Cybernetics just got a refreshment 🍹 These were the following updates made on the Cybernetics Pro Labs scenario:

• Updated Write-ups to the current scenario
• Installed Windows updates
• Upgraded NIX Machines
• Installed Exchange Server updates
• Updated Exchange Server Certificates
• Renewed ADFS Certificates
• Adjusted vectors

For further insights into this Pro Lab, visit the Cybernetics page.
​

Dive into this week's trio of new Sherlocks, each spotlighting the latest vulnerabilities. Let’s explore those defensive scenarios together!

Brutus

Enhance your log analysis skills by exploring Unix auth.log and wtmp logs to investigate a Confluence server breach via SSH brute-forcing. Beyond brute-force analysis, you'll uncover insights into privilege escalation, persistence, and command execution.

BTF

Delve into MFT (Master File Table) forensics, mastering tools and techniques to analyze MFT artifacts for malicious activity. Utilizing MFTECmd, TimeLine Explorer, and a Hex editor, you'll parse MFT files, analyze results, and recover file contents.

Unit42

Learn to navigate Sysmon logs and leverage key EventIDs to detect and analyze malicious activities on Windows systems. Inspired by Palo Alto's Unit42 research on an UltraVNC campaign, you'll explore the initial access stage of the attack and gain valuable insights into threat detection and analysis.

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.

New month, new features! Take a look at the freshly launched functionalities for Capture The Flag (CTF) Challenges that boost our enhanced event management features for managers and members!

Administrators

• Add & remove Challenges

This functionality allows administrators to independently adjust the list of Challenges according to their preferences, regardless of the CTF pack they have purchased.

Tailoring CTF Marketplace packs to specific needs and goals, ensures the event Challenges remain aligned with changing objectives or participant skill levels.

This self-serve feature streamlines the delivery and preparation for events without contacting HTB Delivery Team.

• Search and filter Challenges

Discover, filter, and find challenges are now made effortlessly with our advanced search and filter functionality. Admins can explore with ease, refine their results, and locate exactly what they are looking for in no time.

Simple steps to access those features:

1. Go to “Admin Panel”
2. Click on “Manage” next to the CTF event you wish to alter
3. Click on the “Challenges” tab
4. Choose filters or search to find the Challenges that match your goals
5. “Add” or “Remove” Challenges accordingly to create your custom-made event pack

Members

• Status update for Challenges

CTF participants can now update the status of each Challenge by choosing one of the available options, a functionality that fosters seamless collaboration, communication, and alignment between team members.

• CTF Notifications

This feature allows members to access real-time updates on team and event activity.

We released the following updates on Cybernetics Professional Lab, always aiming to keep our most complex scenarios up-to-date and relevant to the threat landscape:

• Updated write-ups
• Installation of Windows updates
• Upgrade of NIX Machines
• Installation of Exchange Server updates
• Updated Exchange Server Certificates
• Renewed ADFS Certificates
• Adjusted vectors affected by updates

You can find those updates on “Changelog” tab within the Cybernetics page.

Don’t have access to Professional Labs yet? Contact your Account Manager or hit the button below to unlock more.

Uncertain about which Sherlock is the perfect fit for you? 🤔
​
Now, you can browse and refine Sherlocks based on your preferred difficulty level and category.

You can also utilize the search bar if you already have a particular Sherlock in mind!

Dive deep into the world of digital forensics with Jugglin, the new intermediate defensive lab just released on Dedicated Labs.

Your mission is to analyze .apmx64 files using API Monitor to uncover the actions of both an attacker and an insider threat within the Forela organization.

Jugglin is about gaining valuable insights into threat detection and digital forensics, equipping you to safeguard organizations against cyber threats with confidence and precision.

Don’t have access to Dedicated Labs yet? Contact your Account Manager or hit the button below to unlock more.

The addition of Carson (new Sherlock scenario) marks the 50th defensive lab released on HTB Enterprise Platform.

In this Sherlock scenario, you'll step into the shoes of a digital forensics investigator tasked with resolving a critical incident involving the WeButler software suite.

Your mission? To investigate why the client is unable to log into the web interface and restore access to their website.

Main learning outcomes to be expected:

• Increased understanding of Digital Forensics
• Practical experience in responding to security incidents

Don’t have access to Dedicated Labs yet? Contact your Account Manager or hit the button below to unlock more.

Ready to try out the new exclusive Machines and sharpen your skills in different areas of cybersecurity?

CityOfRock

A very easy Linux Machine that will challenge you with an authentication bypass and a Remote Code Execution vulnerability (CVE-2024-27198) in JetBrains TeamCity.

As you navigate through broken authentication and authorization issues, you will learn and master vulnerability assessment techniques, and dive into the world of web application security. Can you overcome this critical challenge with a CVSS base score of 9.8?

Borealis

Get ready to showcase your security operations skills by taking on an easy Windows machine. The focus is on EDR bypass techniques.

Your goal is to remotely crash the Windows Event Log service on the Domain Controller, evade detection, and establish an SSH connection with GSSAPI authentication.

Don’t have access to Dedicated Labs yet? Contact your Account Manager or hit the button below to unlock more.

Enjoy a new level of convenience with our freshly released Dashboard page, which lets you access features in just one click!

The revamped Dashboard is designed to make navigating the platform a breeze, allowing you to:

• Get easy access to all the key actions and information tailored to your user role.
• Get up to speed with your upskilling journey having a glimpse of your progress, exploring labs, and checking out how you stack up against the best.

Dive into the exciting world of Digital Forensics with the new Sherlock BOught, just added to Dedicated Labs.

BOught is a challenging DFIR scenario focused on Windows systems, the perfect choice for both teams and individuals looking to perform forensic analysis.

Imagine a non-technical client who purchased a used computer online, only to encounter mysterious internet connectivity issues including random "Server Not Found" errors and video streaming woes. The Windows troubleshooter yields no clues, leaving you to unravel the mystery.

Don’t have access to Dedicated Labs yet? Contact your Account Manager or hit the button below to unlock more.