Breaking into cybersecurity can feel overwhelming when most certifications expect experience before you’ve even started. BTL1 takes a different approach, focusing on hands-on defensive security skills and real-world SOC scenarios designed for beginners. This post breaks down what BTL1 teaches, who it’s best suited for, and whether it’s the right...
Locked Shields is as close as it gets to a real-world cyber war without it actually happening. This post breaks...
SOC metrics like alerts triaged and threats detected only tell part of the story, especially in financial services where performance...
Meet Jo Morley, Security Blue Team’s Marketing Director, who leads campaigns, content, and growth initiatives across B2B and B2C. She shares her passion for practical learning, the energy of a fast-growing company, and how her 30+ years of marketing experience helps position SBT for its next stage of development.
Have you ever needed to transfer data from one computer to another but found yourself blocked by strict security policies? Perhaps you cannot connect any USB devices, most of your programs (including PowerShell and Command Prompt) are disabled, and internet access is heavily restricted.
Picture a team diving into a winter wonderland where snowmobiles hunt the Northern Lights, huskies charge through snowy trails, and drinks come in glasses chiseled from ice. That’s what SBT got up to during our annual Global Connect, a company get-together that took us from Stockholm to the icy wilds...
From understanding the foundations of ransomware to engaging in negotiation simulations, students will gain practical insights into managing cyber extortion scenarios.
This blog series will explore Security Blue Team's adventure into the reverse engineering of a novel SmartLoader malware variant. This malware was discovered during our research into Belsen Group's high-profile FortiGate leak. This leak was advertised as containing a list of affected companies with associated configuration data from their FortiGate...
We need a suitable environment to detonate the malware in a repeatable fashion. This environment should allow us to substitute our mock APIs and host to ensure the malware operates as close to real as possible.
The Black Basta ransomware gang recently made headlines for all the wrong reasons when someone using the online handle “ExploitWhispers” shared internal chat logs of the group with the public — close to a year’s worth of messages in a JSON file.
