Blog
News and updates from OffSec
Apr 12, 2024
Communication Skills in Cybersecurity
Learn about the importance of clear and effective communication skills in cybersecurity.
Categories
Research & Tutorials
Behind Enemy Lines: Understanding the Threat of the XZ Backdoor
The following is an excerpt from our new module on the recent XZ Utils backdoor, CVE-2024-3094. On Mar 29, 2024, at 12:00PM ET, Andres Freund posted on the Openwall mailing list about a backdoor he discovered in the XZ Utils package. The backdoor targeted the OpenSSH binary, allowing remote code execution on impacted machines.
Apr 9, 2024
5 min read
OffSec News
OffSec Versus: Revolutionizing Cybersecurity Training Through Live-Fire Collaboration
Did you know that 95% of cybersecurity breaches are caused by human error? Traditional training methods often fail to address this critical factor, leaving organizations exposed. OffSec Versus, part of the Enterprise Cyber Range, is designed to change that. It’s a live-fire training environment where your Red and Blue teams learn by doing, battling head-to-head,
Apr 9, 2024
5 min read
Enterprise Security
Soft Skills for Cybersecurity Leaders: CISO’s Perspective
The emphasis on technical skills and knowledge in cybersecurity has always been present. However, as the field becomes increasingly complex and intertwined with every facet of business operations, the spotlight has shifted to the indispensable role soft skills hold in cybersecurity leadership. This perspective was the focal point of our recent webinar, led by Thereasa
Apr 3, 2024
5 min read
OffSec News
Transform Your Cybersecurity Training with OffSec’s Cyber Ranges
In 2024, the cybersecurity landscape is bleak, with 62% of organizations acknowledging a pressing need for enhanced cybersecurity skills amidst growing digital threats. This statistic underscores the urgent demand for comprehensive training in modern cybersecurity practices. In response to this critical need, OffSec is introducing a new suite of Cyber Ranges. OffSec’s Cyber Ranges –
Apr 1, 2024
6 min read
Penetration Testing
Importance of report writing for pen testers
Pentesters are well known for their technical skill sets, they simulate cyber attacks on computer systems, networks, or applications in a controlled environment. And, their primary goal is to identify vulnerabilities and weaknesses to assess the security posture of a target system. Much of the work they do is technical in nature, but in order
Apr 1, 2024
9 min read
OffSec News
The Cybersecurity Skills Gap: Time to Step Up with OffSec’s Red Teaming and IoT Learning Paths
The cybersecurity landscape is indeed challenged by a significant skills gap, with reports highlighting the critical shortage of professionals equipped to handle escalating cyber threats. The 2023 Global Cybersecurity Skills Gap Report from Fortinet underscores the urgency of this issue, revealing that a vast majority of organizations are facing more breaches due to a lack
Mar 26, 2024
4 min read
OffSec News
Starting 2024 strong – The largest launch of security training from OffSec
Strong cybersecurity relies on an understanding of the importance of security throughout the entire organization. OffSec is committed to delivering security training to offensive, defensive, development and IT teams that can best protect organizations. In the first 10 weeks of 2024, we’ve released new learning paths to support more security training across the organization. No
Mar 14, 2024
3 min read
OffSec News
Cloud security training: Build secure cloud systems
The cloud’s potential is undeniable – but securing it remains a daunting challenge. A recent SC Magazine survey revealed a troubling statistic: one in four companies cite a critical cloud security skills gap. This gap leaves organizations vulnerable, as attackers exploit everything from exposed cloud storage buckets to vulnerabilities in development pipelines. Generic tutorials and
Mar 12, 2024
4 min read
OffSec News
Cybersecurity training aligned with the MITRE ATT&CK framework
The MITRE ATT&CK framework was developed in 2013 as a knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is a foundation for specific threat models and methodologies in the private sector, government, and cybersecurity product and service community. This MITRE ATT&CK Enterprise framework is used by many of
Mar 12, 2024
2 min read
Enterprise Security
The Essential Soft Skills for Cybersecurity Leaders
Learn about the essential role of soft skills in enhancing the effectiveness and resilience of cybersecurity leaders amidst evolving cyber threats.
Mar 5, 2024
10 min read
Research & Tutorials
AI in Cybersecurity
Mixed sentiment surrounds the application of AI in cybersecurity. Join us for an examination of where AI fits into our cybersecurity toolkits.
Feb 26, 2024
9 min read
OffSec News
Secure Coding – A critical skill in today’s threat landscape
Upgrade your secure coding skills with OffSec’s new Learning Paths! Master critical concepts and build resilient applications.
Feb 22, 2024
4 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity.