How CTFs shape cybersecurity talent development
Capture The Flag (CTF) events are a fun, gamified, and engaging way to test your team’s mettle against technical cybersecurity challenges. […]
Read More →Category: Learning Ethical Hacking
You’re now part of an inside job! Season 6 brings you into the world of heists
The last anomaly to escape its enclosure is shuttered by a massive blast door, as you’ve managed to bring Haymaker back […]
Read More →
How CISO roles have evolved with GRC
CISOs wear many hats, including managing the company’s cybersecurity-related Governance, Risk, and Compliance (GRC) program. However, as cybersecurity and data protection […]
Read More →
Unveil the Secrets of AI/ML Attacks to Conquer Hack The Box’s New Challenge Category
As part of Hack The Box’s (HTB) mission to provide our community with relevant content and stay on top of up-and-coming […]
Read More →
How to apply the MITRE ATT&CK framework to your cybersecurity strategy
What is the MITRE ATT&CK framework? The MITRE ATT&CK framework is a knowledge base of cyber attacks based on real-world attack […]
Read More →
5 secret confessions from cybersecurity professionals
Cybersecurity is an industry that is often shrouded in mystery. But what is it really like for those of us working […]
Read More →
Asterios’s journey into data engineering
Step into the vibrant world of the Humans of HTB (HoH), your behind-the-scenes glimpse into the growth of our talented team […]
Read More →
How to assess a candidate’s technical skills with HTB
Having worked for over 13 years in information security consulting, I’ve had my fair share of experience hiring and being involved […]
Read More →
Hack The Box returns to Las Vegas for Black Hat USA 2024
Black Hat USA is returning to Las Vegas on August 7 and 8, and so is the Hack The Box team. […]
Read More →
a deep dive into crafting simulated cyber attacks
Investing time and separating reality from fiction is critical to preparing for threats and dealing with a common feeling of uncertainty […]
Read More →
CVE-2021-41773 explained
What is CVE-2021-4177? CVE-2021-41772 is a path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49. It was reported by […]
Read More →
AS-REP roasting detection
Welcome to part two of a special series on detecting Active Directory attacks & misconfigurations. Each blog post dives deep into […]
Read More →
How a technical pro can become a CISO (Chief Information Security Officer)
Forging a path to sit on the board as a Chief Information Security Officer (CISO) can be a long-term goal for […]
Read More →
4 steps to implement a skill-based candidate assessment strategy
The industry doesn’t need more candidates, the industry needs more qualified candidates. However, agreeing on what “qualified candidates” means is where […]
Read More →
HTB’s commitment to inclusion and diversity
Cybersecurity teams are made of individuals with diverse skills and experiences, who combine forces to address complex industry challenges. It involves […]
Read More →
Dissecting Cuttlefish Malware (Attack Anatomy)
The Cuttlefish Malware is a recent zero-click malware variant identified and analyzed by Lumen Technologies’ Black Lotus Labs, who publicly reported […]
Read More →
How to exploit and defend against them
This post is based on the Hack The Box (HTB) Academy Web Attacks module. This module covers three common web vulnerabilities, […]
Read More →
Kerberoasting attack detection
Welcome to part one of a special series on detecting Active Directory attacks & misconfigurations. Each blog post dives deep into […]
Read More →
Alexandra’s journey into product management
Step into the vibrant world of the Humans of HTB (HoH), your behind-the-scenes glimpse into the growth of our talented team […]
Read More →
New research reveals that cybersecurity burnout costs US enterprises over $626 million annually and UK enterprises over £130 million annually
Cybersecurity and infosecurity professionals say that work-related stress, fatigue, and burnout are making them less productive, including taking extended sick leave […]
Read More →
The rise of risk-aware developers (and how to create one)
Attackers and cyber criminals are lurking around the internet looking for the weakest prey. They seem to have found one: developers. […]
Read More →The rise of risk-aware developers (and how to create one)
Attackers and cyber criminals are lurking around the internet looking for the weakest prey. They seem to have found one: developers. […]
Read More →
Building new skill sets for NIST CSF 2.0
The NIST CSF is a cybersecurity standard that has been successful beyond all expectations. Originally published in 2014 to guide U.S. […]
Read More →
18 cybersecurity statistics from HTB (AI threats to career worries)
Staying on top of the latest cybersecurity trends is essential for industry professionals to defend against the latest threats. But let’s […]
Read More →
The Vault of Hope recap
Hack The Box’s (HTB) highly anticipated Business Capture The Flag (CTF) event gets bigger and better every year, with 2024’s event […]
Read More →
How to launch a bug bounty program (a security leader’s guide)
The more lines of code your application has, the more space for bugs to hide in. Bug bounty programs enlist the […]
Read More →
How cyber workforce assessments boost business-critical operations
Back in 2021, the team at Toyota Motors North America reached out to us with a challenge. We discovered after a couple […]
Read More →
A step-by-step guide to crafting an incident response plan
This post is based on the Hack The Box (HTB) Academy modules on Security Incident Reporting and Incident Handling Processes. These […]
Read More →
Hack The Box unveils official Channel Partner Program, revolutionizing cybersecurity performance
Hack The Box (HTB), the Cyber Performance Center that provides a human-first platform to create and maintain high-performing cybersecurity individuals and […]
Read More →
CVE-2022-29464 (WSO2) explained
What is CVE-2022-29464? CVE-2022-29464 is a set of vulnerabilities that allows unrestricted file upload, directory path traversal, and remote code execution […]
Read More →
5 Windows event log analysis tools (for beginner blue teamers)
This post is based on the Hack The Box (HTB) Academy module on Windows Event Logs & Finding Evil. The module […]
Read More →
Unveiling the heroes that grow HTB’s business community: Our Sales team!
How does it feel to work within the Sales team of Hack The Box? Allison Jones, Federal Account Executive at Hack […]
Read More →
5 proactive steps for GRC
Any use of AI comes with potential risks, especially as providers are still working out the kinks. As companies and their […]
Read More →
Proactive security tactics for high-performing cyber teams
“How proactive is your security strategy?” This seems to be the new hot question, with an emphasis on the keyword: proactivity. […]
Read More →
7 reasons why your team should join HTB Business CTF 2022
July 15 is just around the corner and Business CTF 2022, the biggest (and only) CTF competition for corporate teams, is […]
Read More →
Reliving the epic intergalactic chase
Keeping the galaxy safe has never been an easy task, but hackers are always up for a challenge. They came to […]
Read More →
Break the Bias: Celebrating Women in Cybersecurity
March is Women’s History Month and on March 8th, we celebrate International Women’s Day! This year’s theme is #BreakTheBias, with a […]
Read More →
Start Cybersecurity Awareness Month with Our New Starting Point
It’s October! You know what that means? It’s Halloween at the end of the month, and people will assume that I’m […]
Read More →
Five Dangerous Phishing Scams
Phishing scams can be very destructive cyber attacks. Every use of computer technology to do deliberate harm is a cyber attack, […]
Read More →
Cybersecurity Awareness Month 2022: Hack The Boo
How many of us take the time to stay safe and secure from the ongoing cyber threats and data breaches that […]
Read More →
New Hack The Box CTF Platform
At Hack The Box, we have been delivering and organizing CTF events for our community, partners, and clients since 2017, always […]
Read More →
Hack The Box & HackerOne Teaming Up To Educate New Bug Bounty Hunters
It is a great moment for all hackers around: Hack The Box and HackerOne are teaming up to provide a new, innovative Bug […]
Read More →
Hack The Box is now available on the General Services Administration via SIXGEN
Hack The Box is pleased to announce SIXGEN, a provider of world-class cybersecurity services designed to protect government organizations and commercial […]
Read More →
From poker player to Senior Pentester at Oracle: Jeremy’s journey into cybersec
Jeremy Chisamore’s journey into cybersecurity is inspirational! From stockbroker to professional poker player to high-end gaming PC salesperson (selling to celebs […]
Read More →
How to pitch HTB to your professor
Over 840 universities use Hack The Box (HTB) to cultivate market-ready cyber skills in students. This results in higher average graduate […]
Read More →
Beat SOC analyst burnout with better L&D
Effective workforce development programs are a powerful ally for battling burnout. In our Cyber attack readiness report, we found that 62% […]
Read More →
HTB’s open letter response to the DoD cyber strategy
The 2023 Defense Department Cyber Strategy places a significant emphasis on supporting partner engagement and building cyber capacity among U.S. allies […]
Read More →
Customer Story: Toyota
Toyota has been a part of the cultural fabric in North America for more than 60 years and is committed to […]
Read More →
How HTB scaled high-quality training for hundreds of consultants
Disclaimer: These are real results from a Hack The Box customer who wishes to remain anonymous. A global leader in software […]
Read More →
Easi empowers Purple team training while decreasing onboarding times by 40%
Easi is a European IT services partner with over 400 employees, including a dedicated Red and Blue team. Founded in 1999, […]
Read More →