0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

New Course: HealthCare Information Security and Privacy Practitioner (HCISPP)
By: Siddharth Bhardwaj
November 19, 2020

The use of electronic medical records is widespread and increasingly accepted by the public. Healthcare providers are charged with the critical responsibility of keeping their patients’ private data safe. Furthermore, with an increasing number of attacks, unique attack methods, and an ever-rising demand for profitable medical records on the dark web, security practitioners need to learn ways to shoulder this ...

Cybrary Ranked 90th Fastest-Growing Company in North America on Deloitte’s 2020 Technology Fast 500™
November 18, 2020

College Park, MD (November 18, 2020) — Cybrary, the world’s premier online cybersecurity career development platform, today announced it placed No. 90 on Deloitte’s 26th annual Technology Fast 500™, a ranking of the 500 fastest-growing technology, media, telecommunications, life sciences and energy tech companies in North America. Cybrary grew 1,284% during this period. Cybrary’s co-founder and President, Ralph Sita, credits the ...

The Most Valuable Cybersecurity Certifications
By: Garrett Wilson
November 17, 2020

Skills to Pay the Bills: The Most Valuable Cybersecurity Certifications Not all cybersecurity certifications are created equal. While some will help you get your foot in the door, others are designed for advanced infosec professionals. Their level of complexity doesn't always align with their level of compensation — meaning it's in your best interest to find the most valuable cybersecurity ...

Create Your Own Tools Using Bash Script
By: Karim Bakhsh Amiry
November 17, 2020

Have you ever thought of writing a program of your own or customizing a tool that you make use of regularly? To some, writing a program/tool is one of the scariest things they can imagine, especially with tons of code and the potential for errors. However, most people working in the IT industry may love to write a tool ...

Computer Network Types
By: Nihad Hassan
November 16, 2020

As the world continues to digitalize, computer networks' dependence as a backbone of any computing environment becomes the de facto standard. The network is the medium (whether it is wired or wireless) used to connect one or more computer systems and, often, to the internet. Computer networking brings huge benefits to its adopters. For instance, computers can share data and resources ...

How To Become A DFIR Engineer
By: Dustin Sachs
November 13, 2020

Digital forensics and incident response (DFIR) is an area of technology that has gained much attention in the last twenty years. From shows like CSI and NCIS, the field of digital forensics has been glamorized and depicted as a field that can solve mysteries and catch criminals in the span of 47 minutes. These shows' precision and technology would make ...

Artificial Intelligence In Cybersecurity Operations
By: Muhammad Tariq Ahmed Khan
November 13, 2020

Since the attack surface is rapidly expanding and continues to evolve at an unprecedented pace, cyber-attacks are becoming more sophisticated and are increasing at lightning speed. There are innumerable varying cyber threats that need to be detected, prevented, and analyzed to calculate their danger or risk accurately. Simultaneously, one of the biggest challenges is that cyber-criminals within various state-sponsored attackers, ...

Penetration Testing Lesson: LIBSSH Auth Bypass aka CVE-2018-10933
November 13, 2020

LIBSSH Auth Bypass CVE-2018-10933 Lab Files: https://cydeferepo.s3.ca-central-1.amazonaws.com/libSSH.rar What is it?: LibSSH versions 0.6 and above have an authentication bypass vulnerability which an attacker could use to create channels without first performing authentication, resulting in unauthorized access. If the server is presented with an SSH2MSGUSERAUTHSUCCESS message instead of the expected SSH2MSGUSERAUTHREQUEST message, which would initiate the authentication, the attacker could successfully authenticate without ...

Denial-of-service (DoS) Attack Tools
By: Nihad Hassan
November 10, 2020

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks are types of cyber attacks that attempt to make an online service, server, or network unavailable by overwhelming it with a flood of internet traffic. As its name implies, Network-based DoS uses one device to send a flood of internet traffic, while DDoS uses more than one device to send this traffic to the ...

The Top Azure Certifications
By: Shelby Welty
November 9, 2020

The Sky's the Limit: The Top Azure Certifications While Amazon was first to market, Microsoft has been steadily closing the cloud computing gap. As noted by ZDNet, Azure is now solidly in second place behind AWS offerings and is considered the "enterprise favorite" thanks to the broad adoption of Windows OS, productivity, and server products across business technology ecosystems. As a ...