0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Need a FUD: What about Shellter?
By: bytezealot
March 17, 2017

Shellter is a dynamic shellcode injection tool, and the first truly dynamic PE (portable executable) infector ever created. It can be used in order to inject shellcode into native 32-bit Windows applications. It takes advantage of the original structure of the PE file and doesn’t apply any modification such as changing memory access permissions in sections (unless the user ...

Anatomy of a Ransomware Attack - Part 2
By: AjayRandhawa
March 17, 2017

ANATOMY OF RANSOMWARE How it works : A ransomware attack goes through five stages from the time it installs on your computer to the appearance of the ransom warning on your screen 2.1 Five Stages of Crypto Ransomware 2.1.1 INSTALLATION After a victim’s computer is infected, the crypto-ransomware installs itself, and sets keys in the ...

Cybercrime and Punishment: Who’s Actually Paying the Price?
By: rcubed
March 16, 2017

It seems that a week doesn’t go by where there isn’t news of a major data breach or intelligence dump. Yesterday gave us something slightly different, but still a variation on the same theme. On Wednesday March 15, 2017 the Justice Department indicted four defendants – all with ties to Russia – for an array of computer and hacking ...

Aireplay Vs Mdk3: Wireless Deauthentication
By: Invoron 'norovni'
March 16, 2017

I am pretty sure anyone who has ever tried to hack wireless network should have come across aireplay-ng (one among aircrack-ng suite), very few may have heard about mdk3. Similar to aireplay-ng, mdk3 can be used to Jam a wireless network exploiting IEEE 802.11 protocol weakness. In this article lets talk on how to use them and jump to some ...

Anatomy of a Ransomware Attack CryptoLocker - Part 1: CryptoWall How to Stay Safe
By: AjayRandhawa
March 16, 2017

ABSTRACT Ransomware is malware that prevents you from using your files or your computer, and then extorts money from you in exchange for a promise to unlock them. This type of malware is responsible for tens of millions of dollars in extortion annually. Worse still, developing new variants is trivial, ...

How to Showcase your Skills in an Online Portfolio
By: Olivia
March 15, 2017

In the blog, I’ve talked a lot about resume tips and emphasizing skills to help you get hired. I realize in doing so that some skills are more visual and creative than others, with everyone from coders to technical writers needing an ideal place to showcase their work.Resumes are necessary of course, and just the first part of the ...

Let's go Phishing!
By: bigmatt
March 15, 2017

Everyday millions of spam emails are getting by spam and firewall filters, and into the mailboxes of many unsuspecting users.  From claims of a wealthy Nigerian Prince, to sweepstakes winners, "magic pills" and many others litter the inbox, and all it takes is one end user to click on the email and either follow the instructions in said email, or ...

Scripting Vulnerability Crisis: Crawling Out of the Rabbit Hole
By: ericcacordier
March 15, 2017

 What you do not know will not hurt you – right? Wrong! Scripting vulnerabilities will creep up on you and it can cause a temporary project shutdown, an entire rewrite of a project or worse project cancellation. Long gone are the days of development just to see if it works. Waiting for a security team to catch your ...

Top 10 Network Security Threats and Their Security Measures
By: nirmalrijal
March 14, 2017

Nowadays cyber-threats are becoming a daily headache for IT security staff, it supports to have some guidance, or at least identify what to look out for. As a small company doing business on the web, you need to be aware of these methods so you can be extra vigilant when online. All the threat has been ...

A Man of Many Certs: How One Cybrarian Views Micro Certifications
By: Olivia
March 13, 2017

We’ve been asked by many members how other Cybrarians are using micro certifications to learn new skills and further their careers. It’s a fair question certainly, with this concept being so new.Certifications are imperative to a cyber security career, as they have become the standard to prove one’s knowledge on a set of skills.  But micro certifications seem ...