RangeForce Blog | Cybersecurity training for teams

RangeForce News: Threat-Centric Skill Addition and More

Written by RangeForce Team | Dec 15, 2023 6:15:00 PM

The calendar year isn't quite done yet, and we've squeezed a slew of new modules and some platform enhancements into 2023. Read on to learn more. 

New Threat-Centric: Email Service Compromise

Teams can now assess their preparedness against Email Service Compromise. Teams proficient in defending against this threat have demonstrated skills in user behavior analysis, message analysis, and platform and message hardening. Admins can track their team's progress in this area by going to Threat-Centric reporting on the Admin dashboard, selecting the gear, and then selecting the "Email Service Compromise" threat. A customized Readiness Plan for this threat is also available. 

Now in Beta: Google Cloud Platform Security Essentials 

This Learning Path, currently in beta, provides a comprehensive understanding of Google Cloud's structure and services crucial for effective incident handling. Modules now available include Incident Response with Google Cloud Netflow Logging, Google Cloud Data Access Logging in IR, and Google Cloud VM Forensics.

Recently Released Modules

AWS
  • Introduction to AWS Identity and Access Management
  • Implementing Multi-Factor Authentication in AWS
  • AWS Organizations and Service Control Policies
  • Identity Federation and Single Sign-On in AWS
  • Securing AWS APIs

Azure

  • Microsoft Entra ID: Sign-in Logs Analysis
  • Microsoft Entra ID: Audit Logs Analysis
  • Unified Audit Log Overview
  • Unified Audit Log Overview
  • OAuth Security Overview
  • OAuth App Analysis
  • Introduction to Azure Hierarchy
  • Azure Compute Overview
  • Azure Network Overview
  • Mailbox Audit Log Overview
  • Microsoft 365 Forwarding Rules Overview
  • Microsoft 365 Inbox Rules Analysis
  • Microsoft 365 Transport Rules Analysis
  • Introduction to Azure Storage Account Security

Cloud

  • Message Trace Logs Overview
  • Introduction to Google Cloud for Incident Response

CVEs

  • CVE-2023-38831 WinRAR - Arbitrary Code Execution
  • CVE-2023-23397 Microsoft Outlook: Privilege Elevation
  • CVE-2023-29357 SharePoint Server: Privilege Elevation

Digital Forensics

  • Evidence Acquisition and Preservation

Ransomware

  • Analyzing LockBit Ransomware