0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

4 Planning Steps for Course Building on Cybrary
By: ginasilvertree
November 7, 2017

I decided to submit a course through the Course Builder on Cybrary today (located under the "Teach" menu on the top navigation). I found the submission tool to be very clean, straight-forward and easy to use. It took less than 10 minutes to submit my content, which was short and pre-written. I still need to record my ...

Cryptology 101
By: Jawady Muhammad Habib
November 7, 2017

Neal Stephenson said in a novel of his called Cryptonomicon:“How long do you want these messages to remain secret?[…] I want them to remain secret for as long as men are capable of evil.”One cannot underestimate the importance of cryptology nowadays. As the need for studying and implementing secure communication techniques rise, in the ...

InfoSec Cheat Sheets
By: RachidOubaoug
November 5, 2017

Reverse Engineering: https://www.cybrary.it/wp-content/uploads/2017/11/cheat-sheet-reverse-v6.png Linux commands: https://linoxide.com/images/linux-cheat-sheet-612x792.png Penetration Testing: https://highon.coffee/blog/cheat-sheet/ SQL Injection: http://pentestmonkey.net/category/cheat-sheet/sql-injection NMAP: Professor Messer+s Quick Reference Guide to NMAP Hacker Target: Nmap Cheat Sheet XSS: ...

UNM4SK3D: Pwn2Own, FireEye, and Google
By: Olivia
November 3, 2017

#zeroday Participants in the Mobile Pwn2Own 2017 competition recently produced exploits for exploits for the iPhone 7, Samsung Galaxy S8, and other mobile devices. Nothing like a little friendly competition, right?   For those unfamiliar, this competition is a two-day event hosted by Trend Micro's Zero Day Initiative (ZDI) and promotes the disclosure of vulnerabilities during ...

Identifying Security Risks with Security.txt
By: Mike Ship
November 2, 2017

While listening to a recent episode of Security Now , Steve Gibson discussed that help is on the way for securing websites and services. I have not seen much mention of it anywhere else but I feel that it is definitely something worth noting.When it comes to identifying security risks in websites and services a major problem in the ...

What Experts Are Saying About Shadow Brokers
By: Aman2406
October 31, 2017

As we have all heard, there is a group calling themselves The Shadow Broker.  They hacked into the NSA's (National Security Agency) server and stole a disk full of secrets last summer. This stunt pulled by shadow brokers publicly mocked the NSA for their vulnerable security and lack of information gathering skills. Despite this, they also ...

Gaining Access through Default Maintenance Accounts
By: Mohamed Abdellatif Jaber
October 31, 2017

Maintenance Accounts (English Version) Here is a mistake where many server owners and site admins leave their maintenance accounts in the default mode. The hacker can guess account credentials in a simple way.For example:If we target (router) we will extract (IP), we will use any Rang IP extraction program. For example, IP Range - Angry IP. After we extract many ...

"Phreaky" Hacks You Should Know
By: Lawrence King
October 31, 2017

                Hackers can be extremely creative at getting around various types of security, but there may be some ways that are so far out there and crazy that many security professionals have not even heard of them. Some of these hacks are pure genius and they show us how someone with enough determination can get through nearly any type of ...

Love Linux? You're Not Alone
By: ginasilvertree
October 30, 2017

If you love Linux, you're not alone! Your fellow Cybrarians are enjoying lots of cool Linux training, tools, posted content, etc. The links below include training and supplemental study tools.Plus, here are a few interesting thoughts on Linux from Linux.com : "From smartphones to cars, supercomputers and home appliances, the Linux operating system is everywhere. It’s been around ...

UNM4SK3D: Bad Rabbit, Iot Reaper, and Kaspersky
By: Olivia
October 27, 2017

#ransomware Bad Rabbit ransomware, which involves the downloaded file named 'installflashplayer.exe,' has   hit approximately 200 businesses in multiple countries including the US, Russia, Ukraine, Germany and Turkey.  According to researchers as Kaspersky, the outbreak is spreading from drive-by download attacks via legitimate news sites where the host sites are infected with a ...