0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Beware of Internal Security Threats
By: Lawrence King
January 31, 2017

Estimated reading time: 4 minutes Are there any employees who work in their own little bubble in your organization where nobody else is aware of what they do, where they keep files or important documents? How much data do they have access to? Does anybody audit their access to the network, bank accounts or inventory? ...

Winter Phishing: Gmail Scams
By: Rachel Laura M
January 30, 2017

Scams! Some hackers are good at them. Hackers who create phishing schemes often create documents that are realistic and convincing enough to look legitimate; causing even some of the most technologically savvy users to fall for them. That is a "good" scam.Netflix was recently the target of such a scam. Unsuspecting users were sent a link via e-mail which ...

Video: Getting Information During Footprinting
By: ryan c
January 30, 2017

Background Information that we need during footprinting . In this post, I'll tell you how to get the background technology or services that a website is running. This will be helpful in gaining some information during the Information Gathering process and footprinting. How do you get the information you need ...

Let's "C" How This Goes Again - Part 2
By: jnox
January 30, 2017

Estimated reading time: 9 minutes Hello, fellow Cybrarians! Way back in December…umm…checks own page 12th - yeah I knew that - December 12th I wrote an article for C programming, an intro to C called ‘ Let’s “C” How this Goes: Programming Introduction to C ’. Recap from the previous article: Skip to new content ...

Error Based SQL Injection: Best practices and projects
By: Romansh Yadav
January 29, 2017

Estimated reading time: 3.5 minutes Hello Leaders,Today I'm going to talk about the second part of the SQL Injection article. First, I want to explain the purpose of Error-based SQL injection. Don't worry, it's very simple.RETRIEVING DATA FROM THE DATABASEToday, we mostly use SQL injection for bypassing the login form or gaining access into an ...

Getting Started with PS Tools
By: H5p
January 28, 2017

  Estimated reading time: 1 minute I found a really good toolset which may come in handy when it comes to doing things remotely. This may help admins and other IT staff that need to do things remotely.Download the PS tools, which can be found easily and downloaded from the internet. 1) PsExec The below command will give ...

Obtaining a Skill Certification is as Easy as Taking a Practice Test
By: Olivia
January 27, 2017

Awhile back, I said that passing a micro certification exam is ‘ so easy a caveman could do it .’ And in a sense that still holds true. However, I know many of us have test anxiety, and for some, obtaining a certification is a matter of job security. That’s a lot of pressure. I’d like to think test taking ...

UNM4SK3D: Dropbox, Russia, and Google Play
By: Olivia
January 27, 2017

#filesharing Recently, Dropbox earned itself a new nickname, 'Dropbug,' also synonymous with 'restore files.' The crowd-favorite file sharing company implemented a bug fix which had corrupted the metadata of their files. This resulted in the files being “quarantined” rather than deleted.  So while you may have thought your folder containing embarrassing love letters ...

Layered Security Part 2 - Defense In-Depth
By: YounessTast
January 27, 2017

Estimated reading time: 6 minutes Hello everyone and welcome to what I hope will be an “Agora” for security enthusiasts and to all people wishing to share a discussion and learn from what we discuss, or better, teach us and share with us their knowledge. In the first ...

Building a Linux Monitoring Infrastructure II
By: Abayomi Ayoola
January 27, 2017

Estimated reading time: 2.5 minutes [Continued from Building a Monitoring Infrastructure I ] Install binaries, init script, sample config files and set permissions on the external command directory. root@Nagios:~/Downloads/nagios-3.0.5#make installroot@Nagios:~/Downloads/nagios-3.0.5#make install-initroot@Nagios:~/Downloads/nagios-3.0.5#make install-configroot@Nagios:~/Downloads/nagios-3.0.5#make install-commandmode 4. Customize Configuration Edit the  /usr/local/nagios/etc/objects/contacts.cfg  config file with your favorite editor and ...