RangeForce Content Rewind | January 2022
Welcome to the RangeForce Content Rewind. In January, we added another 17 modules to the RangeForce platform as our library of human cyber defense skills content continues to grow.
With all-new training being added to the RangeForce platform each week, we wanted to take a moment and highlight some of the new modules available on the platform.
Take a look at the list below to get acquainted with our top additions from the past month. Be sure to give our new modules a try and let us know what you think!
New Training Modules
Azure Security Monitoring | Companies migrating their workload to the cloud face challenges keeping up with the security management used with on-premise environments. As part of the Cloud Security Posture Management, Azure has several tools to help with security configuration, governance, and automation.
Tracking Malware Network Activities | In this module, Wireshark is used to track the network activities of a Trickbot malware infection. Trickbot is a trojan designed to steal banking details and other credentials, which gives much traffic network to analyze. Analyzing a packet capture (PCAP) of a malware infection is an excellent way to learn the type of malware responsible for the infection and its capabilities.
Malware Imports and Exports | Malware often depends on external libraries and functions to perform its operations. Executable binaries usually store necessary libraries and functions in file headers. Learners will look at Windows libraries and functions used by malicious files and estimate the capabilities, types, and goals of the samples using pestudio.
Defeating Anti-Debugging Techniques | Learners will walk through various anti-debugging techniques and how to defeat them by using manual tricks and automated solutions, which prevent threat actors from making their malicious software harder to analyze.
Identifying Process Activities | One way to understand what malware does on a system is to execute the malware in a designated environment and monitor its behavior. In this situation, many things can be observed, such as what files the malicious process is creating, how it is modifying the registry, and what additional processes are launching. Users will gather this type of information using Process Monitor.
Elastic: Introduction to Fleet and Elastic Agent | The Fleet and Elastic Agent can be used to manage endpoints centrally from the Kibana UI. This foundational module will teach the following relevant concepts: Fleet, Elastic Agent, integrations, and policies.
Elastic: Introduction to Elastic Security | Elastic Security combines SIEM threat detection features with endpoint prevention and response capabilities in one solution. Learners will learn how Elastic can be used for monitoring, prevention, detection, hunting, and incident response.
Analyzing Email Headers | Users will discover how emails are structured in their raw original format and how to perform analysis on email headers.
Fully Automated Analysis – Case Study | Using a fully automated analysis allows you to quickly gather information about malware, find possible IoC, etc. In this intermediate exercise, Learners will utilize the Hybrid Analysis tool on a Petya encrypting malware sample.
Additional Modules
Additional modules added in the last month include Analyzing Email Contents – URLs, COBRA Distributed Exercise Network (DEN), Introduction to Hades Ransomware, Introduction to Egregor Ransomware, Introduction to DoppelPaymer Ransomware, Fully Automated Analysis – Exercise, Simple Incident Response Challenge, and SIEM Basics – Wazuh.
If you’re interested in learning more about the RangeForce platform or seeing our full course catalog, request a demo here or contact our sales team at sales@rangeforce.com.