0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Lookout Black Hat, here comes Cybrary!
August 6, 2019

As I sat in the airport this week thinking about the week ahead, I couldn't help but get a flutter of excitement. The Cybrary team has spent weeks and weeks preparing for what will be our biggest event to date. After 4.5 years, Cybrary (which when I joined was a team of 3) has now eclipsed 60 employees and ...

DNS Under Attack
By: cybergary
July 30, 2019

This post originally appeared on the Cisco Security Blog by author Ben Nahorney. Reposted with permission.  You’ve probably heard the stories by now: one of the fundamental technologies that keeps the internet working has recently become a regular target for attackers. Earlier this month, the UK’s National Cyber Security Centre released an advisory ...

The Evolution of Wi-Fi Encryption and Cracking
By: SLWelty
July 26, 2019

Since 1997, wireless encryption has been a widespread part of wireless access points. These encryption methods allow users to secure their networks with passwords and randomly generated keys. This section explores the history of Wi-Fi encryption, the development of Wi-Fi cracking methods, and how an organization can secure their access points from cracking methods. Wireless networks have quickly become ...

Botnet Structures and Attacks
By: lpark
July 24, 2019

Botnets are a powerful tool for hackers and cybersecurity professionals. Composed of many connected and “infected” devices, botnets are used to carry out user actions on a grand scale. This article explores popular examples of botnets, their structures, and the types of attacks that utilize botnets. Botnets are a popular, alluring option for hackers and cybersecurity professionals across ...

VoIPhreaking: Phone Phreaking for the 21st Century
By: lpark
July 22, 2019

Voice over IP, or VoIP, is an internet technology that relies on online infrastructure to make phone calls. Techniques developed during the frontier days of hacking, phone phreaking, are becoming relevant through VoIP networks. Mobile devices, smart homes, and voice-activated virtual assistants provide many new angles for hackers. This section explores the history of phone phreaking, its evolution ...

Understanding and Preventing Advanced Persistent Threats (APTs)
By: Tatianna
July 21, 2019

Advanced Persistent Threats (APT) are a new type of threat that developed out of standard hacking techniques. APTs are composed of multiple attacks, infiltration, and malware installations through one or many organizations. They are often large in scope and contain many moving parts. This section explores the structure of APTs, famous examples, and methods for preventing APTs ...

Most Frequently Used Mobile Hacking Techniques
By: lpark
July 19, 2019

Mobile hacking is a versatile field that is on the rise, but how do malicious hackers and cybersecurity professionals approach the subject? This section explores the main techniques for the exfiltration of personally identifying information from mobile devices. The latest methods are explained along with methods of detection and prevention. As we’ve discovered in previous sections, mobile ...

The Development of Infrastructure Attacks
By: lpark
July 17, 2019

Hacking and cybersecurity incidents can take on a character of great variation. Anything from a simple prank to a widespread shutdown of essential services is considered “hacking”. The field of cybersecurity can cover a very broad spectrum of activities. Essential services such as water, electricity, waste management, and climate control rely on computers and other digital devices that are ...

Symlink Attacks
By: lpark
July 16, 2019

Every year, new techniques and exploits are developed to compromise websites. Often times, these exploits are used in vulnerability assessments to improve the security of websites and web hosting services. Because of this, major hacks and exploits can be quickly patched and secured against. Hackers and cybersecurity professionals are constantly looking for new exploits, and symlink hacking is one ...

How to ensure employee engagement in security awareness training
By: purvikshah
July 15, 2019

Originally posted on the AwareGO blog. Reprinted with permission. Training | May 9, 2019 | Ragnar Sigurðsson For over 30 years companies have been connected to networks and the internet. And for almost all of that time they have been dealing with cyber security threats. From all this experience one thing has become absolutely certain … The best way to ...