0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Dude, Where’s My Skill Cert? 7 Ways that our CPE Granting Skill Certifications Add Value
By: Olivia
November 17, 2016

Let me start by asking you a question. What is your education worth to you?If your immediate thought was, well, not too much, then let me ask you another question. Would you be willing to spend about 40 minutes to learn a whole heck of a lot and get the certification to back what you just learned?Maybe you’d rather spend ...

[#podcast] Ben Johnson on company culture shifts, needing better job descriptions, assisting your company's "cyber self-esteem"
By: BrBr
November 16, 2016

https://traffic.libsyn.com/brakeingsecurity/2016-041-Ben_johnson.mp3  Ben Johnson from Carbon Black has been around the industry for a good while, and has seen a lot of ugly things in our industry.Ben had written a recent blog post ( https://www.carbonblack.com/2016/08/12/benvlog-3-negative-forces-driving-security/) detailing the issues that seem to plague many companies and many people in the infosec community.We talked about these issues in depth, and how companies and ...

[#podcast] Aamir Lakhani discusses the DarkWeb...is all the content on the Darkweb bad? And becoming a known quantity on the DarkWeb...
By: BrBr
November 16, 2016

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-045-aamirlakhani-thedarkweb-creatingreputation.mp3[/embed] Mr. Boettcher and I met Mr. Aamir#Lakhani at DerbyCon this year, and immediately intrigued with his work on the Dark Web.He has assisted with law enforcement investigations, a known member of the dark web, to the point where people with#malware or bots will seek him out in an effort to 'legitimize' their work, similar to how being reported on by ...

Vulnerability Assessment using OpenVas - First Scan
By: Damianpd
November 16, 2016

Introduction Vulnerability assessment is one of the steps of penetration testing. It can be described as the procedure where the penetration tester scans the system for vulnerabilities in order to gain access to the system. A vulnerability can be a weakness point, a failure even a miss-configured file that a pentester ...

(ISC)2 Code Of Ethics VS Ethical Theory
By: ProgrammerE
November 16, 2016

The International Information Systems Security Certification Consortium creates the certifications most known in the hacking world. More details can be found at https://www.isc2.org/uploadedFiles/(ISC)2PublicContent/(ISC)2-Company-Overview.pdf In particular, they develop the CISSP (for Leadership & Operations), CSSLP (Software Security), CCFP (Cyber Forensics), and many more.In order to receive certification from (ISC)², you must agree to their code of ethics. ...

Counterfeit Mobile Shopping Apps Steal Christmas 2016
By: rcubed
November 15, 2016

Each holiday shopping season has a must-have gift item. Holidays past had their Cabbage Patch Kids, Mighty Morphin Power Rangers, and Legos as perennial favorites. Holiday 2016 is shaping up to have several contenders, but no clear favorite has yet emerged. At least Pokemon characters are in the mix coming off the summer craze the Pokemon Go ...

A Clear Understanding of "Security through Obscurity"
By: Effren Ouedraogo
November 15, 2016

As security professionals, many of us try to teach a few simple lessons to help system administrators become more security-conscious. In this article I’ll talk about how obscurity can aid security - -hopefully, I can clear up some misconceptions. Obscurity: What Do We Really Mean?         First, what does the security professional ...

Boost Tor Privacy: Isolating Proxy
By: toxicptr
November 15, 2016

 Tor is a widely popular connection-oriented anonymizing communication service used by journalists, activists groups, security investigators, among others. This article explains how to boost the Tor privacy using it as an Isolating Proxy .An Isolating Proxy is one of the safest Tor setups. It prevents leaks present in other scenarios ...

A Simple Guide to Send Emails from a Program
By: Rattar
November 14, 2016

As a result of Juliar's  latest update, you can now send raw emails via rawemail command that sends an email to a user using SMTP protocol. (Download the latest Juliar at  https://www.juliar.org ) What is a raw email? In a raw email, you have to write everything to send to the server.Here is the command: *rawemailFrom: "Ben" <ben@example.com>To: J <j@example.com>Cc: ...

The role of cyber voting scams in the recent USA Election
By: Rachel Laura M
November 14, 2016

The US Presidential Election, which took place on November 8 th , 2016 was unprecedented and will likely go down in history as the biggest political upset of all time. Former Secretary of State and First Lady Hilary Rodham Clinton ran against billionaire New York businessman Donald Trump. Polls and news outlets all over the ...