0P3N Blog

https://traffic.libsyn.com/brakeingsecurity/2016-041-Ben_johnson.mp3  Ben Johnson from Carbon Black has been around the industry for a good while, and has seen a lot of ugly things in our industry.Ben had written a recent blog post ( https://www.carbonblack.com/2016/08/12/benvlog-3-negative-forces-driving-security/) detailing the issues that seem to plague many companies and many people in the infosec community.We talked about these issues in depth, and how companies and ...

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-045-aamirlakhani-thedarkweb-creatingreputation.mp3[/embed] Mr. Boettcher and I met Mr. Aamir#Lakhani at DerbyCon this year, and immediately intrigued with his work on the Dark Web.He has assisted with law enforcement investigations, a known member of the dark web, to the point where people with#malware or bots will seek him out in an effort to 'legitimize' their work, similar to how being reported on by ...

Introduction Vulnerability assessment is one of the steps of penetration testing. It can be described as the procedure where the penetration tester scans the system for vulnerabilities in order to gain access to the system. A vulnerability can be a weakness point, a failure even a miss-configured file that a pentester ...

The International Information Systems Security Certification Consortium creates the certifications most known in the hacking world. More details can be found at https://www.isc2.org/uploadedFiles/(ISC)2PublicContent/(ISC)2-Company-Overview.pdf In particular, they develop the CISSP (for Leadership & Operations), CSSLP (Software Security), CCFP (Cyber Forensics), and many more.In order to receive certification from (ISC)², you must agree to their code of ethics. ...

Each holiday shopping season has a must-have gift item. Holidays past had their Cabbage Patch Kids, Mighty Morphin Power Rangers, and Legos as perennial favorites. Holiday 2016 is shaping up to have several contenders, but no clear favorite has yet emerged. At least Pokemon characters are in the mix coming off the summer craze the Pokemon Go ...

As security professionals, many of us try to teach a few simple lessons to help system administrators become more security-conscious. In this article I’ll talk about how obscurity can aid security - -hopefully, I can clear up some misconceptions. Obscurity: What Do We Really Mean?         First, what does the security professional ...

 Tor is a widely popular connection-oriented anonymizing communication service used by journalists, activists groups, security investigators, among others. This article explains how to boost the Tor privacy using it as an Isolating Proxy .An Isolating Proxy is one of the safest Tor setups. It prevents leaks present in other scenarios ...

As a result of Juliar's  latest update, you can now send raw emails via rawemail command that sends an email to a user using SMTP protocol. (Download the latest Juliar at  https://www.juliar.org ) What is a raw email? In a raw email, you have to write everything to send to the server.Here is the command: *rawemailFrom: "Ben" <ben@example.com>To: J <j@example.com>Cc: ...

The US Presidential Election, which took place on November 8 th , 2016 was unprecedented and will likely go down in history as the biggest political upset of all time. Former Secretary of State and First Lady Hilary Rodham Clinton ran against billionaire New York businessman Donald Trump. Polls and news outlets all over the ...

A huge part of the Juliar programming language is inspired by Fortran.Why Fortran? Because it was done right! It's one of the oldest languages used today.Fortran has subroutines. So does Juliar. Juliar has a different name for it. It's called a "block." In order to have a high-performance application, it's important that you use block whenever you need to. "Blocking" an application ...