0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

How Important is SSL Inspection?
By: Sean Mancini
June 6, 2017

If you are running a UTM or firewall and are not inspecting SSL traffic I am sorry to say your firewall is useless. Why is this? Well, first of all, most traffic now occurs over HTTPS. Even malware sites! The fact of the matter is if you and I can get an SSL certificate, so can the hackers. Even if ...

Making Sense of Certifications: Your Path to the PMP
By: Olivia
June 5, 2017

At Cybrary, we’re doing our best to offer career guidance on the latest certifications, such as the PMP.Our goal is to make your decision on which courses to take and credentials to obtain more straightforward. With so many certifications available, it’s hard to know where to begin, which are most reputable and what is best for your specific career ...

Key Signs Your Smart Devices Have Been Hacked
By: Joanna Sommer
June 5, 2017

It is 2017 and computers, smartphones, and tablets - all smart devices - dominate our daily lives. We rely heavily on these devices for our work and business needs, as well as for our social, and dating lives. However, this dependence on technology can also make us vulnerable.  Is something sinister occurring ...

What is a SYN Attack?
By: Sean Mancini
June 5, 2017

A SYN attack is an exploit of the TCP/IP stack where by an attacker sends SYN packets and suppresses the SYN-ACK  packet. This type of attack can be volumetric where by the attacker sends a large amount of data to a link to  saturate the link . It can also be a trickle attack where the attack doesn't  generate a lot of ...

DDoS Attack Concept Explained
By: Zubair Ansari
June 4, 2017

DDoS attack: Every website is stored on a hosting server, and every hosting server has the ability to know how many users can visit the website at the same time that stored on the server.Suppose that www.nisareng.com is stored at Apache, and this server has the ability to serve 500 users a the same time. So, when ...

Pentesting Methodology from an Attacker's POV
By: binel
June 3, 2017

  In this article, I will use the term "pentester" or "attacker" for the same intent. The intent is to denote the one attacking the system. This means to compromise it by a hacker, or to secure it with a penetration tester.   ...

UNM4SK3D: ShadowBrokers, Chrome, and Google Play
By: Olivia
June 2, 2017

#dumpservice     Move over 'Wine of the Month Club,' there's a new subscription service in town. On May 30th, hacking group the ShadowBrokers announced their 'Monthly Dump Service' with a hefty pricetag of 100 Zcash (approximately $23,000 USD) monthly and instructions on how to subscribe. In case you've forgotten, the ShadowBrokers ...

Trump's Innovative Cyber Policy: "You have less than 90 days"
By: Thomas Callahan
June 2, 2017

TRUMP’S CYBERSECURITY EXECUTIVE ORDER If there is one person who approves of Trump’s recently signed executive order, its former president Obama.Why, you ask? A side by side comparison of Obama's and Trump's policy and it’s clear. Trump simply mandated compliance of Obama’s 2013 executive order within 90 days. While his tactic of “do what the other ...

Making Sense of Certifications: MCSA vs. MCSE
By: Olivia
June 1, 2017

In a recent post, I looked at the difference between the CSA+ and CEH certifications, and considering that security certifications are perhaps the most popular on the site, it seemed like the best place to start. The more I thought about it, the more I realized how many Cybrarians are also interested in entry-level IT skills, which will benefit ...

RAM Memory Forensic Analysis
By: Eliézer Pereira
June 1, 2017

RAM Memory Forensic Analysis 1 Goal The purpose of this article is to show how to perform a Ram memory forensic analysis, presenting some examples of information that can be retrieved and analyzed to help identify indications of security incidents as well as fraud and other illegal practices through information systems. 2 Good Practices and Techniques ...