0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Docker Containers Security
By: chiheb chebbi
December 27, 2016

  Docker container  is an open source project (Apache License 2.0). Containers allow developers to package up their applications without worrying about libraries and dependencies, a headache, allowing them to ship their applications among any system running Linux operating system.You can look at them like Virtual machines but without the need for creating a whole virtual operating system. ...

Suricata IPS: A Deep Inspecting of Your Traffic
By: Abhishek Puranam
December 27, 2016

Hi Cybrarians,I recently integrated Suricata tool into our application to block malicious traffic. Here are my 2 cents in this article on why Suricata is a great engine to be installed to mark your traffic prior communicating to the world. About Suricata   Suricata is a signature based system, built to perform Intrusion Detection, Prevention, and Network Monitoring along with ...

CompTIA's New Cybersecurity Analyst (CSA+) Certification
By: erussell
December 26, 2016

In August I had the opportunity to take the CompTIA Cybersecurity Analyst+ (CompTIA CSA+) beta certification exam. CompTIA intends this to be a new vendor-neutral certification path between CompTIA's Security+ and the CompTIA Advanced Security Practitioner (CASP ). Similar to other CompTIA exams, this exam consists of both multiple choice and performance-based questions. My exam had ...

XSS Explained - From Theory to Practice
By: Dr3AMCoDeR
December 25, 2016

Hi there Cybrarians!As always, I should thank you to all of you for your support. I'm really happy that my articles are helpful to most of you, and now I'm back with another article. Let's also greet the moderators which are doing a great job with our contents in Cybrary.I was recently asked to explain how XSS attacks work ...

Password Generating Principles: Method 2
By: Cernyr
December 24, 2016

Hello Cybrarians,In the first article , I showed you a passphrase generating method. In this second article, I would like to introduce you another one, the password matrix. This type is an upgraded version of the ancient SATOR square. The original was used for mythological/mystical purposes and can be viewed in the Pompeii ruins.The advanced version is basically a ...

Server Documentation Tool
By: infosectdk
December 23, 2016

Hello, Cybrarians!“Where is your documentation?”This question can be asked by an auditor, a C-Level manager, your boss or a colleague.If you document everything and are methodical in how you work – well done to you.  But for everyone else, well let’s just say procrastination can set in, or we are distracted, we all know the excuses we could ...

You Say Cyber Security, I Say Cybersecurity
By: rcubed
December 22, 2016

Being it’s the Thursday before Christmas I thought a somewhat less technical post was in order to get us in the Holiday spirit. It would also be a good opportunity to clear up an issue that’s been nagging me for a long time: what is the proper spelling of cybersecurity? I’ve seen it spelled as a single ...

Security Risks of a Cashless Economy
By: indrajeet
December 22, 2016

  November 8, 2016, was a great date for the entire world. On the one hand, U.S. election results were announced and on the other hand, the Prime Minister of India, Shri Narendra Modi announced demonetization in the country ( India ). If you are not from India, you might be thinking ...

Discovering the Operating System Using ICMP
By: ryanshady
December 22, 2016

Ping and Traceroute form a simple pair of tools for operating system recognition. The technique consists of the sum of the jumps and TTL. Firstly, we must be aware of the TTL return value of the various Operating Systems.- Cyclades = Usually 30- Linux = Usually 64- Windows = Usually 128- Cisco = Usually 255- Linux + ...

UNM4SK3D: Ads, Email, and Inflight Entertainment
By: Olivia
December 22, 2016

  #methbot Slow clap for fraud-prevention firm White Ops who discovered the biggest digital ad fraud ever, lovingly dubbed 'Methbot.'  This may sound like a bad dream, or just another episode of Breaking Bad, but Methbot, a 'robo-browser that spoofs all the necessary interactions needed to initiate, carry out and complete ad transactions,' ...