Cyber Resilience Advisors
Welcome to your community. Here, you can converse and ask questions to expand your knowledge of cyber and get the most out of the platform. The title of this post is "Cyber Resilience Advisors." So, what are they, and how do they help? A Cyber Resilience Advisor is a professional who guides organizations in developing and managing their cybersecurity workforce. They may assist with strategy development, talent acquisition, career development, performance management, and training for cybersecurity roles. Their ultimate goal is to ensure the organization has a highly skilled, competent, and effective cybersecurity team to protect against and respond to cyber threats. So, what am I telling you this? Immersive Labs has a multitude of SMEs across a broad spectrum of skills and professions with whom you can interact and ask questions as part of the community. I am a Cyber Resilience Advisor and part of the Cyber Resilience Team. We are on here as well. It is a cliche, but in cyber, we really are in this together; we gain security through knowledge, and here is the perfect vehicle to gain that in conjunction with the platform. I look forward to joining you all in the community and helping make your cybersecurity visions a reality, regardless of your skill sets and experience. As a community, we can accomplish anything. Clem Craven
Help needed for Threat Hunting - Credential Access
Hey! I'm not sure if this is the right place to seek help for labs but I've been trying this lab for the longest of time and could not get the answer for this question. OfficeSupplies.7z felt the most suitable as it was the zip file that the creds were stored. Any help or advice on the approach is appreciated!Take part in Immersive research: AI Chatbot in labs
📢 We would love to hear your opinions on a new AI Chatbot concept within our labs. Can you spare an hour to come along to a research call? During the call, you will be asked to undertake a lab on our test environment, using the AI chatbot to assist. We will then ask for feedback on your experience. You will need to attend the call on a laptop or desktop (no tablets or phones) and be able to share your screen throughout. The session will be recorded and will take place using Google Meet. Upon completion of the session, you will receive a £50 eGift card (or local currency equivalent). Sessions are taking place August 12-14th. 🗓️ Sign up at a time that is convenient for you, using this booking form..
How to use Immersive cyber ranges for cyber threat research?
Want to know how to take advantage of the cyber ranges platform to do malware and adversary research in a sandboxed environment? In this post, I’ll walk you through how to get access to the Heimdall Detection Engineering template for CTI so you can do just that! The Heimdall template is a domain-joined range that contains workstations, a domain controller, and security tooling that you’d ordinarily find in a real network. The purpose of this template is to enable cyber threat research, where you can launch attacks and malware, capture indicators of compromise through tools like Velociraptor, a SIEM network packet capture tool, and some analyst workstations with a bunch of analysis and reverse engineering tools. With that said, let’s get started. Firstly, you’ll need to go to the cyber ranges sign-up page and sign up with a name and email address. After hitting “Sign up”, you’ll need to go to your email and find the confirmation email to get your credentials, then go back to the cyber ranges website and log in with your new credentials. After signing in, you’ll be in the main ranges dashboard. You’ll need to connect your own Amazon Web Services (AWS) account to use ranges, as provisioning machines will cost money for every hour that they are active or stored. Once you’ve connected your AWS account, you can then go to “Range Templates” and launch the Heimdall range.
CVE-2022-29799/CVE-2022-29800 (Nimbuspwn) – Defensive
Hello community, I can't find the answer to these question I tried using the Sigma file provided in the lab to query Splunk it returned no events. I also tried doing custom queries with using similar strings. But I never got the correct answers Any helpis appreciated. Thanks
