0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Top 5 Highest Paying Cyber Security Jobs
By: TREVORH
November 4, 2015

Cyber security jobs offer lucrative financial rewards for protecting the nation’s computer networks and data from attack or unauthorized use. These top five highest paying positions command six-figure salaries:1. Chief Information Security Officer (CISO) Complex challenges to a CISO include the development and delivery of an Information Technology (IT) risk management strategy that is aligned with business security. The ...

Remember Remember the Fifth of November - #RememberRemember
By: ryan c
November 4, 2015

In honor of November 5th, we will be issuing double Cybytes on all Cybyte based activity (not on purchases, these ones you have to earn). Cybytes activities can be found here:  https://www.cybrary.it/cybytes/ So, any time on 11/5/2015, login and accumulate Cybytes, just like you would on any other day, we will reward you with double Cybytes, its ...

Integrating a Honey Pot into Your Network
By: scilley
November 4, 2015

Hello -This post will cover integrating a Honey Pot into your DMZ or internal Network. This information is for security enthusiasts, professionals and administrators.  First, lets define what a Honey Pot is: A Honey Pot is a computer, usually of the Linux variety, that emulates various services and ports (this is not a WikiPedia definition). Truth be told, Honey ...

The 5 Phases of a Phishing Attack
By: RoninSmurf
November 4, 2015

This document is written from the attacker’s point of view, showing the mindset behind a phishing hack. It's intended to build awareness around computer and online safety. It's NOT intended for illegal or immoral use. Phishing attacks have become more carefully crafted and effective. They're no longer just random mass mailer ...

Choosing A Career in Cybersecurity: Public Sector or Private Sector?
By: TREVORH
November 3, 2015

With the proliferation of hack attacks and cybersecurity breaches, there is a growing need for cybersecurity experts and, therefore, there are an increasing number of opportunities in cybersecurity for those entering the work place or wanting to change careers to take advantage of the opportunities in this growing field. One of the first decisions someone entering this field needs to ...

Level 2 - A1 Injection (CTF)
By: bestiaNXN
November 3, 2015

This is the Level 2 write-up of the Info Sec Institute Capture the Flag for Practical Web Hacking. I'll be going over the process I used to "Capture the Flag" and then I'll explain how the web page is vulnerable.The vulnerability on https://ctf.infosecinstitute.com/ctf2/exercises/ex2.php is Injection and the instructions tell me that the goal is to run phpinfo() ...

Understanding What's Behind the Exploitation Scene in Metasploit
By: S-Connect
November 3, 2015

Welcome Back! Here, we'll analyze and understand the mechanism behind the exploitation scene, especially in Metasploit.Let's start with a scenario: an attacker executes the exploit + payload against the vulnerable service on the victim's machine. [caption id="" align="alignnone" width="393"] Figure 1.0[/caption] Above, Fig 1.0, shows a single line diagram, just to give you an idea how exploit + payload ...

Big Cybersecurity Budget Means Big Business for Defense Contractors
By: TREVORH
November 3, 2015

Following last month’s $1billion contract awarded to Raytheon from the Homeland Security Department, the Pentagon is now taking bids from defense contractors to help protect against the digital future.Big industry names such as Raytheon Co., Lockheed Martin Corp., and General Dynamics Corp. are expected to be at the forefront, competing for a contract valued at up to $460 million.While many ...

RECONSTRUCTING THE CYBER TALENT PIPELINE
By: TREVORH
November 2, 2015

A “Cyber Talent Pipeline” refers to an organization's creation of an going, readily available, talent pool to fill various cyber security jobs, as they become available. The effects of a poorly maintained pipeline is hitting the cyber security industry in full force. The supply is simply not available to meet the demand. With present reporting of over 200,000 unfilled jobs, and ...

The Unconventional Guide to Network Security 1.3
By: ram
November 2, 2015

Network Security 1.3 Based on CompTIA’s list of Security + exam objectives (their PDF list of domains is found here: https://certification.comptia.org/docs/default-source/exam-objectives/comptia-security-sy0-401.pdf ), this article covers the first domain, Network Security (1.0), with its third sub-heading (1.3). I mention any products and examples because:1. When you’re starting out it can be difficult to ...