Get to know Duncan Whitley, one of Security Blue Team’s Marketing Executives, who creates blog posts, newsletters, emails, and ads to deliver genuinely useful cybersecurity content. From a background shaped by gaming and technology to a career in marketing, Duncan shares why he values clear, helpful communication and enjoys seeing...
Security Blue Team started from a simple frustration: the gap between academic learning and real SOC work. What began as...
Ranked #2 on G2 for cybersecurity training with a 4.8 rating. See how hands-on, real-world learning helps SOC teams and...
Ransomware attacks rarely happen all at once. They follow a series of stages that unfold over time, from initial access to data exfiltration and encryption. Understanding this lifecycle helps analysts spot threats earlier, respond more effectively, and focus on the stages where intervention makes the biggest difference.
Knowing what log data to collect and where to collect it from is key to gaining a comprehensive view of your environment and, in turn, enhancing security. Let's examine further.
Yesterday’s global IT outage, caused by a faulty update from CrowdStrike caused thousands of Windows hosts to experience a Blue Screen of Death (BSOD).
In this article, we will explore the thought of utilizing PowerShell in cybersecurity. Is it a MUST or a bust? Before you jump to a conclusion, please, read the information provided in this blog. Then, truly, you can determine if this is for you or not. Let’s dive right into...
Three busy days, one full van of merch, and nearly £50k worth of training given away. Infosec Europe may have been a couple of weeks ago, but we’re still buzzing!
Are you seeking resources to understand and make the best use of Splunk? Well, you are at the right place. This blog aims to guide you through the essentials of Splunk, including the practical use of Search Processing Language (SPL queries).
In this blog post, we will discuss a technique often employed by red teamers and threat actors during the lateral movement stage of the cyber kill chain, called RID hijacking.
