0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

ISP's Connect You to the World
By: Dr3AMCoDeR
June 6, 2016

Hello there Cybrarians,As always, I appreciate your huge support and comments. That's why I've decided to write another article today which might be useful for you. I'm going to discuss everything about ISP's (Internet Service Providers) because many people have asked me, "How does an ISP work and what do they know about us (the clients)?".My discussion will be ...

Video Tutorial: XSS – Cross Site Scripting
By: xyra
June 5, 2016

Cross Site Scripting is the consequence of a vulnerability in websites or client software. It allows an attacker to inject his/her own malicious code. It's used either to trick the user to believe that the injected code is part of the website or to run scripts which are not distributed by the website itself. Do you know the difference ...

The Theory of the Dot: How We Surf the Internet Incorrectly
By: Rattar
June 5, 2016

 You may not know this, but we're surfing the Internet incorrectly. That's right, when we go to Google or Cybrary, we type: www.Cybrary.it or www.google.com , but we're forgetting the most important symbol, the dot (.) at the end of the domain.  According to https://www.dns-sd.org/trailingdotsindomainnames.html : "It's a little-known fact, but fully-qualified ...

Sunday's Cyber Security Fact: Breach Detection (June 5th, 2016)
By: ginasilvertree
June 5, 2016

"The majority of data breach victims surveyed, 81 percent, report they had neither a system nor a managed security service in place to ensure they could self-detect data breaches, relying instead on notification from an external party. This was the case despite the fact that self-detected breaches take just 14.5 days to contain from their intrusion date, whereas breaches ...

End Point Protection: Your First Line Of Defense
By: Willian
June 4, 2016

For a long time, the main focus of many organizations was to have a solid protected network perimeter by installing the most powerful shiny firewall/IPS/IDS they could afford. This could help them keep intruders from trespassing inside their networks.The end point (host) protection was always considered the last line of defense and never treated with the same priority as ...

CyberPop - What's "Dwell Time?"
By: ginasilvertree
June 4, 2016

CyberPop is a quick way to learn more definitions and facts about cyber security.  Today's Question: What's "Dwell Time?"   Answer: "Duration, usually in days, that a vulnerability or infection remains undetected within a network or environment. (Some also define it as the time between detection and remediation, or even total time from infection to remediation.)" Browse courses and ...

Proactively Counter Cyber Attacks and Incidents with Hunt Teaming
By: pankaj1251
June 3, 2016

During the past few years, industry has witnessed a major change in the working environment of users: desktop-centric organizations have evolved to using many more personal, handheld devices. This enhances user mobility and ease of doing business.Related to the increase and variety of devices, industry has encountered various attacks such as APT, DOS/DDOS, data exfiltration, etc. The major compromises were ...

Why Exploit Kits are a Fast-Growing Threat
By: Willian
June 3, 2016

Exploit Kits (EK's) are a serious cyber threat today, estimated to be responsible for the vast percentage of malware infections worldwide. Exploit Kits are currently distributed through both public and underground sources. They appeal to a wide range of audiences, from inexperienced hackers to black hat cybercriminals. They create a fast-growing online threat, which targets holes in ...

7 Effective Ways to Secure Your End Points
By: pankaj1251
June 2, 2016

Gone are the days when organizations thought that if they installed and regularly updated end-user antivirus software, they were secure. Cybercriminals and target attackers always find ways to install Trojans on your network.Recently, in one of the attacks, a cyber espionage group installed a RAT (Remote Access Trojan), which is weaponizing malware that payloads with 0-day exploits. This sort ...

Using Nslookup in Windows to Check DNS Records
By: Alfrick Opidi
June 2, 2016

Nslookup, meaning "name server lookup," is a popular built-in command tool that comes with most versions of the Windows operating system. It's a handy tool you can use to diagnose the DNS infrastructure of the requested domain name.By default, the Nslookup command translates word-based domain names to numerical IP addresses (and vice versa).Other more powerful variants of Nslookup can ...