RangeForce Blog

Dark Reading published RangeForce Blog: 5 Big Lessons from the Work-from-Home SOC

Dark Reading published RangeForce Blog: 5 Big Lessons from the Work-from-Home SOC

Accustomed to working in the same room, security teams now must find ways to operate effectively in the new remote reality.
/by Triin Mahlakõiv
cross-training cybersecurity

The Case for Cross-Training

Cross-training is helping CISOs and security managers to optimize collaboration, reduce the time that it takes to detect and remedy a cyberattack and improve overall team skills and performance. 
/by Triin Mahlakõiv
Understand the power of YARA Rules

Understand the power of YARA Rules

Because YARA is extremely flexible, it can act as either a highly targeted sniper rifle or as field artillery. YARA is used by incident responders, threat hunters, and malware forensic analysts, and helps identify and classify malware samples.
/by Triin Mahlakõiv
March-April cybersecurity training modules

March-April Training Modules from RangeForce

March and April have been busy months for RangeForce. We released 11 new modules and have another 12 in beta getting ready for release.
/by Triin Mahlakõiv
RangeForce founders

The Founding Story of RangeForce

The RangeForce founder met while working on a project to build out a Cyber Range and cyberattack simulations for the NATO Cooperative Cyber Defense Center of Excellence (CCDCOE).
/by Triin Mahlakõiv

Simulation-Based Training – A Gartner Top 10 Strategic Technology Trends for 2020

“By 2022, 35% of large businesses in the training and simulation industry will evaluate and adopt immersive solutions, up from less than 1% in 2019.”
/by Triin Mahlakõiv
Cybersecurity training with cloud cyber range, on-demand any time any place

Why Choose a Combined Cloud eLearning and Cyber Range Platform?

RangeForce is a unique training platform because it combines an eLearning environment with a cloud-hosted Cyber Range. The hands-on portions of our training modules occur in the cyber range, as do our individual and team security challenges.
/by Triin Mahlakõiv

How RangeForce Applies a Hackers-Mindset to Cyber Security Training: Q&A with the Head of Content Development at RangeForce

Our Head of Content Development describes the mission and role of a Cybersecurity Content Specialist at RangeForce. Here's what he had to say.
/by Triin Mahlakõiv
February cybersecurity training

February Training Modules from RangeForce

Here are the new RangeForce Training Modules for February. There are some great new cyber range exercises included with everyone one of these modules so that cybersecurity pros can get hands-on training.
/by Triin Mahlakõiv
CVE-2020-7247: Privileged Remote Code Execution in OpenSMTPD

CVE-2020-7247: Privileged Remote Code Execution in OpenSMTPD

OpenSMTPD is the mail transfer agent (e-mail server) of the OpenBSD operating system and is also available as a ‘portable’ version for other UNIX systems, such as GNU/Linux.
/by Triin Mahlakõiv

Get a head start on OWASP Top 10 Vulnerabilities Training for 2020

Open Web Application Security Project (OWASP) provides an ongoing list of the Top 10 security flaws that enable a majority of the successful cyberattacks over the past year. The list is a great starting place for setting your cybersecurity training agenda, not only for your security team, but also for your web application developers and DevOps teams.
/by Triin Mahlakõiv
February cybersecurity training

January Training Modules from RangeForce

At RangeForce, we continually expand our training coverage to match the needs of cybersecurity pros. Our January release includes five new Security Operations (SOC) Track Modules. This release marks a milestone as our training module count now stands at 102 and 78 hours of training content.
/by Triin Mahlakõiv
Bling Command Injection

Blind Command Injection

Executing a Command Injection attack simply means running a system command on someone’s server through a web application or some other exploitable application running on that server. Executing a Blind Command Injection attack means that you are unable to see the output of the command you’ve run on the server.
/by Triin Mahlakõiv

Blind SQL Injection

We are going to take a look at how to find the most common types of blind SQL vulnerabilities, how to exploit them in order to exfiltrate data and also how to mitigate the risk in your own applications.
/by Triin Mahlakõiv
SQL Injection Isn't Going Anywhere

SQL Injection Isn’t Going Anywhere

SQL injections might sound like a thing from the past, but in actuality, it is still one of the most widely used methods of attack by hackers around the world.
/by Triin Mahlakõiv
Cybersecurity training not a priority

Cybersecurity Training is Still Not a Priority

Understanding the importance of cybersecurity training in the people, process, and technology triad.
/by Triin Mahlakõiv
DECEMBER TRAINING MODULES

December Training Modules from RangeForce

At RangeForce, we focus on both expanding our training coverage and keeping our training up to date. Today we provide 100 training modules across three tracks, security operations, DevOps, and Web Application Security.
/by Triin Mahlakõiv
Docker security

Docker Basics

Docker is a software platform for building applications in small and lightweight execution environments called containers, which are isolated from other processes, operating system resources, and kernel.
/by Triin Mahlakõiv
Meteor Blind NoSQL Injection

Meteor Blind NoSQL Injection

I recently came across a Meteor application, which had a publicly callable method 'users.count' that would return the count of users registered in the app. While this may not be significant from a threat assessment perspective, I decided to give it another look and dig a bit deeper.
/by Triin Mahlakõiv
Magecart

Macy’s, Magecart, Black Friday, and JavaScript Code Injection

Macy’s became the latest in a long list of victims who have been attacked by different cybercriminal syndicates collectively referred to as Magecart.
/by Triin Mahlakõiv

Former Deputy Director of the National Security Agency Chris Inglis Joins the RangeForce Advisory

We are happy to announce that Chris Inglis, the former Deputy Director and senior civilian leader of the National Security Agency, has joined RangeForce’s advisory board.
/by Triin Mahlakõiv
Cybersecurity training not a priority

RangeForce CyberSiege: Hands-on Defensive Training Simulation with Barclays.

To celebrate National Cybersecurity Awareness Month, RangeForce joined forces with Barclays to deliver a unique CyberSiege at Barclays RISE NYC.
/by Triin Mahlakõiv