0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

What Is The MITRE Framework, and Why Does It Matter?
By: Cybrary Staff
February 2, 2022

The MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework is a curated knowledge base for cybersecurity professionals. Summary: As businesses take a more offensive stance against cyberattacks, there is a growing emphasis on documenting and emulating adversarial behavior. As a curated knowledge base and model for cyber behavior, the MITRE ATT&CK framework is being widely adopted to enhance intrusion detection ...

A Guide To CTFs For A Cybersecurity Analyst
By: Shimon Brathwaite
February 1, 2022

Cybersecurity analyst is one of the most common types of cybersecurity jobs, and they fall into two categories. There are blue teams (defensive) and red teams (offensive) security analysts. The first one works primarily to defend the system by resolving security vulnerabilities, while the other discovers security vulnerabilities by attacking computer systems. Now you can learn a lot about doing ...

Everything You Need To Know About Malware Threats
By: Prasanna Peshkar
January 31, 2022

Malware is a type of computer program or software developed to cause damage to the computer. It is also called malicious software, which can harm files, swipe private data, and more. This article will discuss Malware and different types of malware threats. The rise of computer and internet technology has transformed our lives, and it has changed the course of ...

High-Profile Cyber Events Of 2021
By: Cybrary Staff
January 28, 2022

The year in review: A look back at some high-profile cyber events of 2021 Like the year before, 2021 was a record-breaking year for cyber events, with billions of records being compromised. Here are some of the most prominent incidents. Summary: By September 2021, the number of data breaches had already exceeded the total number of those from the year before, with ...

How Attackers Use MSHTML For Remote Code Execution
By: Vijay Maripi
January 27, 2022

Overview of MSHTML Vulnerability MSHTML is an acronym for Microsoft HTML Engine and interfaces, and this is a browser engine that comes with Windows, both personal computers and servers. The security flaw can be found in almost any device that runs with Windows operating system. The CVE-2021-40444, also known as the MSHTML Engine Remote Code Execution vulnerability, allows attackers to execute ...

How To Learn Ethical Hacking On My Own
By: Nihad Hassan
January 26, 2022

The advancement of computing technologies and the proliferation of the internet worldwide have shifted a significant part of people's daily lives into cyberspace. Organizations of all types and sizes increasingly utilize digital technologies to conduct and support most of their work operations. The massive shift to cyberspace has brought numerous benefits for individuals and organizations, but it also introduced serious ...

Best Algorithms For Encryption Of Your Data
By: Shimon Brathwaite
January 25, 2022

Encryption is one of the most important aspects of securing online communications. It is easier than you might think for someone to eavesdrop on a conversation or access data while it is in transit from one place to another. Encryption is simply the process of encoding information so that the original message cannot be understood until it has been decrypted. ...

Why Log4j Is A 0-day Vulnerability
By: Vijay Maripi
January 24, 2022

Overview of Zero-day Vulnerability A zero-day vulnerability has been discovered but not yet patched in a device or system. A zero-day exploit is an exploit that targets a zero-day vulnerability. Zero-day refers to newly found security flaws that hackers can exploit to attack systems. Attackers use this newly discovered security flaw by exploiting organizations where developers recently found the fault, ...

Why People Are An Essential Part In Crafting The Organization's Security Posture Strategy?
By: Evan Morris
January 24, 2022

header Creating a strategy for an organization's cybersecurity posture is often equated to the technical aspects. It is associated with the security hardware, software tools, and related protocols. However, many organizations fail to consider one of the most important factors: people. As experienced cybersecurity expert and senior SANS Institute instructor Lance Spitzner puts it, humans are [the weakest link in the cybersecurity ...

2022 Cybersecurity Predictions
By: Kevin Hanes
January 21, 2022

2021 could be considered the year that everyone finally reconsidered how cybersecurity affects everyday life. Attacks on critical infrastructure such as the Colonial Pipeline, JBS, and Iowa Grain Cooperative resulted in inflated oil prices and risks of food shortages. Additionally, cyberattacks on hospitals threatened patient care and PII, plus businesses felt financial pains courtesy of the Kaseya attack and T-Mobile ...