0P3N Blog

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-009-brianenglerciscinformationsharing.mp3[/embed]We've reached peak "Br[i|y]an" this week when we invited our friend Brian Engle on to discuss what his organization does. Brian is the Executive Director of the Retail Cyber Intelligence Sharing Center - R-CISC."Created by retailers in response to the increased number and sophistication of attacks against the industry, the R-CISC provides another tool in retailers’ arsenal against cyber criminals ...

[embed]https://traffic.libsyn.com/brakeingsecurity/2016-010-DNS_Reconnaissance.mp3[/embed] DNS... we take it for granted... it's just there. And we only know it's broken when your boss can't get to Facebook.This week, we discuss the Domain Naming System (DNS). We start with a bit of history, talking about the origins of DNS, some of the RFCs involved in it's creation, how it's hierarchical structure functions to allow resolution to ...

Let's begin! 1 - Make sure the server time is correct. 2 - Configure NTP: apt-get install ntp service ntp reload ntpq -p  3 - Install the package that enables two-factor authentication. You can find the project here: https://github.com/google/google-authenticator 4 -Configure two-factor authentication: apt-get install libpam-google-authenticator vi /etc/pam.d/sshd Add the following line on top: ...

“The Era of False Secure IT Advertising and The Consumers At Large” – by jim white, Cybrary librarian student.) One of my favorite passions is the study of law in a hobby sort of way. Maybe because I am a certified veterans paraprofessional, a kind of paralegal for Veterans laws, tasked to protect the veterans, widows and orphans. ...

In this article, I'll show you how easily you can exploit a system running Windows XP using the Netapi exploit.Before we start, you might be wondering why you'd exploit an old version of Windows. My answer is: you gotta take baby steps before you can run. Lab Setup:-> A Windows XP virtual machine with SP2/SP3 (I used SP2)->A Kali Virtual ...

Observing and taking note of a cybercrime method doesn't always equate to taking proactive actions against it. While this might sound like companies and organizations simply aren’t paying attention, it has more to do with their belief that their existing protection against cybercrime is enough to avoid a breach. There ...

Diving a little deeper Previously, I've written about the value of cyber security degrees and wanted to dive a little deeper into this topic. Lately, I have had a series of conversations on this topic. The opinion I've formed on the subject seems to represent a large consensus.Many jobs in cyber security require people to have a certification. ...

Recently in the news, there have been many reports that say that the FBI is fighting Apple. FBI stated that they want Apple to create a backdoor for Apple devices to catch terrorists. The FBI even pressured Apple, but they responded with a public letter stating that they will not create the backdoor and there is a good reason why...security. ...

Here's quick way check the encryption of your WiFi connections:   1 - Open your terminal in Linux and run the following command: Find the ID for your wireless adapter, run ifconfig, scroll down until you see WLAN followed by number. Most of the time it would be wlan0 2 - After ...

As most of you know, social engineering can be exceptionally powerful. In all cases, a social engineering assault is only as good as the engineer. Every fruitful hack - technical or socially engineered - must have been supported by reconnaissance. This kind of reconnaissance we're discussing here isn't recon of a machine, but of the victim. Recon for social engineering ...