Enhance your DFIR skills by getting your hands on this week's new Sherlock:

• Develop proficiency in analyzing Notepad++ artifacts to trace the creation and modification of files.
• Understand and apply incident response methodologies to determine the extent of the compromise and the steps taken by the threat actors.
• Utilize threat intelligence analysis to understand the potential motives, techniques, and tactics of the threat actor.
• Understand and adhere to established security policies and procedures in handling sensitive data and conducting DFIR activities.

Ready to successfully complete this week’s new defensive addition to your lab?

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.

Discover the newly released content for January within Dedicated Labs. This month, we feature two (2) new Machines ready to be spawned.

Hooked

Hooked is a Windows machine focusing on EDR bypass techniques to mitigate Insecure Design vulnerabilities based on how API hooking can be bypassed by making direct system calls. The goal is to dump user credentials from SAM/SYSTEM hives, which requires bypassing hooking on API calls such as NtOpenKey and NtOpenKeyEx.

Droider

Droider is a machine that showcases a vulnerability, specifically CVE-2024-21633, on a widely used Android Development and Security open-source framework Mobile Security Framework - MobSF. This vulnerability causes Remote Code Execution vulnerability on MobSF.

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.

Are you ready to refresh your DFIR and SOC skills? Practice with this week's two (2) new Sherlocks focused on the latest vulnerabilities.

Sharpen your DFIR skills with Cloudy-D. This Cloud scenario will take you through the recent CVE-2023-49104 vulnerability for detecting and mitigating potential security breaches.

Then, use your SOC skills to understand the Splunk Search Processing Language (SPL) to detect CVE-2023-46214 through GroundZero. Practice by conducting a live analysis of a compromised host and successfully conquer this week’s new defensive additions to your lab.

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.

Discover our enhanced content categorization within the HTB Enterprise Platform for mapping skills to your cybersecurity journey!

Simply put, content tagging enables administrators to understand better how lab content within the platform relates to particular skills, areas of interest, frameworks, vulnerabilities, and more.

Content tagging is affecting many areas of HTB Enterprise Platform by helping members and administrators in multiple ways:

Administrators

• Assign relevant content with ease: Utilizing skills tags, admins filter through content relevant to their team's needs.

• Visualize team progress: Understanding a team’s scenario completion while obtaining a breakdown of progress through skill tags.

• Filter through candidates: Using the skill tags for recruiting optimization, focusing on a pool of candidates that acquire specific skill sets.

Members

• Machine overview: Get visibility on which each Machine enhances skills for building a competitive cybersecurity profile.

• Keep track of achievements and skills obtained: Within “My profile” page, members can view their Machines completion progress as per skill tags.

We have just shipped a couple of important improvements on Starting Point that will provide a better experience for all our platform members.

We have added a more descriptive context for each Tier, highlighting the domains covered by our Machines and the expected learning outcomes upon completion. With this, we aim to direct our beginner audience better when approaching cybersecurity fundamentals.

From now on, platform members won't need to complete the entire Tier to jump to the following ones. We have removed the existing Tier constraint to allow a more self-paced experience: if you feel ready to try a Tier II Machine... Just go for it! 🚀

Looking for more assistance or solutions on completing Challenges?

You can now utilize a new set of write-ups for Reversing Challenges to guide you through a successful conquering.

Take advantage of these guided solutions and get unstuck on any challenge. In case the write-ups are unavailable, make sure your admin has enabled them within your Dedicated Labs “Settings” tab.

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.

Harnessing all feedback from our 2.5 million community of cybersecurity professionals, we are excited to share with you the new Hack The Box updates released over the past three months!

Enjoy an enhanced in-platform experience by exploring our latest updates on:

• Enterprise platform
• Academy for Business
• Dedicated Labs
• Professional Labs
• Capture The Flag events
• HTB Blog

Keep developing your cybersecurity journey and take your team to new heights with these latest releases.

During the holiday season we released a seasonal set of 5 festive-themed Sherlocks called Operation Tinsel Trace, and now you can find this as a path available on Dedicated Labs for your team to access this scenario collection at any time!

Begin your adventure with the first Operation Tinsel Trace scenario and complete them sequentially to become the ultimate defensive cyber hero!

Don’t have access to Dedicated Labs yet? Reach out to your Account Manager or click the button below to explore more.

You might have noticed something new on Hack The Box Academy if you have logged on recently. We have started tracking Streaks! In November 2023, our team launched the Beta version to ease you into a new study habit and reward you for your dedication.

Steaks are exclusive to Hack The Box Academy. It will not apply to other Hack the Box platform offerings. Academy Streaks helps you fit upskilling into a busy schedule by measuring your weekly studying consistency.

This means you will have a goal to meet each week. If you complete this goal within the week, your streak increases by 1! If you fail to achieve the goal in the timeframe, your streak will return to 0.

All you need to know:

• Each week, you will be challenged to complete 30 points. You receive 10 points for each question or section completed within Hack The Box Academy.
• The week starts every Monday (00:00) and ends on Sunday (23:59) CET.
• We don't want you to lose your streak. So, we've incorporated a reminder. We will let you know on the fourth day of the week if you are at risk of losing your streak.
• We are currently working on rewards that studious hackers will benefit from. We are still in beta, but building the rewards structure is on the list!

So, embrace this new challenge, build your streak, and watch your skills and knowledge grow weekly. Here's to a year of remarkable achievements and unwavering dedication in the Hack The Box Academy community!

Ready to jump on your next Mobile Challenge? Now you have the assistance needed. You can use a brand new set of write-ups dedicated to Mobile Challenges as part of our collection of guided materials.

Tackle and get unstuck in any scenario by taking advantage of the range of these guided solutions. To engage with write-ups, ensure your admin has enabled them within your Dedicated Labs “Settings” tab.

Don’t have access to Dedicated Labs yet? Contact your account manager or explore more by clicking the button below.