Browse the Full Catalog
Cybrary has the fastest growing, fastest moving catalog - We publish new content weekly! Learn at your own pace - with flexible learning, you can build your skills whenever, wherever.
The content and tools you need to build real-world skills
Rapidly develop your skills via an integrated, and engaging learning
experience on the Cybrary platform.
On-Demand Video Training
Expert instructed from industry leaders
Virtual Labs
Hands on experience to apply and reinforce newly learned skills
Practice Exams
Prepare for industry certifications
Assessments
Gauge your skill development and see real-time progress
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Systems Security Certified Practitioner (SSCP)
Obtaining your SSCP certification signifies that you possess the ability to tackle the operational demands and responsibilities of security practitioners, including authentication, security testing, intrusion detection/prevention, incident response and recovery, attacks and countermeasures, cryptography, malicious code countermeasures, and more.
CompTIA CySA+ (CS0-002)
The CompTIA Cybersecurity Analyst (CySA+ CS0-002) certification prepares you to identify and combat malware, advanced persistent threats (APTs), and other attacks that threaten an organization’s security. Enroll now to gain hands-on training as you build your skills in threat and vulnerability management, incident response, and more.
CompTIA IT Fundamentals
This CompTIA IT Fundamentals course is aimed at people considering a career change to IT. The course will prepare you to take the CompTIA IT Fundamentals certification exam. If you are new to IT this course is prerequisite knowledge that allows you to tackle the more advanced A+ and Network+ CompTIA certifications that many IT professionals hold.
CertNexus Cybersec First Responder
Prepare for the CertNexus Cybersec First Responder (CFR-410) exam! If you're an IT professional seeking to enhance your response to events involving networking, application security, and cloud environments, then this course is for you. Gain insights on zero-day exploit identification, log management, and more.
CISM Certification Course & Training
A CISM certification shows you have an all-around technical competence and an understanding of the business objectives around data security. Our CISM training helps you understand the core concepts required of a security manager, and prepare you for the CISM exam. There are no prereqs for this course, but the exam requires five years of experience.
AZ 900 Azure Fundamentals Certification Course & Training
This Microsoft Azure Fundamentals (AZ-900) course is designed to prepare non-technical professionals to use cloud-based solutions and services such as computing, storage, networking and security to power their organization’s processes. This course is an excellent way to prepare for the AZ-900 certification exam. No prerequisites required!
AZ-305 Designing Microsoft Azure Infrastructure Solutions
Take your cloud architect career to the next level with this advanced AZ-305 course, where you will learn to design infrastructure solutions in Microsoft Azure. Learn best practices related to governance, application-architecture, storage, data integration, and more. You will use case studies to determine the best solution for a given scenario.
AZ-500 Microsoft Azure Security Technologies
Azure security engineers are responsible for protecting against vulnerabilities, implementing threat protection, and responding to incident escalations. In this AZ-500 course, you will learn the cloud-based security skills needed to protect hybrid environments. This course also prepares you for the AZ-500 certification exam.
CompTIA CASP+ (CAS-004)
Established IT professionals can level up by obtaining their CompTIA Advanced Security Practitioner CAS-004 CASP+ certification. Stand out among your peers with this CASP training that covers enterprise security, risk management, applied cryptography, system and network security, identity management, incident response, and emerging technologies.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Popular
Foundations
IT & Cybersecurity Fundamentals Certification Prep & Courses
Get everything you need to start your cybersecurity career journey, and stop wasting your time (and money) sorting through unreliable information from questionable sources.
While this industry offers very lucrative career opportunities, finding accurate, relevant information to break into the field can be incredibly frustrating. That’s why we’ve crafted this IT and Cybersecurity Foundations path, featuring thoughtful, bite-sized content from expert instructors covering core concepts found across all cybersecurity roles.
These instructors have helped thousands of other beginners grasp essential IT and cybersecurity topics. Get ready to take your first steps into cybersecurity by diving into core concepts needed for any cybersecurity role. Build practical skills and gain confidence as you begin your cybersecurity journey.
Risk for Managers
Cyber Defense Forensics Analyst
Cyber Defense Incident Responder
Technical Support Specialist
Defensive Security
Incident Handler Courses, Training & Career Path
In this Career Path, you will learn the incident response process, from building an incident response kit and developing an incident response team, to identifying, containing, and recovering from incidents. We then steer away from a traditional “defensive-only” approach to introduce you to the attacker’s world.
Exploitation Analyst
Vulnerability Assessment Analyst
Offensive Security
Career Path
Practitioner Popular
Penetration Tester Certification Prep, Courses & Training
Last year, penetration testers ranked as one of the three most in-demand jobs in the growing cybersecurity job market. To become a penetration tester, a college degree is not necessary since it’s a skills-based profession. Employers want professionals who can demonstrate the required skills, regardless of education. Cybrary offers realistic, virtual lab environments where you will gain real-world, hands-on skills you will use as a penetration tester.
CompTIA
MITRE Engenuity
Cyber Defense Analyst
Cyber Defense Incident Responder
Executive Cyber Leadership
SOC Analyst, Level 3 Certification Prep, Training & Courses
This Career Path is for a Security Operations Center Analyst (SOC Analyst). This particular Career Path covers a more advanced-level SOC role. As a SOC Analyst, your primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. That means that you are responsible for protecting both online and on-premise infrastructures, monitoring data to identify suspicious activity, and identifying and mitigating risks before there is a breach. In the event that a breach does occur, a SOC analyst will be on the front line, working to counter the attack.
Cyber Defense Analyst
Cyber Defense Incident Responder
Defensive Security
Career Path
SOC Analyst, Level 2 Certification Prep, Training & Courses
This Career Path is for a Security Operations Center Analyst (SOC Analyst). This particular Career Path covers a more intermediate-level SOC role. As a SOC Analyst, your primary duty is to ensure that the organization’s digital assets are secure and protected from unauthorized access. That means that you are responsible for protecting both online and on-premise infrastructures, monitoring data to identify suspicious activity, and identifying and mitigating risks before there is a breach. In the event that a breach does occur, a SOC analyst will be on the front line, working to counter the attack. This career path is aligned to the Cyber Defense Incident Responder NICE/NIST Work Role.
Cisco
Network Operations Specialist
Target Network Analyst
Career Path
Entry Popular
Network Engineer Certification Prep, Courses & Training
You have chosen a fantastic career in network engineering. More than 8 million network engineering jobs exist and it’s growing. On this career path, you will learn how to protect, administrate, and build best-in-class networks. Master management of systems performance, troubleshoot and diagnose network issues, understand infrastructure protocols, application and transport to empower organizations to scale securely. Cybrary’s trademark virtual lab environments provide students with real-world, hands-on skills and provide experience with today’s latest tools and technologies.
In our community, you will be guided by the top experts in network engineering. We have more than 40 mentors, including our Chief Mentor Mark Nibert, who manages a network operations center for the US government. You will be learning with more than ten thousand community members that are all building their careers in the cybersecurity and technology space. As you grow your career, you will now have a network of people that will help you continuously.
Cyber Defense Analyst
Security Architect
Certified Cloud Security Professional (CCSP)
Certified Information Systems Security Professional (CISSP)
SC-200: Microsoft Security Operations Analyst
Cybersecurity Engineer Training, Certification Prep & Courses
In this career path, you will learn what it takes to become a Security Engineer, a role in the highest demand with 57,000+ job openings according to cyberseek.org. Learn to resolve production security issues, configure and manage firewalls and intrusion detection systems (IDS), investigate incidents, perform forensics and run incident responses.
Cybrary offers practical, virtual lab environments specific to Cyber Security Engineering that will help you gain real-world, hands-on skills with the industry’s latest tools and technologies.
Microsoft Azure
Cloud
Cloud Fundamentals
Microsoft Azure Administrator (AZ-104)
Microsoft Azure Architect Design (AZ-304)
Azure Cloud Engineer Certification Prep, Courses & Training
This Azure Career Path provides a structured curriculum with specialized learning activities that will give you real-world training to become a successful cloud engineer in Microsoft Azure. In this career path, you will learn about cloud computing, cloud infrastructure, networking services, cloud security, virtual machines, and more while preparing you for multiple certifications like the Microsoft Azure AZ-900, Microsoft AZ-104, and Microsoft AZ-500.
Once you enroll in Cybrary’s Microsoft Azure Cloud Engineer career path, you will be learning alongside ten thousand community members who are all building their career in the cybersecurity, IT, and cloud space. As you grow your career you will now have a network of people through Cybrary who will help you continuously.
Authorizing Official/Designating Representative
Enterprise Architect
Executive Cyber Leadership
Security Architect
Leadership and Management
CISO Certification, Training & Career Path
Taught by CISOs for CISOs, this Career Path will provide you with a structured curriculum with specialized learning activities that will give you real-world training on how to become a successful CISO in the ever-changing security field. You will learn about corporate cybersecurity management, NIST 800-53 security and privacy controls, business continuity and disaster planning, enterprise security case management, and numerous competencies of the effective CISO.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
CIS Critical Security Control 6: Access Control Management
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 6: Access Control Management, you'll demonstrate how to enable Multifactor Authentication (MFA) on a Linux server and define role-based access controls.
Lateral Movement: Remote Desktop Protocol (RDP)
T1021.001 is a comprehensive course that delves into the realm of lateral movement and remote services, with a particular emphasis on Remote Desktop Protocol (RDP). This course aims to equip students with a thorough understanding of RDP, its implementation, and the potential security implications of its use.
Valid Accounts: Local Accounts
Threat actors often leverage valid accounts to gain unauthorized access to target systems and networks. T1078.003 is a focused course designed to provide participants with a deep understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.
Protocol Tunneling
Maintaining privacy and security has become increasingly vital for both individuals and organizations. T1572/T1573 is a comprehensive, hands-on course designed to equip participants with in-depth knowledge of protocol tunneling and encrypted channels - two critical techniques for secure and covert communication.
Exfiltration Over Alternative Protocol: Asymmetric Encrypted Non-C2 Protocol
Threat actors often leverage valid accounts to gain unauthorized access to target systems and networks. T1078.003 is a focused course designed to provide participants with a deep understanding of local accounts and their exploitation to further the objectives of an adversary in a cyber operation.
CIS Critical Security Control 3: Data Protection
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 3: Data Protection, you'll practice configuring data access control lists. Plus, learn how to deploy a data loss prevention solution and encrypt data on both end-user devices and removable media.
Comptia Security+ Certification Course & Training
Ready to start your cybersecurity journey? The CompTIA Security+ SYO-601 credential is one of the most essential certifications in the world of information security today. Learn about essential introductory security and risk management concepts from world-famous cybersecurity instructor, Kelly Handerhan.
AZ-104 Microsoft Azure Administrator
Looking to enhance your experience with Azure administrative cloud technologies and solutions? This Microsoft Azure AZ-104 Certification training course will help you pass the exam and confidently administer basic Azure solutions such as web servers, networking solutions, storage solutions and cloud environment monitoring.
Cybrary Challenges
Cybrary Challenge: Motor Mayhem
In this challenge, you will take on a CAN Bus challenge by analyzing a CAN Bus dump file. The Controller Area Network (CAN bus) is a message-based protocol found in the automobiles that we use today. Every action of the car is recorded into this dump file. This allows us to read vehicle operations such as turn signals and other vehicle operations.
Cybrary Challenges
Cybrary Challenges
Challenge: Memory Mysteries
In this challenge, you will take on a memory forensics challenge by analyzing a dump file. Memory forensics is an important piece of evidence when conducting a forensics investigation. Unique insights such as network connections and injected processes can be found through memory analysis.
Cybrary Challenges
Cybrary Challenges
Cybrary Challenges
Cybrary Challenges
Challenge: Between Two Numbers
In this challenge, you will take on a reverse engineering challenge by analyzing a binary file. Malicious attackers will always use malware or custom binary files to execute their goals. The goal is to show from an analyst point of view (POV) how to do basic file analysis.
Cybrary Challenges
Challenge: Saving A Fellow Spy
You will take on a cryptography challenge in this challenge by decrypting intercepted encrypted messages. Malicious attackers use cryptography to their advantage for attacks and remaining undetected. The goal is to show how attackers can effortlessly embed data within messages to hide their activity.
Cybrary Challenges
Challenge: Space Mission
In this challenge, you will take on a cryptography challenge by decrypting intercepted encrypted messages. Malicious attackers use cryptography to their advantage for attacks and remaining undetected. The goal is to show how attackers can effortlessly embed data within messages to hide their activity.
Cybrary Challenges
Challenge: A Message Within A Message
In this challenge, you will take on a cryptography challenge by decrypting intercepted encrypted messages. Malicious attackers use cryptography to their advantage for attacks and remaining undetected. The goal is to show how attackers can effortlessly embed data within messages to hide their activity.
Cybrary Challenges
Challenge: Don't Believe What You Hear
In this challenge, you will take on a Steganography challenge identifying embedded data within an audio file. Malicious attackers use Steganography for attacks such as macro-enabled Word documents, to conceal covert communication, and more. The goal is to show how attackers can effortlessly embed data within files to hide their activity.
Cybrary Challenges
Challenge: Chatting with ChatGPT
In this challenge, we will take a different approach and dive into the world of AI technology. By completing this challenge, you will learn more about ChatGPT, how it works, its capabilities, and its limitations. As cybersecurity professionals, it is essential to adapt to the ever-changing technology and security landscape.
Cybrary Challenges
Challenge: Saving a Fellow Monster
In this challenge, you will take on a Steganography challenge identifying embedded data within an image. Malicious attackers use Steganography for attacks such as macro-enabled Word documents, to conceal covert communication, and more. The goal is to show how attackers can effortlessly embed data within files to hide their activity.
Cybrary Challenges
Challenge: Gobble Gobble Conceal & Deceive
In this challenge, you will take on a Steganography challenge identifying embedded data within an image. Malicious attackers use Steganography for attacks such as macro-enabled Word documents, to conceal covert communication, and more. The goal is to show how attackers can effortlessly embed data within files to hide their activity.
Cybrary Challenges
Cybrary Challenges
Cybrary Challenges
Challenge: For the Rebellion or the Empire
This challenge will have you analyze traditional Registry artifacts to identify unauthorized activity. The goal is to see from a blue teamer's point of view the actions an unauthorized user may take on a victim's system when there are inadequate security controls in place.
Cybrary Challenges
Challenge: Update B4 It's 2Late
National Cybersecurity Awareness Month has four themes; the last being 'Update Your Software.' This challenge will have you analyze a log and identify a web application attack. The goal is to piece together the narrative from the suspicious requests and understand how attacks like these can happen when you do not update your software.
Cybrary Challenges
Challenge: MFA ... All Day Every Day
National Cybersecurity Awareness Month has several themes, one of which is Multi-Factor Authentication (MFA). This MFA challenge will have you analyze a log and identify the potential MFA attack. The goal is to review suspicious requests and identify how MFA can be attacked in real-world use cases.
Cybrary Challenges
Challenge: Password123
National Cybersecurity Awareness Month has several themes, one of which is Password Complexity Awareness. This password challenge will have you analyze a password and validate if it is secure. The goal is to attempt to crack a password and gain hands-on skills to evaluate the importance of password complexity for real-world use cases.
Cybrary Challenges
Challenge: Teach a Person to Phish
National Cybersecurity Awareness Month has several themes, one of which is Phishing Awareness. This phishing challenge will have you analyze a real phish caught in the wild! The goal is to identify exactly why it was flagged as a phish and gain hands-on skills to validate a suspicious email!
Cybrary Challenges
Challenge: Episode II - Attack of the Encoders
Adversaries commonly use encoding, encryption, and hashing to obscure their scripts and attacks. As a CTF player, you will need to analyze alerts and uncover the true nature of a suspicious string embedded in a file. Can you help figure out what it’s trying to say?
Cybrary Challenges
Cybrary Challenges
Challenge: The Base(64)ics
Threat actors commonly use legitimate tools in nefarious ways. As a CTF player, you’ll need to find creative ways to uncover these types of tactics. While evaluating a recent alert in your EDR, you’ve come across a weird string at the end of a powershell command. Can you help figure out what it’s trying to say?
Cybrary Challenges
Challenge: Spiny Shell
You receive an alert about a suspicious command execution on a Windows endpoint. Early analysis suggests PowerShell has not locked down appropriately. Can you validate if anything malicious is underway? Now that you have some basic information discovered, dive deeper into the suspicious command to identify the attacker's infrastructure and setup!
CVE Series
CVE Series: WinRar Vulnerability (CVE-2023-38831)
WinRAR, a popular 1990s file archiver still used by 500 millions users worldwide, suffers from a high severity Remote Code Execution (RCE) vulnerability. In this course you’ll be putting on your Red Team hat to create your own malicious file and gain control of the victim’s computer by leveraging this CVE!
CVE Series
CVE Series: Openfire (CVE-2023-32315)
If you're a cybersecurity practitioner who wants to know more about how to exploit and defend against CVE-2023-32315 (Openfire Path Traversal to RCE), you won't want to miss this course. You will identify the vulnerability, exploit it, and mitigate it in a hands-on, secure lab environment. Don't let Openfire catch you off guard.
CVE Series
CVE Series: Dirty Pipe (CVE-2022-0847)
Dirty Pipe (CVE-2022-0847) is the most critical vulnerability to impact Linux distributions in years. By exploiting this local kernel flaw, adversaries can quickly escalate privileges and even gain root access. Exploit and mitigate this vulnerability in this hands-on course that gives you the skills you need to protect your organization.
CVE Series
CVE Series: noPac (CVE-2021-42278 and CVE-2021-42287)
Ready to defend your organization against the critical noPac double vulnerability (CVE-2021-42278 and CVE-2021-42287) that can lead to advanced privilege escalation on Windows systems? Get ahead of the curve in this hands-on course that allows you to both exploit and mitigate this vulnerability with potentially significant, far-reaching impacts.
CVE Series
CVE Series: Polkit (CVE-2021-4034)
The Polkit vulnerability (CVE-2021-4034) is a critical vulnerability impacting every major Linux distribution. Its attack vector allows privilege escalation and can even give the attacker root access. Exploit and mitigate this vulnerability in this hands-on course that gives you the skills you need to protect your organization.
CVE Series
CVE Series: Log4J (CVE-2021-44228)
The Log4J vulnerability (CVE-2021-44228) took the world by storm in late 2021. Do you have what it takes to exploit and mitigate this critical vulnerability that experts say had the biggest global impact since Shellshock? Find out in this course, where you'll put your defensive and pen testing skills to the ultimate test in a virtual lab.
CVE Series
CVE Series: InstallerFileTakeOver (CVE-2021-41379)
InstallerFileTakeOver (CVE-2021-36934) is a Windows elevation of privilege vulnerability that emerged in late 2021 and could allow a threat actor to acquire elevated SYSTEM-level access. You will exploit this vulnerability in a virtual lab environment and learn how to mitigate it so you can protect your organization.
CVE Series
CVE Series: MSHTML Vulnerability (CVE-2021-40444)
The MSHTML Windows remote code execution vulnerability (CVE-2021-40444) identified in September 2021 could allow a threat actor to execute code on a victim’s machine. In this advanced course, you will exploit and mitigate this vulnerability in a secure lab environment, giving you the skills you need to protect your organization.
CVE Series
CVE Series: HiveNightmare (CVE-2021-36934)
HiveNightmare (CVE-2021-36934) is a serious vulnerability that gives threat actors access to sensitive data in the Windows Registry. Don't get stung by HiveNightmare. Get hands-on experience mitigating and exploiting this vulnerability in a secure lab environment by taking this course today.
CVE Series
CVE Series: PrintNightmare (CVE-2021-1675 and CVE-2021-34527)
PrintNightmare (CVE-2021-1675 and CVE-2021-34527) is a critical vulnerability in the Windows Print Spooler service running on almost every Windows operating system. Dive into a hands-on lab and course where you will exploit and mitigate the vulnerability. Don't get caught unaware by PrintNightmare.
CVE Series
CVE Series: Ghostcat (CVE-2020-1938)
If you're a cybersecurity practitioner who wants to know more about how to exploit and defend against Ghostcat (CVE-2020-1938), the you won't want to miss this course. You will identify the vulnerability, exploit it, and even mitigate it in a hands-on, secure lab environment. Don't let Ghostcat catch you off guard.
CVE Series
CVE Series: F5 BIG-IP (CVE-2022-1388)
The BIG-IP iControl REST vulnerability (CVE-2022-1388) is a critical flaw that allows unauthenticated attackers to execute system root-level commands remotely. This vulnerability was given a CVSS score of 9.8 due to how easy it is to exploit and the level of access it grants attackers. Learn how to exploit and mitigate this vulnerability today!
CVE Series
CVE Series
CVE Series: Atlassian Bitbucket Command Injection (CVE-2022-36804)
The Atlassian Bitbucket command injection flaw (CVE-2022-36804) is a remote, unauthenticated, command injection vulnerability affecting application programming interface (API) endpoints in Bitbucket Server and Data Center. Stop an attacker from stealing sensitive information or installing malware as you exploit and mitigate this vulnerability!
CVE Series
CVE Series: Grafana Directory Traversal (CVE-2021-43798)
The Grafana Directory Traversal vulnerability (CVE-2021-43798) is a critical arbitrary file reading vulnerability impacting global Grafana servers and has been exploited in the wild. Take this course to learn how to exploit and mitigate this vulnerability!
CVE Series
CVE Series: Blind NoSQL Injection (CVE-2021-22911)
The Blind NoSQL Injection vulnerability (CVE-2021-22911) is a critical flaw impacting Rocket.Chat servers across the globe and has been known to be exploited in the wild. Stop an adversary from potentially executing commands on a victim system by learning how to exploit and mitigate this vulnerability!
CVE Series
CVE Series: Apache HTTPD (CVE-2021-42013)
The Apache HTTPD vulnerability (CVE-2021-42013) is a critical flaw impacting servers across the globe. This vulnerability gives an attacker the ability to enumerate a system and execute commands on the victim system if exploited. Exploit and mitigate the vulnerability in a secure lab environment!
CVE Series
CVE Series: Apache Spark (CVE-2022-33891)
Apache Spark is the biggest open-source project used for large-scale data processing and machine learning. Companies love it for its fast speed and ease of use. But a security flaw allows an adversary to just add a shell command to the URI to perform an arbitrary shell command execution. Exploit this flaw today using two attack vectors!
CVE Series
CVE Series: Django (CVE-2022-34265)
Django is a Python-based web framework design for fast, easy application creation. Popular apps like Instagram and Clubhouse use Django, but are you prepared to exploit and mitigate the high-risk Django flaw (CVE-2022-34265) that leaves applications vulnerable to SQL injection attacks? Put your pentest skills to the test in our course!
CVE Series
CVE Series: Follina (CVE-2022-30190)
The Follina exploit (CVE-2022-30190) is a Windows Remote Code Execution (RCE) vulnerability that could allow a threat actor to acquire an initial level of access after a successful phishing attack. Take our course to gain the skills you need to identify the vulnerability, detect it, and mitigate it (with current best knowledge).
CVE Series
CVE Series: Confluence RCE (CVE-2022-26134)
CVE-2022-26134 is an Object-Graph Navigation Language (OGNL) injection flaw impacting Atlassian Confluence & Data Center software. Leveraging this remote code injection (RCE) flaw, adversaries can execute arbitrary code on a server. Atlassian tools are popular with more remote work, so mitigation is key. Exploit, detect, & mitigate this flaw!
CVE Series
CVE Series: OpenSSL Infinite Loop (CVE-2022-0778)
The OpenSSL infinite loop vulnerability (CVE-2022-0778) is a critical flaw impacting systems running OpenSSL versions 1.0.2, 1.1.1 and 3.0. If exploited, this vulnerability allows adversaries to perform a denial-of-service (DOS) attack. Take our course to exploit this vulnerability in a secure lab environment.
CVE Series
CVE Series: Redis (CVE-2022-0543)
The Redis vulnerability (CVE-2022-0543) is a critical flaw impacting Linux systems across the globe. By exploiting this vulnerability, any user can remotely execute commands as a root user on a system. Take our course to exploit and mitigate the vulnerability in a secure lab environment, giving you the skills you need to protect your organization.
CVE Series
CVE Series: Spring4Shell (CVE-2022-22965)
Spring4Shell (CVE-2022-22965) is a critical Remote Code Execution (RCE) vulnerability affecting Spring, a common application framework library used by Java developers. You will exploit and mitigate this vulnerability in a virtual lab, giving you the skills you need to “Spring” into action and protect your organization!
Threat Actor Campaigns
Royal Ransomware Group
Royal is a spin-off group of Conti, which first emerged in January of 2022. The group consists of veterans of the ransomware industry and brings more advanced capabilities and TTPs against their victims. Begin this campaign to learn how to detect and protect against this newer APT group!
Threat Actor Campaigns
Threat Actor Campaigns
Raspberry Robin
Raspberry Robin is a malware family that continues to be manipulated by several different threat groups for their purposes. These threat actors (Clop, LockBit, and Evil Corp) specialize in establishing persistence on a compromised host and creating remote connections to use later. Once established, these C2 connections can be used for multiple purposes, including data exfiltration, espionage, and even further exploitation.
Threat Actor Campaigns
Double Trouble with Double Dragon
Advanced Persistent Threats (APTs) conduct state-sponsored cyberattacks that can radically disrupt global business operations. Launch this campaign to start detecting sophisticated techniques leveraged by APT41, known as "Double Dragon" because they cause double trouble with both espionage and financially-motivated attacks!
Threat Actor Campaigns
Weak Link in the Supply Chain
Threat actors known as Advanced Persistent Threats (APTs) conduct highly sophisticated attacks sponsored by nation-states. They maintain a committment to stealth and often use custom malware. This campaign emulates a supply chain attack by APT29 that is similar to the SolarWinds compromise and it has the end goal of stealing sensitive information.
Threat Actor Campaigns
Spinning a Web Shell for Initial Access
Certain threat actors specialize in targeting vulnerable web servers and gain initial access by exploiting public-facing applications. Then they act as access brokers for ransomware gangs. Such campaigns highlight the need to protect against known vulnerabilities. Understanding these techniques is key to protecting your organization.
Threat Actor Campaigns
Exfiltration and Extortion
Threat actors will use stolen data exfiltrated from victim systems to extort organizations. Once they gain a foothold, they delete critical system files and threaten to release the data or disrupt operations if the victims do not pay up. Understanding these techniques is vital to defending your organization from such attacks.
Threat Actor Campaigns
Ransomware for Financial Gain
Threat actors continue to leverage ransomware to extort victim organizations. What was once a simple scheme to encrypt target data has expanded to include data disclosure and targeting a victim’s clients or suppliers. Understanding the techniques threat actors use in these attacks is vital to having an effective detection and mitigation strategy.
Instructors
Industry Seasoned. Cybrary Trained. Our instructors are current industry professionals trained by Cybrary to ensure consistency in quality and content.