Hack The Box launches its annual University CTF to inspire the next generation of security professionals to take the fight against cybercriminals

As the cyber skills gap widens to record new levels, disruptive cybersecurity training and upskilling platform, Hack The Box (HTB), has announced its annual global University ‘Capture the Flag’ (CTF) competition that will take place from 2nd – 4th December 2022 


This year’s event, which is open to students and academics at higher education institutions worldwide, is designed to inspire and prepare a new generation of security professionals to join the fight against cybercrime, at a time when they are most needed with the global talent shortage standing at 3.4 million.1 


With attacks spiking 28% in the last quarter of 2022 alone2, and cybercrime predicted to cost the global economy $10.5 trillion3 by 2025, students taking part will learn only the latest practical hacking skills needed to combat the ever-growing and evolving volume of sophisticated threats. Higher education professionals will also be introduced to innovative and effective new methods of gamified and hands-on teaching.  


HTB’s University CTF will see students across the globe face over 20 sophisticated cyber challenges, testing their skills in Cloud, Crypto, Pwn, Web, Forensics and more. This year’s challenges replicate the latest attack scenarios and cybercriminal techniques, helping to ensure students of all levels are prepared for a career in modern day cybersecurity.  


This year’s CTF aims to shine a light on cyberbullying and create an inclusive space where students all over the world can gain access to the latest skills and networks but also learn in an interactive, enjoyable and safe environment. Titled ‘Supernatural Hacks’ this year’s CTF focuses on helping students to interact safely online and build their digital citizenship, all whilst teams work together in a fictional wizarding world to defeat cybers darkest villains. Proceeds from the competition are being donated to Cybersmile, a multi-award- winning nonprofit organisation committed to digital wellbeing and tackling all forms of abuse and bullying online.  


Haris Pylarinos, CEO and co-founder of Hack The Box, says: “Universities are the breeding ground for the next generation of cyber professionals, and its critical students have experience tackling real world threats. The massive rise in the volume and sophistication of cyberattacks, means demand for new skills is booming and the old ways are no longer working.” 


“CTFs are a highly effective way to learn hands-on cyber skills through fun, gamified content. We’re seeing students join to not only sharpen their skills but also network with like-minded peers looking to enter a career in cyber. The competition is also an opportunity for academics and universities to learn new teaching methods that promote a ‘hacking mindset’ approach, needed to match the current threat landscape.” 


Haris continuesThe game has changed in cyber. Arbitrary degree and qualification hiring criteria needs to be phased out and businesses must prioritise practical-based skills and training experience. This will help cut the red tape holding back an untapped pool of highly skilled cyber talent waiting in the wings. 


Meanwhile, for younger generations increasingly looking for professions with purpose, hacking presents not only lucrative career prospects but an opportunity to do meaningful work stopping cybercriminal online – protecting businesses, governments, hospitals, schools and individuals from dangerous real-life threats. We’re excited to continue preparing the hackers of the future.” 


Last year’s University CTF winners included players from some of the biggest universities and schools in the world, University of Warwick, Hasso-Plattner Institute and 42 Paris. With more students looking to upskill themselves than ever,  HTB University CTF has also seen a 191% increase in participation from 2021 to 2021, with 2022 set to see record levels of participants.  


Teams, consisting of 1- 20 players, can enter the CTF from anywhere. All skill levels are welcome with challenge categories ranging from ‘Beginner to Hard’. The CTF style will be Jeopardy and FullPwn. As well as cash, swag prizes, and certificates of attendance can be earned for taking part


Hack The Box’s University CTF is sponsored by EY.  

Registration closes on 30th November, sign up here. 

  1. (ISC)2 Cyber Security Workforce Study
  2. Check Point Research: Third quarter of 2022 reveals increase in cyberattacks
  3. Cyber Security Ventures: Cybercrime To Cost The World $10.5 Trillion Annually By 2025

The post Hack The Box launches its annual University CTF to inspire the next generation of security professionals to take the fight against cybercriminals appeared first on IT Security Guru.

CybSafe launches SebDB 2.0 Behavioural Risk Platform

Behavioural risk platform, CybSafe has announced the launch of SebDB 2.0, the database developed by CybSafe’s in-house science and research team that gives security professionals the scientific understanding often missing when tackling human risk.

While organisations often attempt to improve security awareness, it is scarce for the effect of such efforts to be measured meaningfully. SebDB 2.0 allows organisations to target specific behaviours lacking within an organisation, implement plans to address them, and measure the effectiveness of those interventions.

SebDB is the result of collaboration between academics, government, and industry experts. It maps over 70 specific security behaviours linked to security risks. This helps security professionals prioritise the targeting of specific security behaviours to reduce risk.

It enables organisations to take a vital next step in protecting their organisation that many miss. While many organisations train their people with Cybersecurity Awareness and Training, it is often not measured in any meaningful way. The links between security behaviours and risks are not always clear. It’s hard to know which interventions to apply. It’s harder still to explain how interventions reduce risk.

Dr. Jason Nurse, CybSafe’s Director of Science and Research said: “Most security professionals set broad goals like “reduce account compromise”. But they don’t identify the security behaviours linked to the risks. If you aren’t identifying individual security behaviours, it is extremely difficult to measurably reduce human risk in your organisation. This is not a straightforward activity. That’s what SebDB aims to support.”

SebDB is built by the community for the community. It is a research effort and a practical tool that helps security professionals with the complexity and risk they face now and into the future. It helps organisations change behaviour linked to security risks.

Oz Alashe, CEO of CybSafe said: “Cyber security challenges need to be solved collectively. This is the goal of SebDB. Run by the community, it helps identify links between security behaviours and risks that are not always clear. Knowing how behaviours affect risk changes things significantly, for the better, allowing decisions and interventions to be made on evidence, not guesswork.”

The post CybSafe launches SebDB 2.0 Behavioural Risk Platform appeared first on IT Security Guru.

DomainTools Launches Global Partner Program to Bring Best-in-Class Internet Intelligence and Threat Hunting Capabilities to Enterprise Security Teams

DomainTools, the leader for Internet intelligence, today launched its Global Partner Program led by Tim Durant, the recently appointed Vice President, Global Channels and Alliances. 

Threat intelligence plays an increasing role in the Security Operations Center (SOC) as security teams struggle to cope with the rising threat landscape. The DomainTools Global Partner Program features the company’s best-in-class threat intelligence solutions, providing channel partners with the tools needed to help enterprise security teams proactively detect emerging threats and attackers lurking in their networks. 

According to Chris Nelson, Chief Revenue Officer at DomainTools, “We’re thrilled that Tim Durant has joined our executive team and to launch our new Global Partner Program. Tim brings more than 15 years of experience creating high-impact programs that build revenue through new partners, products/services and routes to market on a global scale. The channel is one of the key growth drivers for DomainTools and we’re excited for Tim to spearhead our channel strategy and growth, and to reinforce our commitment as a channel-first organization.” 

“Having worked with DomainTools since 2019, it’s great to see them bolster their commitment and investment into their channel business and partnerships like ours,” said Phil Higgins, CEO at Brookcourt Solutions, a leading UK-based IT services provider. “The data and products from DomainTools have allowed us to meaningfully enhance the security postures of dozens of firms. We look forward to building many further opportunities with DomainTools as a trusted partner.” 

The DomainTools Global Partner Program will expand existing channel relationships as well as build new partnerships across the globe. It offers a wide range of benefits to channel partners, including generous and simple margin structure for new and renewal business, access to in depth training, online deal registration, and joint promotional programs. 

“I’m eager to deepen our existing partner relationships and to expand our incredible partner ecosystem,” said Tim Durant. “DomainTools seeks to work with a wide variety of partners, from cybersecurity technology companies, to VARs, and MSSPs. Each of these partners brings specialized expertise and market knowledge, and we’re excited about the opportunity to not only expand their portfolio but also work together to help augment an organization’s limited threat intelligence resources.” 

In his new role, Tim will lead the DomainTools channel program and sales and revenue goals and will be responsible for go-to-market strategies within the diverse DomainTools partner ecosystem. Prior to DomainTools, Tim spent nearly a decade at Hitachi Vantara, where he was Sr. Director of Strategic Global Alliances. 

The post DomainTools Launches Global Partner Program to Bring Best-in-Class Internet Intelligence and Threat Hunting Capabilities to Enterprise Security Teams appeared first on IT Security Guru.

KnowBe4 Launches Cybersecurity Awareness Month University Challenge

KnowBe4, the provider of the world’s largest security awareness training platform, announced it is spearheading an initiative among UK universities that invites students with an interest in media/comms or cybersecurity to work collaboratively together to produce a security awareness video that addresses one of the themes from Cyber Security Awareness Month (CAM). Supported and judged by a working group consisting of esteemed professors from universities across England, Scotland and Wales, the winning entry will be showcased at KnowBe4’s annual conference, KB4-CON, and entrants will compete for cash prizes, internships and work experience.


The aim is to bring students together from differing academic backgrounds, connecting the skills of communications, creativity and cybersecurity together to help SMEs and critical industries address cybersecurity risk.


“Creating a good security culture and practices requires communication and different messaging to reach all sectors of the economy,” said Javvad Malik, Lead Security Awareness Advocate at KnowBe4. “Linking the skills of communication, creativity and good technical cyber know-how will seed new thought and deliver innovative experiences that grow collaborative project skills. It’s an exercise that can be carried forward into the students’ careers and shed some light on real industry challenges and strategies moving forward.”


In teams of up to four people made up of students with an interest in media/comms and computer science/cybersecurity (note: it does not have to specifically be these degrees), the students will work together to first identify a threat to business based on one of the themes from this year’s Cybersecurity Awareness Month. They will need to perform industry interviews and speak to organisations about their security awareness programmes, what types of social engineering, phishing or other cybersecurity threats they are up against. They will also need to address industry trends such as the growth of incidents involving small and medium enterprises. Using the information gathered, they will work together to create a max three-minute video to convey the issue through storytelling, demonstrate the scale of the problem and provide lessons on how to overcome it.


“Education and people are critical elements to creating a trusted digital world. Currently some estimate that over 95% of cyber breaches are through human error. So, I couldn’t think of a more brilliant way to address this than engaging diverse students to ideate and converge their fresh thinking, creativity and communication skills to produce inspiring new video messaging for the 2022 Cybersecurity Awareness Month,” said Professor Lisa Short, Global Technology Influencer & Founder of Areté Business Performance. “It’s simply amazing to see collaboration encouraged between universities, students and businesses to produce really meaningful impact to reduce digital harm and cyber risks. It also highlights the diverse nature of employment and working in cybersecurity and new talent pathway opportunities. When asked by Yvonne at Eskenzi PR, I had the best team sorted and ready to help.”


Danny Dresner, Professor of Cyber Security at the University of Manchester, added: “I love this concept of breaking out of computing and getting the scientists working with the arts and business students. Good practices in cyber security will only be realised if they get ownership from business leaders, colleagues and peers…and let’s not forget bringing key cyber security messages to the wider community; so many people can be easily led astray and become lost in the cyber landscape!”


The challenge is being launched in line with Cybersecurity Awareness Month and final entries will be judged in January 2023. Visit the website for all the latest updates: https://www.securityserious.com/kb4challenge/


The post KnowBe4 Launches Cybersecurity Awareness Month University Challenge appeared first on IT Security Guru.

iOS 16 Launches With Advanced Cyber Protection

Earlier this week, Apple officially launched its new iOS 16 operating system update for iPhone devices. The update contains several security-focused and privacy features.

iOS 16 was first unveiled in June at the WWDC 2022 conference. The update supports iPhone devices starting from iPhone 8, as well as second and third generation iPhone SE devices.

‘Lockdown Mode’ is a particularly significant feature, first launched in July on selective devices. It is now available on all iOS 16 devices.

Lockdown Mode, according to Apple, provides an “extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats.”

The mode limits certain functionalities on devices and hardens defences. This reduces any attack surfaces that could potentially be exploited by spyware. Some highlights of this feature include the ability to block most message attachment types, stop wired connections when the device is locked, and disable link previews.

Apple has also introduced a ‘Safety Check’ option with the new update. This is designed to help people cut ties with abusive partners who may try and secretly read their messages or track their locations.

This feature also lets users stop sharing their location information via Find My iPhone and can quickly reset a device’s privacy settings. Once activated, users will be signed out on all other devices and access to FaceTime and iMessage apps is restricted.

Reportedly, the feature was developed in collaboration with the National Network to End Domestic Violence, the National Centre for Victims of Crime and the Australian Women’s Services Network.

More security features include, preventing applications from accessing the device’s clipboard and Passkey. This follows news that Apple had discovered and patched a critical security risk in Safari that allowed threat actors to take control of a device’s operating system and execute arbitrary code.

This comes after Google warned of new spyware targeting iOS and Android devices in June 2022.


The post iOS 16 Launches With Advanced Cyber Protection appeared first on IT Security Guru.