0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Introduction to Docker
By: vinothpkumar
November 18, 2016

Hi Readers, In this blog post, I’ll introduce you to the world of containerisation - Docker. Topic Introduction to Docker Target Audience ...

Insider Threat Management
By: rcubed
November 17, 2016

A DOE contractor feeling the pressures of rising debt attempted to sell stolen uranium parts to agents of a foreign government. A government researcher who experienced a hostile work environment accessed a secured facility and intentionally left 4,000 biological samples to thaw resulting in a $500,000 loss to the project and setting it back months. And then ...

Juliar Webserver: GETting parameters - Part 1
By: Rattar
November 17, 2016

Hey guys,In order to follow this tutorial, you must have Juliar installed with a web server.Run Juliar as a webserver, create index.ju file in webfiles and add the following to index.ju: get query/test This will basically access the object query that is automatically populated if run as a web server.We will be populating using GET request, so we can ...

Dude, Where’s My Skill Cert? 7 Ways that our CPE Granting Skill Certifications Add Value
By: Olivia
November 17, 2016

Let me start by asking you a question. What is your education worth to you?If your immediate thought was, well, not too much, then let me ask you another question. Would you be willing to spend about 40 minutes to learn a whole heck of a lot and get the certification to back what you just learned?Maybe you’d rather spend ...

[#podcast] Ben Johnson on company culture shifts, needing better job descriptions, assisting your company's "cyber self-esteem"
By: BrBr
November 16, 2016

https://traffic.libsyn.com/brakeingsecurity/2016-041-Ben_johnson.mp3  Ben Johnson from Carbon Black has been around the industry for a good while, and has seen a lot of ugly things in our industry.Ben had written a recent blog post ( https://www.carbonblack.com/2016/08/12/benvlog-3-negative-forces-driving-security/) detailing the issues that seem to plague many companies and many people in the infosec community.We talked about these issues in depth, and how companies and ...

[#podcast] Aamir Lakhani discusses the DarkWeb...is all the content on the Darkweb bad? And becoming a known quantity on the DarkWeb...
By: BrBr
November 16, 2016

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-045-aamirlakhani-thedarkweb-creatingreputation.mp3[/embed] Mr. Boettcher and I met Mr. Aamir#Lakhani at DerbyCon this year, and immediately intrigued with his work on the Dark Web.He has assisted with law enforcement investigations, a known member of the dark web, to the point where people with#malware or bots will seek him out in an effort to 'legitimize' their work, similar to how being reported on by ...

Vulnerability Assessment using OpenVas - First Scan
By: Damianpd
November 16, 2016

Introduction Vulnerability assessment is one of the steps of penetration testing. It can be described as the procedure where the penetration tester scans the system for vulnerabilities in order to gain access to the system. A vulnerability can be a weakness point, a failure even a miss-configured file that a pentester ...

(ISC)2 Code Of Ethics VS Ethical Theory
By: ProgrammerE
November 16, 2016

The International Information Systems Security Certification Consortium creates the certifications most known in the hacking world. More details can be found at https://www.isc2.org/uploadedFiles/(ISC)2PublicContent/(ISC)2-Company-Overview.pdf In particular, they develop the CISSP (for Leadership & Operations), CSSLP (Software Security), CCFP (Cyber Forensics), and many more.In order to receive certification from (ISC)², you must agree to their code of ethics. ...

Counterfeit Mobile Shopping Apps Steal Christmas 2016
By: rcubed
November 15, 2016

Each holiday shopping season has a must-have gift item. Holidays past had their Cabbage Patch Kids, Mighty Morphin Power Rangers, and Legos as perennial favorites. Holiday 2016 is shaping up to have several contenders, but no clear favorite has yet emerged. At least Pokemon characters are in the mix coming off the summer craze the Pokemon Go ...

A Clear Understanding of "Security through Obscurity"
By: Effren Ouedraogo
November 15, 2016

As security professionals, many of us try to teach a few simple lessons to help system administrators become more security-conscious. In this article I’ll talk about how obscurity can aid security - -hopefully, I can clear up some misconceptions. Obscurity: What Do We Really Mean?         First, what does the security professional ...