0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Cyber Threat Hunting Basics
By: Shimon Brathwaite
July 1, 2021

What is Cyber threat hunting? Cyber Threat hunting is a type of proactive cyber defense. Unfortunately, advanced persistent threats (APTs) can be on a company network for weeks, months, or even years before its notices. On average, it takes about 228 days for a company to realize that it has been breached, according to IBM. To prevent, these companies do ...

What is Data Security?
By: Nihad Hassan
June 30, 2021

In today’s information age, organizations of all sizes and across all industries are leveraging digital solutions to interact with customers and facilitate operations. The integration of digital solutions in all business functions is what is referred to as digital transformation. The most apparent evidence of the widespread adoption of digital technology is the proliferation of digital data. Nowadays, most data is ...

MITRE ATT&CK Framework v.8 (Sub-techniques)
By: Owen Dubiel
June 30, 2021

The MITRE ATT&CK framework has been the staple that helps hold the security industry together against facing adverse threats in any situation. In late 2020, MITRE announced the release of its latest version update. Version 8 includes a whole new addition to the known kill chain. They added a set of sub-techniques to some of the effective techniques known today. ...

What Is A Rootkit And How Does It Work?
By: Gabriel Schram
June 29, 2021

Operating systems provide different access levels to users based on their privileges, and certain mechanisms remain in place to protect their permissions. There are varying levels of user privilege which determine their level of access to an operating system. Higher levels of access are equivalent to more capabilities on the given machine. The highest level of permissions on a Windows ...

What Jobs Can You Get With A CISSP?
By: Prasanna Peshkar
June 29, 2021

Expert certifications are important in the cybersecurity world, where established skills and abilities are greatly needed. Because capacity requires more than work expertise to assure the candidate is thoroughly trained and can approach the latest technologies, threats, and challenges. One of these certifications is CISSP. Many big firms such as Google, IBM, P&G recognize and respect CISSP credentials. They usually ...

Reduce Authentication Alert Fatigue In Your Kibana Logs
By: Owen Dubiel
June 28, 2021

Authentication events can be confusing when you start receiving alerts for them, especially failed logins. Sometimes it can be hard to wrap your head around the idea of what a malicious actor would look like attempting a password spray attack on your network or a compromised account trying to move laterally. This article will look closely at what some of ...

Why Organizations Need Cyber Threat Intelligence
By: Nihad Hassan
June 28, 2021

Cyberattacks are on the rise in both numbers and sophistication. According to Cyber Security Ventures, the global costs of cybercrime will reach 10.05 trillion annually. The same study predicted that there would be a ransomware attack on businesses every 11 seconds by 2021. This number does not include the number of ransomware attacks against individuals, which is more significant than ...

How Is Machine Learning And AI Changing SIEM Technology?
By: Shimon Brathwaite
June 25, 2021

SIEM stands for security information and event management. It is a central hub for all of the security-related alerts within a company. Typically, An agent is installed on every machine on the network. It will monitor activity on that computer and send that information to a central repository where that information can be stored and analyzed. When a security admin logs ...

How to Detect Ryuk Ransomware with Qradar
By: Owen Dubiel
June 25, 2021

Ransomware is a scary topic to discuss in any enterprise. The thought of a malicious file that can encrypt and steal sensitive data is a terrifying outcome that could occur. The key to defeating Ransomware is identifying and eliminating it quickly. This article will review a particular type of Ransomware called Ryuk and some supporting details around how it works. ...

Mirai Claims IoT Devices With Weak Passwords
By: Gabriel Schram
June 24, 2021

The internet of things (IoT) is any device that can connect and share data with other devices through a connected network or internet connection. At the end of 2020, more than 20 billion connected devices (Sujay Vailshery, 2021). The IoT has been integrated into devices of all types and vastly applied to daily life and infrastructure. An increase in IoT ...