Recent blog posts

Understanding the LockBit Ransomware Breach
SBT Content Engineers 02/06/2025

Understanding the LockBit Ransomware Breach

The recent LockBit ransomware breach saw attackers deface its affiliate panel and leak an SQL database, exposing victim data, negotiation tactics, and operational missteps. It explores ties to the Everest hack, LockBit’s RaaS model, and affiliate errors, offering a glimpse into the group’s vulnerabilities.

Meet João Rodrigues: SBT’s Director of Web Shaping Our Digital Future
Duncan Whitley 30/06/2025

Meet João Rodrigues: SBT’s Director of Web Shaping Our Digital Future

We’re thrilled to introduce João Rodrigues, Security Blue Team’s Director of Web, a driving force behind the secure, seamless platforms that define our cybersecurity training experience. For those familiar with João through his pivotal work on our BTLO platform or his involvement in SBT’s CTF events, this is a fresh...

All posts

Journey Through Time: Exploring the Evolution of CVSS Over the Years
Joshua Beaman 22/02/2024

Journey Through Time: Exploring the Evolution of CVSS Over the Years

CVSS, or Common Vulnerability Scoring System, is a standardized framework used to assess and communicate the severity of software vulnerabilities. It provides a numerical score representing the vulnerability’s potential impact, helping security professionals and organizations prioritize their responses to different security threats.

Cracking the Code: Exploring the Power of CVSS 4.0
Joshua Beaman 22/02/2024

Cracking the Code: Exploring the Power of CVSS 4.0

The Common Vulnerability Scoring System (CVSS) is a standardized framework used to assess and quantify the severity of security vulnerabilities in software or systems. Version 4.0 of CVSS was officially released on November 1, 2023, by FIRST.

ChatGPT for Offensive and Defensive Cybersecurity
Melissa Boyle 21/02/2024

ChatGPT for Offensive and Defensive Cybersecurity

There has been a lot of talk recently about ChatGPT and its implications for a wide range of industries. Potential applications are vast, including creative design, technical writing, and programming. In this article, we will explore some of the potential applications within the realm of cybersecurity — as well as...

Lace Tempest: SysAid On-Prem Software CVE-2023–47246 Vulnerability
Joshua Beaman 21/02/2024

Lace Tempest: SysAid On-Prem Software CVE-2023–47246 Vulnerability

In this blog post, we’ll investigate the fascinating details regarding CVE-2023–47246 SysAid On-Prem Software Vulnerability and uncover how attackers are compromising endpoints. This blog will also discuss how Lace Tempest weaponizes GraceWire Loader or Turtle Loader, and how to recognize the indicators of compromise (IOCs) from active exploitation.