0P3N Blog
Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.



News leaks, sensitive information going public, companies facing lawsuits over data leakage, and more other unfortunate events occur every day. These events are caused by the negligence of the digital infrastructure that is used daily. The systems used can be poorly designed and, hence, can leak sensitive data and credentials to hackers in real-time. In this course of “Session Hijacking,” the ...


Why good negotiation skills are critical for enterprise security leadership This article was written to supplement Dr. Amoroso's course Enterprise Security Leadership: Negotiation Skills for Cyber Leaders. For decades, cybersecurity was purely the domain of the IT department. Measures to protect an organization against cyberthreats were viewed almost entirely from a technical perspective. For everyone else, cybersecurity knowledge barely extended beyond ...


Microsoft Azure is a large collection of technologies that can transform and revolutionize an entire company, within days, if not sooner. With its interwoven solutions and pay-as-you-go model, Microsoft Azure has become a sought-out destination for new and existing businesses, large and small. However, with the availability and flexibility that Microsoft offers to its Cloud subscribers, it should be noted ...


Overview The National Institute of Standards and Technology (NIST) provides a robust, risk-based cybersecurity assessment tool, known as the NIST Cybersecurity Framework (NIST CSF); or, simply as “The Framework.” 1 The original intent of the NIST CSF is to provide a cybersecurity risk-based assessment tool, to protect the nation’s sixteen critical infrastructure (CI) sectors. The Framework is also ...


Often, you’ll find that it’s the candidates who have IT certifications on their resume, which make it past the initial screening. Job recruiters may use this information to narrow down their lists of candidates and in deciding who they will call for an interview. Currently, the information technology industry is overflowing with open positions, and there are not enough qualified IT ...


What is CRISC? Why take a CRISC course during preparation for the final exam? The Certification in Risk and Information Systems Control (CRISC) is for IT and business professionals who develop and maintain information system controls, and whose job revolves around security operations and compliance. It is developed by a team of risk management industry-leading professionals. The CRISC certification is ...


One of the most widely used techniques for performing a scam is phishing. This is usually done by tricking a user into providing personal information or clicking a link to a webpage, which is fraudulent. Two very common examples: 1) The one where the user supposedly won the lottery, or someone wants to donate money, so the sender asks for personal ...


Cybersecurity is a field that has grown a lot in the last decade. This does not come as a surprise, due to the increase in the frequency of cyber-attacks and the need to address these attacks, which cause millions in losses. In the contemporary world, where information is everything, we humans depend a lot on electronic devices to maintain data ...


The Google search engine is the most powerful search engine. Google has many options within its search engine. Suppose one wants to find all of the admin portals, of all of the websites present in the Google database, or one would like to see all of the public webcams; one can do this using Google Dorks. Many cool things can ...


This blog was originally posted on Percona Blog by author Peter Zaitsev. Reposted with permission. This is a three-part blog series. Part two is located here, and part three can be found here. There was no reason to plan for it, but the load on your system increased 100%, 300%, 500%, and your MySQL database has to support it. This is a ...