. Rather than going after financial and banking platforms where more challenging safeguards and harsher penalties are in place, these enterprising cybercriminals are exploiting relatively virgin territory where defenses and even criminal prosecution are almost non-existent.  To m ... Continue Reading >>

Published: October 11, 2016 | By: rcubed | Views: 753
Cast your vote for the 2017 Cybersecurity Excellence Awards, here! The need to increase awareness around the importance of cybersecurity is being championed by an increasing number of organizations and among them is the Department of Homeland Security (DHS).They have even designated the month of October as National Cyber Security Awareness Month. In a similar vein, the annual Cybersecurity Excellence Awards has been established to recognize products, companies, and individuals that demonstrate e ... Continue Reading >>

Published: October 7, 2016 | By: rcubed | Views: 929
The ITT Technical Institute (ITT Tech for short) announced on September 6, 2016 that it was immediately ceasing operations and closing all of its campuses. Less than two weeks later, on September 16, 2016, ITT Tech filed for bankruptcy protection and so ended the run of the oldest for-profit educational companies in the United States. The ITT Tech closing left 8,000 people suddenly without a job, but perhaps more troubling; it deferred, or in many cases, crushed the dreams of tens of thousands o ... Continue Reading >>

Published: October 5, 2016 | By: rcubed | Views: 732
What if I were to tell you that during the stone age of computing (1940s) women dominated the programming profession? You might have a difficult time believing me if you were to look around and observe the gender imbalance of women in tech today, but during WWII, it was women that “manned” the frontlines in the computer programming arms race. The first electronic computer was named ENIAC. It was a project begun during WWII and it literally filled an entire room. The mission was to build a ... Continue Reading >>

Published: October 3, 2016 | By: rcubed | Views: 2198
The National Cybersecurity Awareness Month 2016 is entering its 13th year this October. Founded in 2004, it is co-sponsored by the United States Department of Homeland Security (DHS) and the National Cyber Security Alliance (NCSA) to put the focus on the threats that exist online and the vigilance we all must assume to protect ourselves when navigating the perilous terrain of a connected world. These threats are even more acute with ever-increasing data breaches and cyber-attacks that seem to o ... Continue Reading >>

Published: September 20, 2016 | By: Tatianna | Views: 477
We’d like to invite you to OWASP’s 13th Annual AppSecUSA Conference taking place in Washington, DC, October 11-14. The event is comprised of two days of training sessions followed by a two-day conference where software security leaders, researchers and technologists discuss cutting-edge ideas, initiatives and technological advancements to secure web applications. This is also an opportunity for C-level executives focused on improving the security posture of their organization to discuss key ... Continue Reading >>

Published: September 14, 2016 | By: Tatianna | Views: 930
In a day and age where everything is online, it makes sense to use email; but why is it “a dying media”? Before I answer this question, have you ever wondered why people don’t use email? Well, one reason is all the junk or “spam” as people call it. No, not the food popular in American culture, but the kind literally NO ONE wants to take a bite of.     The second, not as obvious reason, is that it can be a bit inconvenient to use. I mean, with everything on phones and other mo ... Continue Reading >>

Published: September 14, 2016 | By: CyDefe | Views: 674
On this episode we discuss password leaks from Last.FM and Opera browser. You can check it out on our website www.cydefe.com or on youtube We are also doing a Qwertycards giveaway which can be found here http://www.cydefe.com/giveaway/ Continue Reading >>

Published: August 28, 2016 | By: CyDefe | Views: 1393
On this episode Micheal and i talk about CVE-2016-5696 better known as the off path attack. You can listen to our podcast on our website cydefe.com or via our youtube channel below. If you enjoy our podcast please subscribe to our channel and follow us on twitter. Show Notes: in /etc/sysctl.conf set the following value net.ipv4.tcp_challenge_ack_limit = 999999999 Then load the configuration with # sysctl -p Continue Reading >>

Published: August 16, 2016 | By: kylehanslovan | Views: 1222
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: August 3, 2016 | By: CyDefe | Views: 1131
On this weeks episode we are joined by Ben0xA who works for https://www.trustedsec.com you can follow him on twitter @Ben0xA. This week we discuss Macs and iPhones have a Stagefright-style bug, Android banking malware blocks victims’ outgoing calls to customer service, Hidden ‘backdoor’ in Dell security software gives hackers full access, and Companies failing to plan for many cyber dangers. This podcast and more can be found at CyDefe.com Remember to follow us on twitter @CyDefe ... Continue Reading >>

Published: July 30, 2016 | By: CyDefe | Views: 1518
Hey hey everyone, It’s been a little while since we’ve last posted but we figured we should pop on here and give everyone an update on our podcast. Since we’ve last posted we’ve had a few awesome episodes come out. Minicast: 1 http://www.cydefe.com/podcast/2016/5/20/minicast-episode-1 On this episode we discuss the linked in breach and its impact on users. We advise everyone to change any passwords they may have used over multiple accounts and discuss the top worst passw ... Continue Reading >>

Published: July 27, 2016 | By: BrBr | Views: 1224
http://traffic.libsyn.com/brakeingsecurity/2016-028-Cheryl_Biswas_Tiaracon_ICSSCADA_headaches.mp3   Long time listeners will remember Ms. Cheryl #Biswas as one of the triumvirate we had on to discuss #mainframes and mainframe #security. (http://traffic.libsyn.com/brakeingsecurity/2016-008-mainframe_secruity.mp3) I was interested in the goings on at BlackHat/DefCon/BsidesLV, and heard about #TiaraCon (@tiarac0n on Twitter). I went to find someone involved to understand what it was all about, ... Continue Reading >>

Published: July 27, 2016 | By: BrBr | Views: 1106
http://traffic.libsyn.com/brakeingsecurity/2016-029-Jarrod_Frates-What_to_do_before_a_pentest_starts.mp3 Jarrod Frates (@jarrodfrates on Twitter) has been doing pentests as a red-team member for a long time. His recent position at #InGuardians sees him engaging many companies who have realized that a typical ‘pentest #puppymill’ or pentest from certain companies just isn’t good enough. Jarrod has also gone on more than a few engagements where he has found the client in question ... Continue Reading >>

Published: July 27, 2016 | By: TREVORH | Views: 1430
Cybrary has been working hard to release our newest platform for individuals, allowing them to learn and develop their cyber security skills on Cybrary together. Drum-roll, please…Introducing Cybrary Teams! With Cybrary eclipsing the 500,000 Registered Users mark, we sought to find a way to bring people closer together to learn, share, and grow beyond what’s currently available on Cybrary. We believe Cybrary Teams will be able to meet the needs of learning cohorts, IT/Security Teams, ... Continue Reading >>

Published: July 26, 2016 | By: ginasilvertree | Views: 1087
By Andrey Makhanov A lot of people think Juliar is a combination of Julia and R programming languages. However, that’s simply not true. I originally created the *Juliar * programming language for a girl I used to love. She is a very talented artist and really wanted to find a way to express herself. She bought many books, and she wanted to learn how to create things on a computer. However, it proved difficult for her to understand the books, let alone the languages. I shared her pain. Whe ... Continue Reading >>

Published: July 26, 2016 | By: kylehanslovan | Views: 668
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: July 24, 2016 | By: ginasilvertree | Views: 1299
CyberPop gets your brain going! Today’s Question: What’s a Proxy Server? Answer: A proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion. Most proxies are web proxies, facilitating access to content on the World Wide ... Continue Reading >>

Published: July 24, 2016 | By: ginasilvertree | Views: 502
According to a 2016 survey by PwC: 65% of businesses surveyed are “embracing a more collaborative approach to cybersecurity, one in which intelligence on threats and response techniques is shared with external partners. Internally, organizations are rethinking the roles of key executives and the Board of Directors to help create more resilient and proactive security capabilities.” – The Global State of Information Security® Survey 2016 Continue Reading >>

Published: July 22, 2016 | By: ginasilvertree | Views: 1031
InfoArmor has identified a group of bad actors performing targeted cyberattacks on healthcare institutions and their IT infrastructure, including connected medical devices such as Magnetic Resonance Imaging systems (MRI), X-ray machines and mobile computing healthcare workstations. This group of bad actors has performed at least four successful attacks against US-based organizations of varying size, compromising a significant number of medical records. The threat actors claim to have stolen mil ... Continue Reading >>

Published: July 21, 2016 | By: ginasilvertree | Views: 3175
Here’s a complete list of DNS Training Videos on Cybrary (in alphabetical order by first letter). Explore additional classes and modules here… Configuring DNS Zone Transfers Length: 12:12 Configuring DNS Zones Length: 21:27 DNS Enumeration Lab Length: 03:58 DNS Overview and Zone Transfers Length: 18:44 DNS Records (part 2) Length: 08:51 DNS Servers (part 1) – Specific functions of the DNS Server Length: 09:12 Enterprise Computing (part 6.2) DNS Security Length: 09:52 Installing an ... Continue Reading >>

Published: July 19, 2016 | By: kylehanslovan | Views: 107
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: July 17, 2016 | By: ginasilvertree | Views: 1231
“Thanks to Apple’s tight control over its app store and operating system, threats to iPhones and iPads have been infrequent and limited in scale. This changed in 2015. In 2015, [Symantec] identified nine new iOS threat families,compared to four in total previously. Bootlegged developer software, known as XcodeGhost, infected as many as 4,000 apps. TheYiSpecter malware bypassed the app store altogether by using the enterprise app provisioning framework. Researchers found Youmi embedde ... Continue Reading >>

Published: July 15, 2016 | By: ginasilvertree | Views: 1087
CyberPop is a quick way to learn definitions and facts about cyber security.   Today’s Question: What’s SIEM Answer: The combined process of incident detection and incident response (pronounced “sim”). Includes features such as alerts, analytics, dashboards and forensic analysis.   Learn more terms in Cybrary’s Glossary. Continue Reading >>

Published: July 14, 2016 | By: BrBr | Views: 373
  http://traffic.libsyn.com/brakeingsecurity/2016-027-DFIR_policy_controls.mp3 Mr. Boettcher is back!  We talked about his experiences with the #DFIR conference, and we get into a discussion about the gap between when incident response is and when you’re using #digital #forensics. Mr. Boettcher and I discuss what is needed to happen before #incident #response is required. We also discuss the Eleanor malware very briefly and I talk about finding Platypus, which is a way for you to cre ... Continue Reading >>

Published: July 13, 2016 | By: ginasilvertree | Views: 1390
Recently, Cybrary released the “My Notes” feature, which members use to their personal record notes while take free cyber security training class. Since its inception, many users have leveraged this tool to capture critical information, thoughts and ideas. Researchers found that if important information was contained in notes, it had a 34 percent chance of being remembered. Information not found in notes had only a five percent chance of being remembered” (Howe, 1970, in Longman an ... Continue Reading >>

Published: July 10, 2016 | By: ginasilvertree | Views: 601
“Symantec discovered more than 430 million new unique pieces of malware in 2015, up 36 percent from the year before. Perhaps what is most remarkable is that these numbers no longer surprise us. As real life and online become indistinguishable from each other, cybercrime has become a part of our daily lives. Attacks against businesses and nations hit the headlines with such regularity that we’ve become numb to the sheer volume and acceleration of cyber threats.” – Internet Se ... Continue Reading >>

Published: July 8, 2016 | By: ginasilvertree | Views: 391
CyberPop is a quick way to learn more definitions and facts about cyber security. Today’s Question: What’s Remediation Answer: What an organization does to limit or stop an attack once it’s detected, as part of incident response. Includes things like blocking IP addresses, removing infected files or devices, and restoring affected systems to a known good state. Continue Reading >>

Published: July 6, 2016 | By: ginasilvertree | Views: 5277
Advanced Activities in Python Length: 39:47 Basic Python Commands and Functions Length: 29:47 Ctypes in Python Length: 31:32 Data Structures in Python Length: 31:36 Exceptions and Classes in Python Length: 28:05 Exploit Development (part 5) Python Length: 08:28 How to Install Python Length: 11:03 Info Gather (part 3) – Testing Your Python Scripts Length: 15:31 Introduction to Python Length: 21:15 Networking in Python Length: 27:49 Packet Analyzer – Writing a Packet Sniffer in Python Length: ... Continue Reading >>

Published: July 6, 2016 | By: ginasilvertree | Views: 1251
By Kathleen Smith For the last several years, cyber security leaders and business owners have been lamenting the worldwide hiring crisis for cyber security professionals[1]. From building new educational programs, to discussing the relaxation of immigration regulations, every corner of the cyber security community has looked for an answer to this crisis. At the same time, we as a veteran-owned firm want to ensure that veterans find great career opportunities which led us to ask one simple questi ... Continue Reading >>

Published: July 3, 2016 | By: ginasilvertree | Views: 634
What are Cyber Security Standards?   “Cyber security standards are various forms of security standards which enable entities and organizations to practice security techniques to help minimize the number of cyber security attacks. In essence, the cyber security standards are fundamental guides which provide a general outline as well as more specific techniques for implementing various platforms for cyber security. For more specific standards, cyber security certifications issued by an ... Continue Reading >>

Published: July 2, 2016 | By: ginasilvertree | Views: 2054
Today, most companies are deeply concerned about how to prevent ransomware. News stories abound and Infosec professionals are scrambling to keep themselves and their users out of the fire. Below, you’ll find a compilation of content to understand this important topic – from a 360 perspective. But, first a quick definition. According to Wikipedia: “Ransomware is a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restri ... Continue Reading >>

Published: July 1, 2016 | By: ginasilvertree | Views: 1041
CyberPop is a quick way to learn more definitions and facts about cyber security.   Today’s Question: What’s Penetration Testing or Pentesting?   Answer: “Penetration Testing or Pentesting refers to techniques for actively testing an organization’s computer or network security, usually by identifying potential vulnerabilities and weak spots and trying to exploit those and/or break in.”   Browse courses and topics here. Continue Reading >>

Published: June 30, 2016 | By: BrBr | Views: 693
http://traffic.libsyn.com/brakeingsecurity/2016-025-Windows_Registry-RunKey_artifacts-finding_where_malware_hides.mp3 The Windows Registry has come a long way from it’s humble beginnings in #Windows 3.11 (Windows for Workgroups).  This week, we discuss the structure of the Windows Registry, as well as some of the inner workings of the registry itself. Did you know that it is contained in specific files, located in %%Windows%%\system32, that are in a binary format? This makes them unreadab ... Continue Reading >>

Published: June 30, 2016 | By: BrBr | Views: 253
http://traffic.libsyn.com/brakeingsecurity/2016-025-Windows_Registry-RunKey_artifacts-finding_where_malware_hides.mp3   We are pleased to introduce Ms. Kim Green (Twitter: @kim1green). She is the CEO of KAZO Security, as well as the CISO / CPO of Zephyr Health, a #SaaS based #Healthcare data #analytics company.  She brings over 20 years of experience in healthcare and leadership to help small and medium business companies get help from a #CISO to assist in an advisory role. Ms. Green also ... Continue Reading >>

Published: June 29, 2016 | By: ginasilvertree | Views: 1426
Got burgeoning hacking skills? Growing cyber security talents? A compelling mission to join or continue working in the cyber security industry? A cyber security degree is something to seriously consider: Cybercrime continues to grow into more of a global threat – just read the news. Small, medium and large companies desperately need competent individuals to fight crime that come in the forms of security breaches and online attacks. Cybersecurity professionals report an average salary of $116 ... Continue Reading >>

Published: June 28, 2016 | By: TREVORH | Views: 3029
We love feedback from our Userbase. We have thousands of Users taking Cybrary classes on a daily basis and wanted to ensure that a Cybrary Certificate of Completion is a valuable measure of achievement. It should be something you’re proud to show your friends, family and employers. Upon 100% completion of a course on Cybrary, Users will continue to be able to use their Cybytes to purchase a Certificate of Completion. Many Users have also requested the ability to download their certificate ... Continue Reading >>

Published: June 28, 2016 | By: kylehanslovan | Views: 775
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: June 26, 2016 | By: ginasilvertree | Views: 618
Operation “Get Rich or Die Trying” — Beginning in 2005 and for a more than a three year period, American hacker Albert Gonzalez, along with accomplices in Russia and the Ukraine, pulled off what has been called the largest cyber crime of all time, stealing more than 170 million credit card and ATM numbers. Total losses were estimated at more than $300 million. – BlackStratus Continue Reading >>

Published: June 24, 2016 | By: ginasilvertree | Views: 818
CyberPop is a quick way to learn definitions, terms and facts about cyber security.   Today’s Question: What does ‘Kill Chain’ mean? Kill Chain is a “military-inspired term encompassing the various stages of a cyber attack—reconnaissance, weaponization, delivery, exploitation, installation, command and control, and action. Applies mainly to malware attacks, and was popularized by Lockheed Martin.”   Never. Stop. Learning. >> Browse courses and top ... Continue Reading >>

Published: June 21, 2016 | By: kylehanslovan | Views: 1260
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: June 21, 2016 | By: ginasilvertree | Views: 3244
According to the pentest-standard.org website, “The purpose of the Post-Exploitation phase is to determine the value of the machine compromised and to maintain control of the machine for later use. The value of the machine is determined by the sensitivity of the data stored on it and the machines usefulness in further compromising the network. The methods described in this phase are meant to help the tester identify and document sensitive data, identify configuration settings, communicati ... Continue Reading >>

Published: June 19, 2016 | By: ginasilvertree | Views: 807
Angler Manages to Infect more than One Million Workstations a Year “There is a common misconception that a user explicitly needs to download a malicious file in order to get his PC infected. Exploit kits use a technique called drive-by-downloads. With this technique, malicious software can be ran just by opening a website in your browser. Angler is by far the most effective exploit kit that makes use of drive-by-downloads. It manages to give millions of users a headache after visiting an ... Continue Reading >>

Published: June 17, 2016 | By: ginasilvertree | Views: 959
CyberPop is a quick way to learn more definitions and facts about cyber security.   Today’s Question: What are Exploit Kits? According to Wikipedia, “an exploit kit is a software kit designed to run on web servers, with the purpose of identifying software vulnerabilities in client machines communicating with it, and discovering and exploiting vulnerabilities to upload and execute malicious code on the client. One of the earlier kits was MPack, in 2006. Exploit kits are often desig ... Continue Reading >>

Published: June 14, 2016 | By: ginasilvertree | Views: 1914
  Information Security Governance and Risk Management professionals maintain and enforce policies to ensure the preservation of information security and build plans to account for applicable risks. Watch these videos to learn more!   Information Security Governance & Risk Management (part 1) Length: 06:03 Information Security Governance & Risk Management (part 2.1) Length: 10:59 Information Security Governance & Risk Management (part 2.2) Length: 13:12 Information Security ... Continue Reading >>

Published: June 14, 2016 | By: kylehanslovan | Views: 2330
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: June 13, 2016 | By: TREVORH | Views: 18354
We’re very excited to launch My Notes on Cybrary. My Notes was developed after spending a good deal of time speaking with Users and learning what we could provide to help improve the experience on the site. Researchers found that if important information was contained in notes, it had a 34 percent chance of being remembered. Information not found in notes had only a five percent chance of being remembered”(Howe, 1970, in Longman and Atkinson, 1999). New Note Icon Available on Lesson Pag ... Continue Reading >>

Published: June 12, 2016 | By: ginasilvertree | Views: 1083
” A staggering 98% of tested web applications were vulnerable to attack. Web apps are everywhere now, and it’s essential that updates and patches are installed so known vulnerabilities are addressed.” – 2015 Trustwave Global Security Report Continue Reading >>

Published: June 11, 2016 | By: ginasilvertree | Views: 1027
CyberPop is a quick way to learn more definitions and facts about cyber security.   Today’s Question: What was Heartbleed? A widespread vulnerability discovered in April 2014 that put user passwords (and other sensitive information) on popular websites at risk of being stolen. The bug, in OpenSSL encryption software, allowed hackers to repeatedly access a Web server’s memory.   Yearning for more information? Browse Cybrary courses and topics here. Continue Reading >>

Published: June 8, 2016 | By: ginasilvertree | Views: 6778
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers. (from Wikipedia) Exploit Development (part 10) Creating Shell Code in Kali Linux Length: 16:33 Kali Linux (part 1) Length: 00:58 Kali Linux (part 2) Kali Linux Commands Length: 14:06 Kali Linux (part 3) – Directories, myfile and Nano Length: 13:19 Kali Linux (par ... Continue Reading >>

Published: June 7, 2016 | By: BrBr | Views: 686
Earl Carter (@kungchiu) spends all day researching exploit kits and using that information to protect customers from various malware payloads that spread ransomware.  This week we sit down with him to understand the #Angler EK. He starts us off with a history or where it came from and how it gained so much popularity, evolving from earlier EKs, like #BlackHole, or WebAttacker. We even discuss how it’s gone from drive-by downloads, to running only in memory, to being used in malvertising ... Continue Reading >>

Published: June 6, 2016 | By: TREVORH | Views: 828
Today, we’re introducing the new course catalog on Cybrary. To date, Users have had limited flexibility when it comes to sorting through our course catalog. Taking into account some great User feedback, we’ve included the ability to filter classes by difficulty, vendor, and added Learning Paths. Learning Paths are designed to provide Users with recommended course paths for careers they may be interested in. By checking the designated Learning Path, the User can see exactly how to get ... Continue Reading >>

Published: June 5, 2016 | By: ginasilvertree | Views: 659
“The majority of data breach victims surveyed, 81 percent, report they had neither a system nor a managed security service in place to ensure they could self-detect data breaches, relying instead on notification from an external party. This was the case despite the fact that self-detected breaches take just 14.5 days to contain from their intrusion date, whereas breaches detected by an external party take an average of 154 days to contain.” – 2015 Trustwave Global Security Report Continue Reading >>

Published: June 4, 2016 | By: ginasilvertree | Views: 680
CyberPop is a quick way to learn more definitions and facts about cyber security.   Today’s Question: What’s “Dwell Time?”   Answer: “Duration, usually in days, that a vulnerability or infection remains undetected within a network or environment. (Some also define it as the time between detection and remediation, or even total time from infection to remediation.)”   Browse courses and topics here. Continue Reading >>

Published: June 1, 2016 | By: BrBr | Views: 711
  Ben Johnson (@chicagoben on Twitter) has spent a good deal of time working on protecting client’s endpoints. From his work at the NSA, to being the co-founder of Carbon Black (@carbonblack_inc). Ben is co-founder and chief security strategist for Carbon Black. In that role, he uses his experience as a cofounder and chief technology officer for Carbon Black, which merged with Bit9 in February 2014, to drive the company’s message to customers, partners, the news media and industry ... Continue Reading >>

Published: June 1, 2016 | By: ginasilvertree | Views: 2110
Here’s a “done for you” list of Cybrary’s Malware Training Videos. Enjoy!   Incident responders (or Malware Analysts) perform appropriate malware analysis in order to fix the current infections and prevent future ones. Malware Analysis Introduction (Part 1) Length: 23:33 Malware Analysis Introduction (Part 2) Length: 09:48 Malware Analysis Introduction (Part 3) Length: 08:07 Malware Analysis Lab Setup (Part 1) Length: 01:47 Malware Analysis Lab Setup (Part 2) Length ... Continue Reading >>

Published: May 31, 2016 | By: kylehanslovan | Views: 4844
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to learn, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session are uploaded to Cybrary’s ... Continue Reading >>

Published: May 29, 2016 | By: ginasilvertree | Views: 451
Despite almost daily reports revealing the contrary, 44% of organizations still believe they can keep attackers off their network entirely. – CyberArk’s 2015 Global Advanced Threat Landscape Survey Continue Reading >>

Published: May 27, 2016 | By: ginasilvertree | Views: 745
CyberPop tests your knowledge and builds your strength as an Infosec pro. Today’s Question: Define Code Injection Answer: An attack or pentest that introduces malicious code into a software application, which executes the code when the application is opened. Examples include SQL injection, which can compromise or modify information in a database and cross-site scripting, which can allow attackers or pentesters to hijack user accounts or display fraudulent content. Thanks for reading! Continue Reading >>

Published: May 25, 2016 | By: ginasilvertree | Views: 2495
Let’s begin…   TCP .IP Internet Protocol Length: 15:48   TCP/IP Configurations (part 1) Length: 07:30   TCP/IP Configurations (part 2) Length: 11:33   TCP/IP Configurations (part 3) Length: 13:14   TCP/IP Configurations (part 4) Length: 08:03   TCP/IP Configurations (part 5) Length: 07:04   TCP/IP Configurations (part 6) Length: 10:51   TCP/IP Configurations (part 7) Length: 10:51   TCP/IP Configurations (part 8) Length: 10:50   TCP/ ... Continue Reading >>

Published: May 24, 2016 | By: BrBr | Views: 234
http://traffic.libsyn.com/brakeingsecurity/2016-018-software_restriction_policy-applocker.mp3 Windows has all the tools you need to secure an OS, but we rarely use them.  One example of this is ‘Software restriction policies’ or the use of Windows Applocker. It assists IT organizations by allowing you to block certain files from being saved anywhere, what file types can be executed in a directory, and can even whether or not you should allow software to install. We also discuss the ... Continue Reading >>

Published: May 20, 2016 | By: ginasilvertree | Views: 3640
Here’s a concise list of offensive Hacker Training Videos on Cybrary (in alphabetical order by first letter). Explore additional hacking classes and other training videos here!   Google Hacking Length: 3:24 Google Hacking Lab Length: 25:40 Hacking Web Servers (Whiteboard) Length: 19:36 Info Gather (part 1) – An Activity in Post Exploitation Hacking Length: 31:15 Introduction to Hacking Web Servers Length: 01:39 Introduction to Mobile Hacking Length: 01:12 Introduction to Post ... Continue Reading >>

Published: May 20, 2016 | By: ginasilvertree | Views: 840
CyberPop from Cybrary aims adds to your knowledge as an Infosec pro.   Today’s Question: Name the 7 Stages of an APT Attack   According to Wired.com, the 7 stages are: 1. Reconnaissance 2. Intrusion into the network 3. Establishing a backdoor 4. Obtaining user credentials 5. Installing multiple utilities 6. Privilege escalation 7. Maintaining persistence Read more… Continue Reading >>

Published: May 18, 2016 | By: Tatianna | Views: 433
What is S3SS10N Wednesday? Click here to find out more, or watch the Session below to experience it.   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio- Kelly Handerhan Skilled and certified in CISSP, CASP, and PMP, SME Kelly has taught several courses on Cybrary and is highly praised for her ability to effectively communicate important information in a relate-able and understandable way. You can view her extended (2 minute ... Continue Reading >>

Published: May 17, 2016 | By: kylehanslovan | Views: 748
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to join in, ask questions, and share their experiences from offensive and defensive perspectives. Just sign into Blab using your Twitter or Facebook account to start learning! In ... Continue Reading >>

Published: May 15, 2016 | By: ginasilvertree | Views: 184
According to a recent survey, some 42% of survey respondents said security education and awareness for new employees played a role in deterring a potential [cyber] criminal. — “US cybercrime: Rising risks, reduced readiness; Key findings from the 2014 US State of Cybercrime Survey,” PwC Continue Reading >>

Published: May 11, 2016 | By: Tatianna | Views: 909
What is S3SS10N Wednesday? Click here to find out more, or watch the Session below to experience it.   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio- Andrew McNicol Andrew (@primalsec) is a Python junkie who is currently the lead for a web application penetration testing team and mentor for the SANS institute. Previously, he worked on an incident response team focusing on malware analysis and network forensics. He is alw ... Continue Reading >>

Published: May 10, 2016 | By: kylehanslovan | Views: 496
#content-block-background-1480 { background-image: url(); background-position: center top; background-repeat: no-repeat; background-color: #fff; background-attachment: scroll; background-size: auto; } #content-block-body-1480 { padding: 0px 0px 0px 0px; color: #333; } .content-block-body { margin-left: auto; margin-right: auto; position: relative; } #wrapper-1 { overflow-x: hidde ... Continue Reading >>

Published: May 6, 2016 | By: ginasilvertree | Views: 410
Take a moment to consider your company’s cybersecurity efforts. Do you picture your IT and security teams devising proactive technical solutions and dealing with threats? If so, that’s a typical and valid response.   Yet, there’s another key piece that most companies don’t consider: business process. The ins and outs of how your company works affects cybersecurity more than you know.   Ken Chodnicki, COO at Deep Run Security, a consulting firm in Baltimore, Maryland speaks pass ... Continue Reading >>

Published: May 6, 2016 | By: StevenE | Views: 6750
What is Mobile Hacking? With the alarming rate of advances in technology and affordability, a New Wave of Hackers has reached the shores of the infosec world. And the preferred choice of platform for these next generation hackers? The Mobile Phone. The Mobile Platform is ideal since modern phones are easily concealable and heavily spec’ed, allowing resource-intensive applications to run. With the commonness of Free WiFi, people are quick to accept a False sense of security and make it a pa ... Continue Reading >>

Published: May 4, 2016 | By: Tatianna | Views: 350
What is S3SS10N Wednesday? Click here to find out more, or watch the Session below to experience it.   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio- Kelly Handerhan Skilled and certified in CISSP, CASP, and PMP, SME Kelly has taught several courses on Cybrary and is highly praised for her ability to effectively communicate important information in a relate-able and understandable way. You can view her extended (2 minute ... Continue Reading >>

Published: May 3, 2016 | By: kylehanslovan | Views: 399
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to join in, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session will be uploaded to Cybrary&# ... Continue Reading >>

Published: April 27, 2016 | By: Tatianna | Views: 446
What is S3SS10N Wednesday? Click here to find out more, or watch the Session below to experience it.   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio- Kelly Handerhan Skilled and certified in CISSP, CASP, and PMP, SME Kelly has taught several courses on Cybrary and is highly praised for her ability to effectively communicate important information in a relate-able and understandable way. You can view her extended (2 minute ... Continue Reading >>

Published: April 21, 2016 | By: CyDefe | Views: 171
On this weeks episode we discuss checking for malware in your firmware with Google’s VirusTotal, Getting pwned by hearthstone hacking tools, Fake Flash Update Serves OS X Scareware, and the FBI trying to scrub its employees data off of the web. Check out the podcast at http://www.cydefe.com/podcast/2016/4/12/episode-22-the-one-after-the-long-break Continue Reading >>

Published: April 20, 2016 | By: Tatianna | Views: 557
What is S3SS10N Wednesday? S3SS10N Wednesdays are weekly 15 minute (or less) white board lessons by Cybrary Instructors and SME’s. They are designed to provide you with a quick dose of cyber security learning. We publish a new episode every Wednesday morning (Eastern Time). Now, check out our newest episode below!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio- Joshua Marpet Josh’s background is varied across man ... Continue Reading >>

Published: April 19, 2016 | By: RY4N C0R3Y | Views: 152
I just wanted to take a minute to thank Joe Taylor @jbtaylor051 for making a substantial donation today. Joe purchased a huge amount of Cybytes, and the team here at Cybrary would like to say thank you! Continue Reading >>

Published: April 18, 2016 | By: kylehanslovan | Views: 624
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to join in, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session will be uploaded to Cybrary ... Continue Reading >>

Published: April 13, 2016 | By: Tatianna | Views: 338
What is S3SS10N Wednesday? S3SS10N Wednesdays are weekly 15 minute (or less) white board lessons by Cybrary Instructors and SME’s. They are designed to provide you with a quick dose of cyber security learning. We publish a new episode every Wednesday morning (Eastern Time). Now, check out our newest episode below!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructors – Kyle Hanslovan (left) & Chris Bisnett (right) Kyle ... Continue Reading >>

Published: April 6, 2016 | By: BrBr | Views: 233
http://traffic.libsyn.com/brakeingsecurity/2016-013-michael_gough-the_5_Ps.mp3 Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-013-michael_gough-the_5_Ps.mp3 iTunes: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2 (look for the episode starting with “2016-013”) We discuss a model that Michael Gough used while he was at HP. The Information Security and Service Management (ISSM) Reference model can be used to help companies align their I ... Continue Reading >>

Published: April 6, 2016 | By: BrBr | Views: 237
http://traffic.libsyn.com/brakeingsecurity/2016-012-Ben_Caudill-Application_Logic_Flaws.mp3 Ever bought “-1” of an item on a retail site? Or was able to bypass key areas of an application and get it bypass authentication, or you were able to bypass a paywall on a site? This is only one example of a class of vulnerabilities called “logic flaws”. Application logic flaws are often insidious and not easy to find. they require often a bit of work to bypass, and are often misse ... Continue Reading >>

Published: April 6, 2016 | By: Tatianna | Views: 561
What is S3SS10N Wednesday? S3SS10N Wednesdays are weekly 15 minute (or less) white board lessons by Cybrary Instructors and SME’s. They are designed to provide you with a quick dose of cyber security learning. We publish a new episode every Wednesday morning (Eastern Time). Now, check out our newest episode below!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio – Max Alexander Currently a Federal Law Enforcement O ... Continue Reading >>

Published: April 5, 2016 | By: kylehanslovan | Views: 488
What is Tradecraft Tuesday? Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to join in, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session will be uploaded to Cybrary ... Continue Reading >>

Published: April 4, 2016 | By: ginasilvertree | Views: 432
In 1903, “Magician and inventor Nevil Maskelyne disrupted John Ambrose Fleming’s public demonstration of Guglielmo Marconi’s purportedly secure wireless telegraphy technology, sending insulting Morse code messages through the auditorium’s projector,” according to the Wikipedia entry “Timeline of computer security hacker history.” (I believe this may be the first recorded cyber attack.) After considering this attack, I wondered what John Ambrose Fleming did next. Di ... Continue Reading >>

Published: March 30, 2016 | By: Tatianna | Views: 342
What is S3SS10N Wednesday? S3SS10N Wednesdays are weekly 15 minute (or less) white board lessons by Cybrary Instructors and Subject Matter Experts’s. They are designed to provide you with a quick dose of cyber security learning. New episodes from various instructors and experts in the industry, are published every Wednesday morning (Eastern Time). Now, check out our newest episode below!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login ... Continue Reading >>

Published: March 25, 2016 | By: ginasilvertree | Views: 169
Cybersecurity News Site Review: TechNewsWorld – Cybersecurity Section Relevance to the Readership: Potentially high. A Google search on “cybersecurity news sites,” returned this site as the second listing on the SERP. This site may likely have a devoted readership, who are comfortable with the format, content and other features. Main Feature(s): Unique articles with balanced points of view, written by freelance writers. Readers may also subscribe, at no charge, to newsletters and news aler ... Continue Reading >>

Published: March 23, 2016 | By: Tatianna | Views: 669
You must be a Cybrary member to view this S3SS10N Wednesday Video .. Login or Join for Free Now Continue Reading >>

Published: March 15, 2016 | By: Tatianna | Views: 406
What is S3SS10N Wednesday? S3SS10N Wednesdays are weekly 15 minute (or less) white board lessons by Cybrary Instructors and SME’s. They are designed to provide you with a quick dose of cyber security learning. We publish a new episode every Wednesday morning (Eastern Time). Now, check out our newest episode below!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor – Joshua Marpet Bio: Josh’s background is varied ac ... Continue Reading >>

Published: March 14, 2016 | By: BrBr | Views: 395
Hector Monsegur has had a colorful history. A reformed black hat who went by the name ‘Sabu’ when he was involved in the hacker collectives “Lulzsec” and “Anonymous”, he turned state’s evidence for the FBI, working to stop further hacking attempts by the same people he was previously working with. This week, we got to sit down with Hector, to find out what he’s been doing in the last few years. Obviously, a regular job in the security realm for a l ... Continue Reading >>

Published: March 9, 2016 | By: BrBr | Views: 297
http://traffic.libsyn.com/brakeingsecurity/2016-009-brian_engle_rcisc_information_sharing.mp3 We’ve reached peak “Br[i|y]an” this week when we invited our friend Brian Engle on to discuss what his organization does. Brian is the Executive Director of the Retail Cyber Intelligence Sharing Center – R-CISC. “Created by retailers in response to the increased number and sophistication of attacks against the industry, the R-CISC provides another tool in retailers’ arsen ... Continue Reading >>

Published: March 8, 2016 | By: Tatianna | Views: 413
What is S3SS10N Wednesday? S3SS10N Wednesdays are our weekly 15 minute (or less) lessons put together by Instructors and Cybrary Staff to offer you valuable information relevant to your life. Every Wednesday morning (Eastern time) a new session will be available for you to view, read, and discuss with others. Make sure to come back weekly and see what’s new!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor – George ... Continue Reading >>

Published: March 7, 2016 | By: BrBr | Views: 198
http://traffic.libsyn.com/brakeingsecurity/2016-010-DNS_Reconnaissance.mp3   DNS… we take it for granted… it’s just there. And we only know it’s broken when your boss can’t get to Facebook. This week, we discuss the Domain Naming System (DNS). We start with a bit of history, talking about the origins of DNS, some of the RFCs involved in it’s creation, how it’s hierarchical structure functions to allow resolution to occur, and even why your /etc/host ... Continue Reading >>

Published: March 3, 2016 | By: RY4N C0R3Y | Views: 1683
Diving a little deeper Previously, I’ve written about the value of cyber security degrees and wanted to dive a little deeper into this topic. Lately, I have had a series of conversations on this topic. The opinion I’ve formed on the subject seems to represent a large consensus. Many jobs in cyber security require people to have a certification. Or, at least, a cert will help back up a skill set. They’re helpful in getting many of the jobs are out there. Penetration testing, m ... Continue Reading >>

Published: March 2, 2016 | By: Tatianna | Views: 1897
What is S3SS10N Wednesday? S3SS10N Wednesdays are our weekly 15 minute lessons put together by Instructors and Cybrary Staff to offer you valuable information relevant to your life. Every Wednesday morning (Eastern time) a new session will be available for you to view, read, and discuss with others. Make sure to come back weekly and see what’s new!   You must be a Cybrary member to view this S3SS10N Wednesday video. Join for free. Join Now Login Instructor Bio – Dean Pompilio ... Continue Reading >>

Published: March 1, 2016 | By: CyDefe | Views: 138
Hey hey everyone after a very long break due to work, education, and family circumstances we are finally back. On this weeks episode we are joined by Ben Miller and Jayson Street. We discuss three stories from 2015 and talk about our predicitons for 2016. Dont worry we have another episode right around the corner. You can listen to the newest episode at http://www.cydefe.com/podcast/ or you can listen to us on itunes. Continue Reading >>

Published: February 24, 2016 | By: BrBr | Views: 518
http://traffic.libsyn.com/brakeingsecurity/2016-008-mainframe_secruity.mp3 This week’s super-sized episode is brought to us thanks to previous guest Cheryl Biswas. You might remember her from our “Shadow IT” (http:/brakeingsecurity.com/2015-048-the-rise-of-the-shadow-it) podcast a few months ago. She reached out to us to see if we were interested in doing a podcast on mainframe security with her and a couple of gentlemen that were not unknown to us. Of course we jumped at the ... Continue Reading >>

Published: February 24, 2016 | By: Tatianna | Views: 194
You must be a Cybrary member to view this S3SS10N. Don’t worry, membership is completely free! Join Now Login Continue Reading >>

Published: February 17, 2016 | By: BrBr | Views: 150
We first heard about FingerprinTLS from our friend Lee Brotherston at DerbyCon last September. Very intrigued by how he was able to fingerprint client applications being used, we finally were able to get him on to discuss this. We do a bit of history about #TLS, and the versions from 1.0 to 1.2 Lee gives us some examples on how FingerprintTLS might be used by red teamers or pentest agents to see what applications a client has on their system, or if you’re a blue team that has specific appl ... Continue Reading >>

Published: February 11, 2016 | By: BrBr | Views: 141
This week starts with an apology to Michael Gough about comments I (Bryan) mangled on the “Anti-Virus… What is it good for?” podcast. Then we get into the meat of our topic… a person’s “Moxie” vs. a mechanism Moxie: noun “force of character, determination, or nerve.”   Automation is a great thing. It allows us to do a lot more work with less personnel, run mundane tasks without having to think about them, and even allow us to do security ... Continue Reading >>

Published: February 10, 2016 | By: Tatianna | Views: 334
You must be a Cybrary member to view this S3SS10NS. Membership is free! Register Now Login Whiteboard Notes (Click the picture below to open in a new tab)   The Supreme Court Decisions of Riley v. California and U.S. v. Wurie (seizure of cell phones and search of cell phone data incident to arrest). These cases limit the ability of law enforcement to view cell phone data after a subject is arrested. Therefore there are 4 key take-a-ways for law enforcement. 1. The ability to search an arr ... Continue Reading >>

Published: February 3, 2016 | By: Tatianna | Views: 453
What is S3SS10N Wednesday? S3SS10N Wednesdays are our weekly 15 minute lessons put together by Instructors and Cybrary Staff to offer you valuable information relevant to your life. Every Wednesday morning (Eastern time) a new session will be available for you to view, read, and discuss with others. Make sure to come back weekly and see what’s new!   Instructor Bio – Kelly Handerhan Skilled and certified in CISSP, CASP, and PMP, SME Kelly has taught several courses on Cybrary a ... Continue Reading >>

Published: February 1, 2016 | By: BrBr | Views: 176
Patrick Heim, Chief of Security and Trust at Dropbox Brakeing Down #Security had the pleasure of having Patrick Heim join us to discuss a number of topics.   What stops many traditional #companies from moving into #cloud based operations? What hurdles do they face, and what are some pitfalls that can hamper a successful #migration? We touched briefly on #BYOD and the use of personal devices in a business environment, as well as #Dropbox’s deployment of optional #2FA and using #U2F key ... Continue Reading >>

Published: February 1, 2016 | By: RY4N C0R3Y | Views: 212
The team at Cybrary has officially named February: #SecureCodingMonth Given that secure coding principles are often so overlooked in most CS programs and coding classes, we feel the obligation to fill the coding security void. There are many courses on Cybrary which coders / programmers can benefit from already, such as the Advanced Penetration Testing and the CompTIA CASP. However, we have yet to launch classes that are specifically designed, from start to finish, to address the methodical step ... Continue Reading >>

Published: January 24, 2016 | By: BrBr | Views: 184
BrakeSec Podcast welcomes Bill Gardner this week! #Author, #InfoSec Convention Speaker, and fellow podcaster… We break a bit from our usual rigid methods, and have a good ol’ jam session with Bill this week. We talk about #vulnerability #management, #google #dorking, #career management, the troubles of putting together a #podcast and more!   Bill’s Twitter: https://www.twitter.com/oncee Bill’s books he’s authored or co-authored: http://www.amazon.com/Bill-Gard ... Continue Reading >>

Published: January 17, 2016 | By: BrBr | Views: 238
http://traffic.libsyn.com/brakeingsecurity/2016-003-AntiVirus_what_is_it_good_for.mp3 #Anti-virus products… they have been around for as long as many of us have been alive. The first anti-virus program, “The Reaper” was designed to get rid of the first virus ‘The Creeper’ by Ray Tomlinson in 1971. This week, we discuss the efficacy of anti-virus. Is it still needed? What should blue teamers be looking for to make their #anti-virus work for them.  And what options d ... Continue Reading >>

Published: January 14, 2016 | By: klowe | Views: 195
When you think of a centaur, thoughts of a mythical creature that can perform threat analysis doesn’t exactly come to mind, does it? Enter Recorded Future’s artificial intelligence system – poised to provide both intelligence and strength to uncover hidden threat actors upon our systems. In this way, Recorded Future’s  use of AI techniques in the security realm is similar to that of a centaur — its the brains and brawn that make their threat predictive and analysi ... Continue Reading >>

Published: January 13, 2016 | By: klowe | Views: 202
  As every security professional knows, for every ‘Happy New Year!’ shout, hoot and holler, there’s a heck of a lot additional commotion going on surrounding another issue—a new year of new security threats. And while it’s no secret that 2016 will bring along a hoard of headline-grabbing security incidents, it’s important to know what the experts think will be the most biggest security trends of the new year. Lucky for you and I, the threat intelligence ... Continue Reading >>

Published: January 11, 2016 | By: BrBr | Views: 245
This week, we find ourselves understanding the #Cryptonite that can weaken devs and software creators when dealing with #cryptographic #algorithms and #passwords. Lack of proper crypto controls and hardcoded passwords can quickly turn your app into crap. Remember the last time you heard about a hardcoded #SSH private key, or have you been at work when a developer left the #API keys in his #github #repo? We go through some gotchas from the excellent book “24 Deadly Sins of #Software #Securi ... Continue Reading >>

Published: January 7, 2016 | By: BrBr | Views: 132
#Jay #Schulman is a consultant with 15+ years of experience in helping organizations implementing #BSIMM and other compliance frameworks.  For our first #podcast of 2016, we invited him on to further discuss BSIMMv6 and how he has found is the best way to implement it into a company’s #security #program.   Jay Schulman’s #website: https://www.jayschulman.com/ Jay’s Podcast “Building a Life and Career in Security” (iTunes): https://itunes.apple.com/us/podcast ... Continue Reading >>

Published: January 4, 2016 | By: RY4N C0R3Y | Views: 169
The good folks over at Android Authority featured our Android App, which of course was previously banned in the Google Play Store. Again, thanks to all of you who caused an uproar, which ultimately got the app reinstated by Google Play. Here is the article on Android Authority. Continue Reading >>

Published: December 30, 2015 | By: RY4N C0R3Y | Views: 155
ATTENTION: Web Developers in the Washington DC / Baltimore, MD area!! Here is a chance to come work for us!! We are seeking a talented WordPress developer to join our team, and work with us to continue to build our rapidly growing community and learning website. The person we hire must be able to work at our Greenbelt, MD office, and we cannot offer relocation. Our company values are as follows, and if you believe that any of our values may be a problem for you, its best that you do not apply, b ... Continue Reading >>

Published: December 28, 2015 | By: BrBr | Views: 151
Dave Kennedy does a lot for the infosec community. As owner/operator of 2 companies (Binary Defense Systems and Trusted Security), he also is an organizer of #DerbyCon as well as creator and active contributor to the Social Engineering ToolKit (#SET).  You can also find him discussing the latest hacking attempts and breaches on Fox News and other mainstream media outlets. But this time, we interview Dave Kennedy because he has been elected to the ISC2 board. He will be serving a 3 year term wit ... Continue Reading >>

Published: December 17, 2015 | By: BrBr | Views: 157
I got a hold of Mr. Wim Remes, because he was elected to the ISC board in November 2015.  Recent changes to the CISSP included changing the long-standing 10 domains down to 8 domains, plus a major revamp to all of them. I wanted to know what Mr. Remes’ plans were for the coming term, how the board works, and how organizations like ISC2 drive change in the industry. I also asked Wim how he is trying to ensure that CISSP and the other certs are going to remain current and competitive. This ... Continue Reading >>

Published: December 16, 2015 | By: RY4N C0R3Y | Views: 3816
Recently, we surveyed 435 senior-level cyber security professionals on topics surrounding the cyber security job market, and discussed the directions the market may be heading. As we’ve discussed many times, cyber security’s skills gap is massive, incomparable to anything in the world’s recent labor market. We packaged the results of the survey into the infographic below. We present data on expected growth rates, upcoming cyber security job demands, duration of job openings, th ... Continue Reading >>

Published: December 14, 2015 | By: Tatianna | Views: 286
We’ve realized that it might have been confusing for some people on where to start a class since all of the “good stuff” was buried under hundreds of page scrolls. Well now we’ve re-arranged the main course pages. The information you wanted is now on top (go figure)! Faster access to the course lessons without all the scrolling. But don’t worry – all of the information from before is still there, just in a different spot. So let us know what you think of the ... Continue Reading >>

Published: December 10, 2015 | By: BrBr | Views: 309
#MITRE has a matrix that classifies the various ways that your network can be . It shows all the post-exploitation categories from ‘Persistence’ to ‘Privilege Escalation’. It’s a nice way to organize all the information. This week, Mr. Boettcher and I go over “#Persistence” and “#Command and #Control” sections of the Matrix. Every person who attacks you has a specific method that they use to get and keep access to your systems, it’s as ... Continue Reading >>

Published: December 7, 2015 | By: BrBr | Views: 557
That’s the question many think is an automatic ‘yes’.  Whether your httpd is running on port 82, or maybe your fancy #wordpress #module needs some cover because the code quality is just a little lower than where it should be, and you need to cover up some cruft. But maybe there are some times where things just need to be secure… This week, Mr. Boettcher and I discuss reasons for obscuring for the sake of #security, when it’s a good idea, and when you shouldn’ ... Continue Reading >>

Published: December 3, 2015 | By: TREVORH | Views: 157
Globally, cyber security shortages are expected to reach upward of 1.5 million by the year 2020. As the Cybrary community reaches the 300,000 registered users mark; we found this a great opportunity to thank everyone that has contributed and continued to make this a great cyber security learning environment for people from around the world. We are proud to make our content available and represent users from nearly every country and truly believe we will have the ability to help curb the looming ... Continue Reading >>

Published: December 1, 2015 | By: RY4N C0R3Y | Views: 248
This post is an update to my previous post about Cybrary’s Android app being banned from the Google Play store: https://www.cybrary.it/2015/11/google-play-against-cybersecurity-education-and-for-censorship-you-decide/ Thank you Cybrarians, for your support in getting the Cybrary app put back into the Google Play store! Also, thank you Google Play Support Team for hearing our appeal! As you know, last Wednesday (11/25), the Google Play Support Team notified us that our app was being removed fro ... Continue Reading >>

Published: November 29, 2015 | By: CyDefe | Views: 197
On this week’s episode we discuss Microsoft’s operations center to fight cyber threats, Dell added Cylance, a bug in Gmail app for Android allows anyone to send spoofed emails, and Siri’s lockscreen bypass. This weeks episode also has a codeword that can be entered over at our giveaway page at http://www.cydefe.com/giveaway Continue Reading >>

Published: November 25, 2015 | By: RY4N C0R3Y | Views: 650
What we are about to present are facts regarding why the Google Play Support team decided to remove our app from their app marketplace, and how this position by Google Play reflects a negative stance against the free flow of cyber security education, and an enactment of censorship of what should be available knowledge to the cyber security community. If you believe knowledge should be free and open, then feel free to make your voice heard in a professional manner.   See the conversation on Twit ... Continue Reading >>

Published: November 25, 2015 | By: TREVORH | Views: 1640
Cybersecurity – Choosing a Career As computer systems store more and more confidential personal, financial, medical, and top secret data, protecting that data is becoming more and more important to governments and businesses, worldwide. Enterprises must respond to the increasing number of complex threats and attacks by hiring cybersecurity professionals with deep technical experience in a variety of new and rapidly-evolving technologies.   Cybersecurity is one of the fastest growing car ... Continue Reading >>

Published: November 17, 2015 | By: RY4N C0R3Y | Views: 392
Hello Fellow Cybrarians, As you know, our promise to you at Cybrary is that we will continue to provide new, cutting edge cyber security classes for free, forever. We will never ask you to pay for our classes. We are working hard to continue to build more classes, and we are working on making the learning experience within our classes, even greater. Currently, the team is working on adding quizzes, practice tests and other features. We will also soon be launching two new classes; Intro to Malwa ... Continue Reading >>

Published: November 10, 2015 | By: TREVORH | Views: 3296
Cybersecurity certifications are very often required for employment in cybersecurity jobs. Certifications benefit employers by identifying prospective employees with specific skill sets, and certifications help prospective employees stand out when applying for a job in the desirable and competitive cybersecurity job market. Industry certifications are vendor-neutral (vendor certifications are for a vendor’s specific products) and provide industry-recognized evidence of having a specific skill ... Continue Reading >>

Published: November 9, 2015 | By: TREVORH | Views: 610
Struggling to get that promotion or land that cybersecurity job? Have all the right skills/certifications/years of experience but things just don’t seem to work out? You’ve read about the demand for cyber professionals, seems like a no brainer that the company should be need you. The articles say there are over 200,000 unfilled jobs in the US and several times that, worldwide. Companies are complaining that there aren’t enough professionals with the skillsets to fill their open positions ... Continue Reading >>

Published: November 6, 2015 | By: TREVORH | Views: 280
Cyber security is a booming field with many positions available, but Millennials seem to be largely ignorant of these opportunities. In order to stay on top of the demand for cyber security specialists, both current professionals and educational institutions have to start making an effort to open the doors of the industry to young people. The Growing Need for Cyber Security It only takes a quick look at recent news to know that security breaches are running rampant. Whether it’s someo ... Continue Reading >>

Published: November 5, 2015 | By: TREVORH | Views: 1530
Cybersecurity, as much as it seems to be just the current buzzword of the month , is very much part of our present and future lives. Our reliance on technology continues to grow; and now, with the commencement of the Internet of Things, that technology is growing even more connected and interdependent. Week after week, a new breach hits the airwaves, reminding us that even, what seem to be, the largest and most protected companies share in the same risk we all face. While those threats, and our ... Continue Reading >>

Published: November 4, 2015 | By: TREVORH | Views: 4837
Cyber security jobs offer lucrative financial rewards for protecting the nation’s computer networks and data from attack or unauthorized use. These top five highest paying positions command six-figure salaries: 1. Chief Information Security Officer (CISO) Complex challenges to a CISO include the development and delivery of an Information Technology (IT) risk management strategy that is aligned with business security. The primary responsibility is the general supervision of an organization’s ... Continue Reading >>

Published: November 4, 2015 | By: RY4N C0R3Y | Views: 172
In honor of November 5th, we will be issuing double Cybytes on all Cybyte based activity (not on purchases, these ones you have to earn). Cybytes activities can be found here: https://www.cybrary.it/cybytes/ So, any time on 11/5/2015, login and accumulate Cybytes, just like you would on any other day, we will reward you with double Cybytes, its that simple. Why Are We Doing This? As many of you know, the team here at Cybrary believes just as many of you do, that knowledge should be free. Learn ... Continue Reading >>

Published: November 3, 2015 | By: TREVORH | Views: 795
With the proliferation of hack attacks and cybersecurity breaches, there is a growing need for cybersecurity experts and, therefore, there are an increasing number of opportunities in cybersecurity for those entering the work place or wanting to change careers to take advantage of the opportunities in this growing field. One of the first decisions someone entering this field needs to make is whether to work in the public sector or the private sector. Public sector jobs generally are with governm ... Continue Reading >>

Published: November 3, 2015 | By: TREVORH | Views: 175
Following last month’s $1billion contract awarded to Raytheon from the Homeland Security Department, the Pentagon is now taking bids from defense contractors to help protect against the digital future. Big industry names such as Raytheon Co., Lockheed Martin Corp., and General Dynamics Corp. are expected to be at the forefront, competing for a contract valued at up to $460 million. While many of these large companies have felt the effects of budget cuts elsewhere, with the government’s dedic ... Continue Reading >>

Published: November 3, 2015 | By: RY4N C0R3Y | Views: 163
Finding a job that will sponsor you for a US Security Clearance is pretty tough to do. Many jobs out there in the US Cyber Security jobs market require that you already have a clearance. People know all to well, that in the USA, a Security Clearance is a ticket to a lifelong successful career in Cyber Security, but getting one is always the hard part, unless you are fresh out of the military, and you already have one. When a new jobs pops-up, that is offering to sponsor you for a security cleara ... Continue Reading >>

Published: November 2, 2015 | By: TREVORH | Views: 137
A “Cyber Talent Pipeline” refers to an organization’s creation of an going, readily available, talent pool to fill various cyber security jobs, as they become available. The effects of a poorly maintained pipeline is hitting the cyber security industry in full force. The supply is simply not available to meet the demand. With present reporting of over 200,000 unfilled jobs, and future shortage reports upward of 1 million by 2020, we are now faced with a need to create solutions that c ... Continue Reading >>

Published: October 29, 2015 | By: CyDefe | Views: 139
Episode 19 of our podcast is up at CyDefe.com/podcast. On this weeks episode we are joined by Shannon Morse. We discuss hacking chip and pin cards, malware that replaces your browser, a FitBit danger, and the rise of OS X malware. Have a listen and enjoy. Continue Reading >>

Published: October 28, 2015 | By: klowe | Views: 181
Did you know that the demand for skilled cyber security professionals is growing four times faster the overall IT job market, and 12 times faster than the total labor market? Currently there are more than a million open job postings for cyber security positions around the world. Cybrary is curious to know what business and other organizations are thinking when it comes to the cyber security job market. Here’s how you can help:  Take our brief survey Enter to win an iPad (optional) R ... Continue Reading >>

Published: October 26, 2015 | By: BrBr | Views: 155
WMI (Windows Management Instrumentation) has been a part of the Windows Operating system since Windows 95. With it, you can make queries about information on hosts, locally and even remotely. Why are we talking about it? Its use in the enterprise and by admins is rarely used, but use in moving laterally by bad actors is growing. It’s highly versatile, able to be scripted, and can even be used to cause triggers for when other programs run on a system. Mr. Boettcher and I sit down and discu ... Continue Reading >>

Published: October 26, 2015 | By: RY4N C0R3Y | Views: 180
Hello Cybrarians, I hope you all had a great weekend! Many of you know that Two weeks ago, we launched our Android Application, which is available here https://play.google.com/store/apps/details?id=com.cybrary.app I would like to ask for your help in getting the word out about our App. If you would be willing to submit our App to App Featuring Websites like Product Hunt (www.producthunt.com) and Hacker News (news.ycombinator.com) we we would be very grateful! In fact, since interacting and enga ... Continue Reading >>

Published: October 20, 2015 | By: Tatianna | Views: 445
We’ve toiled and wracked our brains trying to figure out what to call our members, but nothing ever seemed good enough.   Trying to explain who our global community is in just a name is trickier than it seems. Now you get the chance to voice your opinion. What do you want to be called? Let us know which of the following you like the best, or provide your own suggestion. Cybrarians Cybrary Nation Cybrary Empire Continue Reading >>

Published: October 16, 2015 | By: klowe | Views: 169
Getting hired has never been an easy process. Between revamping your resume and spending hours on LinkedIn searching for ‘networking opportunities’, looking for a new job can be both time-consuming and frustrating. Enter Cybrary’s new job platform, created in part to help alleviate some of the stress invariably involved in the job hunting process. Currently, there are over one million unfilled jobs in the cyber security industry. The problem? Matching the right talent to the n ... Continue Reading >>

Published: October 15, 2015 | By: TREVORH | Views: 160
Washington D.C., Virginia, and Maryland are being called the hub for cyber security jobs. Driven by an exorbitant federal budget and an influx of venture capital, demand for cyber security professionals is not only high, but, as basic economics tells us, due to the shortage of those qualified professionals, salaries for these positions are pushing ever higher. The venture capital that has made its way into the Cyber Corridor (as the DC, VA, MD area has been known to be called) is helping to driv ... Continue Reading >>

Published: October 13, 2015 | By: Tatianna | Views: 565
Get even more convenient access to Cybrary through our Android mobile app so you can learn how to hack, crack and exploit nearly anything. Our developer @akhaliq92 has worked diligently over the past several months to make your mobile experience better with features that include easy video downloading, video streaming, and offline viewing. You can also visit the forums, look for jobs, and rate our content – Oh yeah, and it’s FREE just like Cybrary. So, why the Cybrary App? This mobile app wa ... Continue Reading >>

Published: October 13, 2015 | By: Maddie | Views: 129
Typically, October equals Halloween. The month of October is also national cyber security awareness month. Sure it’s all about the haunted houses, frightening decorations, and scary costumes. Do you know what else is scary? Viruses and malware. These two often occur when an abundance of internet searches occur. What group of people spend a significant amount of time on laptops, tablets, phones? I’d say college students. I attend James Madison University, a student body of over 20,000. Think ... Continue Reading >>

Published: October 12, 2015 | By: BrBr | Views: 132
When we wanted to have Martin Fisher on, it was to discuss ‘Security Mandate vs. Security Influence’. We wanted to discuss why companies treat compliance as more important, and if it’s only because business requires it to be done. And if infosec is a red-headed stepchild because they often don’t have the guidance of a compliance framework. But it ended up going in another direction, with Martin discussing infosec leadership, and how we as agents of infosec should be ̵ ... Continue Reading >>

Published: October 8, 2015 | By: CyDefe | Views: 153
Hey hey everyone. We at CyDefe have released another awesome episode of our cyber security podcast. On this week’s episode we discuss fake blue screen of death, ad blocking, a critcal WinRAR vulnerability, and a shortage of cyber professionals. You can check out the episode on iTunes or check it out on our website. Have a listen and enjoy. Continue Reading >>

Published: October 6, 2015 | By: klowe | Views: 205
Sure, maybe you’d like to think you possess the manpower to monitor your computer networks 24/7, but we all know that’s simply impossible.  Thus, threats come as they may, and you might be sleeping when one attempts to overthrow your data system. So what can you do to prevent this from happening? Enter the Honeypot—a security mechanism that detects and deflects threats from harming your data, so you don’t have to. Setting up a honeypot is easy, and can be done in a few ... Continue Reading >>

Published: October 6, 2015 | By: RY4N C0R3Y | Views: 193
Cybrary would like to announce a really cool Java programming competition by our friends at NextHacker. Check it out:  Java Programmers Competition IPPC: SHOW ME YOUR SPEED!  We are already convinced that there are many gifted programmers and ingenious hackers. Now we want to know who the fastest and most flexible are. After all, we are in the century of speed: TIME = $ Next Hacker IPPC: International Programming Player Competition, February 26 & 27, 2016 in Berlin, Germany, the 2016 IPPC ... Continue Reading >>

Published: October 5, 2015 | By: Tatianna | Views: 139
Employers Want YOU!   If you are searching for a job or looking to change to a career in IT or Cyber Security, our developer has created something special for you. Cybrary’s job platform was created for employers, recruiters – and yes – YOU! To help build the Cyber Security community and balance the “ecosystem” that is the world of IT, our platform is aimed at helping members find jobs near them that match their skills and experience.   This is why completing your Cybrary profi ... Continue Reading >>

Published: September 18, 2015 | By: RY4N C0R3Y | Views: 1214
Given we’re a cyber security education company, we like to preach (maybe too much at times) about how darn important security awareness training for employees really is. So, we thought we’d share the hideously ugly lesson that internet authority company, ICANN, learned about security awareness not too long ago.   Reliving the ICANN Phishing Hack: Phishing is the act of using electronic communication to pretend to be a trustworthy individual in order to obtain secure informat ... Continue Reading >>

Published: September 16, 2015 | By: klowe | Views: 756
You know those times where you took an exam without studying, and still did well? We hate to break it to you, but those times don’t exist in the Infosec world.  Sure, you may have one or two baby Einsteins who can sit through a five-day bootcamp and retain all of the information without blinking, but for the rest of us, actual studying is part of the process will have to occur. When it comes to reviewing for an exam, the problem many of us face isn’t how to do it, it’s where ... Continue Reading >>

Published: September 3, 2015 | By: RY4N C0R3Y | Views: 212
Perhaps it is somewhat shocking that hundreds of thousands of people are learning hacking, for free on Cybrary. However, there are several very good reasons for this free cyber security learning revolution. A fundamental change in the way cyber security is taught and learned, is upon us. Together, the Cybrary team, and each of our Members, are making this change happen, and it is well overdue. The ability to learn cyber security should be a right, not a privilege. Up until now, that privilege wa ... Continue Reading >>

Published: August 19, 2015 | By: RY4N C0R3Y | Views: 128
There is a cyber defense podcast that launched a couple of months ago called CyDefe, and they have been doing some really cool things. Their focus, and tagline, is “Making cyber defense simple”. I had the pleasure of joining this podcast for an episode, primarily focused on end user security, the other day. That episode will launch Thursday, 8/20/15. In their short time podcasting, they have already had some really cool guests, including last week’s guest Jayson Street. What I ... Continue Reading >>

Published: August 7, 2015 | By: RY4N C0R3Y | Views: 622
Regarding, end-user security, the term PII is commonly referenced. PII, or Personally Identifiable Information, consists of data that can allow an individual to trace and/or contact another person. This type of information may indicate an individual’s name, address, the type of car a person owns, credit card numbers, the names of family members, email addresses, telephone numbers, the locations of schools that an individual has attended and a person’s driver’s license number. ... Continue Reading >>

Published: August 4, 2015 | By: RY4N C0R3Y | Views: 1587
Security Awareness Training has migrated from a “nice to have” security function within an organization, to now, a “must have.” In fact, more quickly than ever, companies of all sizes and industries are integrating security awareness training into their required learning for all employees. It’s now a matter of simply being irresponsible if your organization doesn’t have a course. One of the more common features in a security awareness training course is the pr ... Continue Reading >>

Published: July 9, 2015 | By: RY4N C0R3Y | Views: 154
Great news! Our End User Security Awareness training course, is now available from Cybrary. No matter how well trained the cyber security staff is within your organization, the greatest vulnerability remains just that, a huge vulnerability, if it remains unmitigated. It is widely known that the primary cause of data breaches within organizations comes from their end users. Cybrary now helps your organization address this major concern with our continually updated, cutting edge, easy to follow, ... Continue Reading >>

Published: July 3, 2015 | By: RY4N C0R3Y | Views: 377
Are you familiar with the process of a virtual machine’s OS separating from its parent’s hypervisor, which is known as VMEscape? Are you familiar with the key vulnerabilities that exist within the VMEscape process? Here is how you mitigate security risks in VMEscape: Keep virtual machine software patched. Install only the resource-sharing features that are required. Keep software installations to a minimum as each program carries vulnerabilities. If you’re less than familia ... Continue Reading >>

Published: June 29, 2015 | By: RY4N C0R3Y | Views: 1367
Below is an email we received from Cybrary [email protected] He wrote to tell us about the success he had in passing the exam after taking our Security+ Course. If you have a similar success story, we’d love to share it. Send an email telling us about it: [email protected] Here’[email protected]’s email: Hey everyone. My name is Alan Raff. I am a Computing Security student at the Rochester Institute of Technology in Rochester, NY. I just wanted to take a couple minutes to explain w ... Continue Reading >>

Published: June 23, 2015 | By: klowe | Views: 491
We get it. We truly do. We’re JUST as excited about our new classes as you. We understand the anticipation, the anxiousness and the frustration. You joined Cybrary just for Malware Analysis. You refresh the Metasploit course page daily.  We get it, because we created Cybrary for you.  So when you ask us about the release date of a specific class and we can’t give you a definitive answer, it’s not because we don’t care about you. It’s because there’s a lot th ... Continue Reading >>

Published: June 23, 2015 | By: RY4N C0R3Y | Views: 190
Many companies, throughout the years, have failed because they failed to innovate and change. Many great market leaders, like Kodak, even held in their hands the future of their industry, and still refused to embrace it. Change is always difficult for someone of something in a position where status quo is providing awesome returns. It takes courage to innovate, and that’s why it is so difficult. The CompTIA Security+ certification is a fantastic example of a cyber-security certification that ... Continue Reading >>

Published: June 22, 2015 | By: Rachel Laura M | Views: 548
The Certified Information Systems Security Professional (CISSP) certification is a strong credential to have for professionals who have a mix of both technical and managerial experience as well as competence in designing, engineering and the overall management of security programs. Their knowledge helps protect company’s important and confidential information from the growing threat of cyber attacks. This certification is perfect for security professionals in the following positions: Security ... Continue Reading >>

Published: June 16, 2015 | By: Rachel Laura M | Views: 450
Wireless networks are fast and convenient and allow for many devices to be connected on a network and communicate with each other. However, this technology presents a new set of issues that weren’t present in the wired world. Mainly, threats to security including but certainly not limited to: Information reaching unintended recipients Unauthorized users exploiting the open access of such systems; destroying or stealing data Network shutdowns to attacks Authorized users losing network access d ... Continue Reading >>

Published: June 16, 2015 | By: Rachel Laura M | Views: 402
Individuals now own multiple electronic devices – from Smartphones, to tablets, to laptops and more. They often bring these items into the workplace, or use them to work from a remote location. Increased threats to a company’s important and confidential information are more prevalent than ever. Protection of this information is crucial – as information can travel across the world in mere seconds. Cryptography provides protection and plays an integral part in against fraud in electr ... Continue Reading >>

Published: June 13, 2015 | By: Rachel Laura M | Views: 135
In a physical crime scene, say a home has been burned down as a result of an arsonist or maybe a home has been burglarized, the role of first responders on the scene is very important. These skilled individuals must be able to avoid contaminating the crime scene or destroying evidence, all the while securing the crime scene and documenting every detail, down to the most minute. First responders take note of the victims, the lighting, talk to witnesses and potential suspects and try to gather any ... Continue Reading >>

Published: June 11, 2015 | By: klowe | Views: 265
Calling all Spanish, French and German Speakers Cybrary’s mission is to provide free cyber security and IT training to people across the globe. However, as an English-only website, we have been limited in our ability to reach people who do not speak English as a first language. Because we are committed to making our revolution global, we are expanding our course content to include translated subtitles to make free learning truly accessible to all.  Spanish, French or German speakers a ... Continue Reading >>

Published: June 11, 2015 | By: Tatianna | Views: 149
When taking classes to prepare for exams, there are important factors to consider. With Cybrary’s courses, much – if not all – of the class material is based on watching videos. While this may be great for some people, for others it is not enough to fully grasp the discussed concepts. Below are some tips on how to prepare yourself for learning in an online environment, and how to effectively study the information to help pass your exams. Keep in mind that there is no “right” or “wron ... Continue Reading >>

Published: June 9, 2015 | By: RY4N C0R3Y | Views: 977
The CIA triad is becoming the standard model for conceptualizing challenges to information security in the 21st century. CIA stands for confidentiality, integrity and availability, which are said to be the three most important elements of reliable security. Every IT worker should have a thorough understanding of the triad and its intricacies, but every staff member who works around sensitive data should at least be made aware of the concept, which is why the concept is a foundation to our Securi ... Continue Reading >>

Published: June 8, 2015 | By: Rachel Laura M | Views: 1380
When most people think of a hacker, they think of a dishonest individual who uses techniques to bypass a system’s defenses and steal confidential and sensitive information. Security breaches, data as well as identify theft are all incidents which can occur as a result of a hacker breaking into a system. However, in this modern workplace where information can be distributed and leaked in seconds, there exists the ethical hacker. Sounds like an oxymoron to you? Well, it isn’t! In fact, the eth ... Continue Reading >>

Published: June 8, 2015 | By: Rachel Laura M | Views: 145
Computer related crime is very prevalent in this day of global communication, people bringing their personal electronic items to work as well as many companies having people who do not work in house but instead opt to work remotely. For this reason, the field of digital investigation is an emerging field and up to date knowledge of the latest practices and technology in the field is paramount for the following professionals: Anyone who may encounter a crime scene that might involve digital evid ... Continue Reading >>

Published: June 4, 2015 | By: RY4N C0R3Y | Views: 431
The following is a re-post of the excellent PowerPoint presentation created by Cybrary SME @ethicalmjpen regarding Vulnerability Assessment and Penetration Testing and how the two differ, and overlap. We wanted to share this on the blog because the content in explaining the two topics, is very concise and offers great insight. To download the actual slides, Go Here. Vulnerability Assessment & Penetration Testing, An Analysis and Comparison – by @EthicalMJPen Vulnerability Assessment I ... Continue Reading >>

Published: June 3, 2015 | By: RY4N C0R3Y | Views: 531
Many of the Members that join Cybrary, join because they are looking to begin a career in cyber security. This is obviously a great idea given that the amount of unfilled jobs in cyber security, globally, is estimated to be over 1 million. The question is though, where should one begin when they have no tech, IT, or cyber security experience at all? We address a variety of scenarios for people looking for training on the learning paths page on our site. Most commonly, it is best to begin ones c ... Continue Reading >>

Published: June 3, 2015 | By: Rachel Laura M | Views: 688
Public key cryptography has been around for a long time. Whitfield Diffie and Martin Hellman invented it in 1976. It sometimes goes by the name Diffie-Hellman encryption as well as symmetric encryption as it uses to keys instead of one (this is called symmetric encryption). Cryptography uses two kinds of encryptions: A public key which is known to everyone and a private key, which is just known by the recipient of a message. An example of cryptography in motion: imagine you want to send a secur ... Continue Reading >>

Published: June 2, 2015 | By: Rachel Laura M | Views: 141
Electronic discovery, also known as e-discovery refers to a process of how information is obtained, located and secured to be used as evidence in a civil or criminal legal case. E-discovery can be carried out in the following ways: Offline On a particular computer As part of a network In addition to the above, there is also a type of e-discovery known as government sanctioned hacking, which a court might order for the purpose of obtaining important evidence. E-discovery makes finding informati ... Continue Reading >>

Published: June 2, 2015 | By: Rachel Laura M | Views: 248
The CompTIA Advanced Security Practitioner (CASP) certification is a credential that designates professionals IT industry with advanced-level security skills and knowledge. The CASP certification is approved by the United States Department of Defense (DoD) to meet IA technical and management certification requirements and is a credential favored by multinational corporations such as Dell and HP. It is vendor neutral and is a globally recognized name. The CompTIA Advanced Security Practitioner (C ... Continue Reading >>

Published: June 2, 2015 | By: RY4N C0R3Y | Views: 158
Over the past few years, the news has been full of stories detailing how large corporations put the security information of tens of thousands of their clients at risk. More times than not, these risks came as the result of low-level employees doing things to compromise the cyber security of large multi-million-dollar corporations. In an effort to combat security breaches, more and more companies are paying to provide their employees security awareness training. However, there is some debate as t ... Continue Reading >>

Published: May 28, 2015 | By: klowe | Views: 1039
Threat intelligence company Recorded Future has just released a daily email service that will deliver up-to-date information on the latest threat indicators for IT and cyber security professionals. The service, called the Cyber Daily, is a free newsletter that will include the top five results in each category for trending technical indicators that Recorded Future has analyzed over the last 24 hours. Categories include Information Security Headlines, Top Targeted Industries, Top Hackers, Top Ex ... Continue Reading >>

Published: May 22, 2015 | By: klowe | Views: 181
The end user security awareness industry has taken off substantially in the last several years. As more and more organizations are breached and embarrassed publicly due to end user negligence or malevolence, the mass adoption of “we need to do something about this” has spread rampantly. What we previously believed to be a problem reserved for major corporations, we now realize is a problem that faces organizations of every size and type. Great examples include the Damariscotta Countr ... Continue Reading >>

Published: May 15, 2015 | By: RY4N C0R3Y | Views: 147
Cybrary’s initiative is to make cyber security learning free and open for everyone, everywhere. This basically means, we want to provide the opportunity to learn to those who either want to begin a career in the field, or for those who want to advance within their current IT or cyber security job. In order to reach this goal, we need to continually be in front of the upcoming trends, continually recognize the next hot topic and continually innovate with our course offerings. Research, deve ... Continue Reading >>

Published: May 6, 2015 | By: RY4N C0R3Y | Views: 7421
In the ethical hacker class on our website, the course begins by recapping the five phases of penetration testing. Essentially, the five phases of pen testing is a module that summarizes what the rest of the ethical hacker class is going to look like. The five phases refer to each primary step in the process of operating a penetration test, and the concept is critical for a new entrant into the field. Here is a brief overview of the five phases of penetration testing: Phase 1 | Reconnaissance Re ... Continue Reading >>

Published: April 24, 2015 | By: CybrarySupport | Views: 284
Show off Your Achievements Use Cybrary often? Completed several courses? Show off what you’ve worked so hard for! Now that you have earned the cred make sure to share your achievement! Our L337 Emblem is available below along with a code snippet to help you better display it on your site or signature. <A HREF="http://cybrary.it/" target="_blank"><IMG SRC="https://www.cybrary.it/wp-content/uploads/2015/04/transparent-leet-mask.png" WIDTH="xxx" HEIGH ... Continue Reading >>

Published: April 21, 2015 | By: RY4N C0R3Y | Views: 354
We often get asked by our Members, if we plan on offering coding classes. The short answer is no, and typically, what we do, is refer people to sites like Codecademy and Code Fellows. Those companies specialize in coding / programming training, and have capabilities to do that type of training much better than we do. Our focus is on core Cyber Security training. However, the fact that our Members consistently ask us about that type of training is because a fundamental knowledge of coding is abso ... Continue Reading >>

Published: April 20, 2015 | By: klowe | Views: 1226
  In order to get into a secured system, you’ll have to first break in—and a lot of times, the first step in doing so requires cracking a password. Contrary to popular belief, password cracking doesn’t actually require a lot of heavy-lifting. Instead of spending hours at a computer screen trying your hand at thousands of random combinations, the computer does the work for you. So while the process is less labor-intensive than those pictures of hackers staring intently at ... Continue Reading >>

Published: April 20, 2015 | By: RY4N C0R3Y | Views: 688
Want to Know How and Where All Major Data Breaches Begin? With all of the publicity major corporate data breaches receive, we often get caught up in the outcomes. What happened, how many people were impacted and in what ways, who was responsible, etc. In the 2014 Sony Pictures hack, personal data about employees and corporate IP was released to the public. In the Target hack, hackers made money selling the magstripe data of the victim’s credit cards on the black market.   Media has tradi ... Continue Reading >>

Published: April 16, 2015 | By: RY4N C0R3Y | Views: 2975
The Smartphone Pentest Framework (SPF) in Kali Linux is an increasingly useful tool, initially developed by Georgia Weidman. The 5 part tutorial for how to use the SPF is part of the Advanced Penetration Testing class, which of course is free, just like all of our classes. For Cybrary Members who have a solid foundation in penetration testing, I would highly recommend you take that course, overall, it is an invaluable experience since it deeply covers a wide variety of advanced pen testing conce ... Continue Reading >>

Published: March 12, 2015 | By: RY4N C0R3Y | Views: 405
This post will begin by assuming you have a baseline skill set in information technology. Generally, in order to begin your career in Cyber Security, you would need some fundamental skills. Often, in the IT training industry, baseline skills include topics covered in the CompTIA A+ class and the Network+ class. If you don’t have that type of skill set, begin there, then move in to Cyber Security learning. The Linux+ certification class will definitely provide you with useful knowledge that you ... Continue Reading >>

Published: March 6, 2015 | By: RY4N C0R3Y | Views: 160
The first month and a half here at Cybrary have been really fun. So far, we are hearing from our Members that they appreciate what we are doing. I have spoken on this blog before about why we believe so firmly, that the opportunity to learn should be free and open to anyone, anywhere, for free, forever. We have found that many of our Members only have access to the site via a mobile device.  Watching the videos takes up a great deal of their monthly data limits on their devices plan. We want to ... Continue Reading >>

Published: February 10, 2015 | By: Admin Anthony | Views: 3294
What is Red Team & Blue Team? At its core, there are two main players in any cybersecurity or penetration testing event. While the terminologies for the two sides vary (Hackers vs. Defenders, ‘Bad Guys’ vs ‘Good Guys’, etc.) one of the most commonly used titles is Red Team and Blue Team. To put it simply the “Red Team” is the group trying to find a way in and the “Blue Team” is the group trying to keep them out and responding if they get in.This cybersecurity landscape can b ... Continue Reading >>

Published: February 6, 2015 | By: RY4N C0R3Y | Views: 173
Hopefully, with the support of our Members, Cybrary can be successful. Why? Because the education system both domestically here in the USA, and internationally, is flawed, badly. Education is far too limited. If one is not born into a family that highly values education, or a situation where they are not given the access that some others have, then one can be left behind very quickly. Here in the United States, students are herded through a standardized educational flow until they complete high ... Continue Reading >>

Published: January 27, 2015 | By: RY4N C0R3Y | Views: 159
“Education is the most powerful weapon which you can use to change the world.” -Nelson Mandela For too long IT & Cyber Security education has been reserved for those who have the money to pay highly inflated prices. In the growing technological world, the need for that knowledge is at an all-time high. As you know by now, we believe firmly that IT and Cyber Security training, should be free! Cybrary has only been active for a month, and we have already heard from our Members about how fr ... Continue Reading >>

Published: January 15, 2015 | By: CybrarySupport | Views: 183
My Fellow Cybrary Members, We sincerely want to thank you for joining the revolution to liberate IT and cyber security training, for everyone, everywhere. The support you are providing will change the very landscape of the industry forever. I am posting this blog to both thank you, as well as give you some updates and tips about the site. Earning Points To begin, we need your help spreading the word about this revolution to everybody, and you may do so through the member point tool. If you sh ... Continue Reading >>

Published: January 5, 2015 | By: RY4N C0R3Y | Views: 259
Hello Cybrary Members, First, we are appreciative that you have decided to join our community. We cannot survive without members, and we are working very hard to make your learning experience here as excellent as possible. The training on Cybrary is designed by our education team as well as the Subject Matter Experts who teach here. Our classes are designed to prepare you for the certification exam, as well as build your skill set in that topic. Cybrary was started because we believe, strongly, ... Continue Reading >>

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

An Intro to Blackbox Web Pentesting
Views: 56 / December 9, 2016
The Password that Put You at Risk
Views: 1338 / December 9, 2016
Create a SMB share on CentOS
Views: 568 / December 8, 2016
OSINT Investigations
Views: 749 / December 8, 2016
Skip to toolbar