HTB Blog > Blue Teaming All the latest news and insights about cybersecurity from Hack The Box. Hacking trends, insights, interviews, stories, and much more
- How Active Directory (AD) attacks have evolved—and what that means for blue teamerson July 30, 2025 at 2:45 pm
Explore 25 years of Active Directory attacks—from PtH to ransomware—and learn how defenders can harden networks, stop lateral movement, and prepare with hands-on training.
- Cloud on fire: What the data from 4,549 players says about your weakest defenseson July 21, 2025 at 8:23 am
Cloud is the battleground attackers love most. New data from 796 teams shows most organizations aren’t quite ready. How do your defenses measure up?
- LLMNR poisoning attack detectionon June 13, 2025 at 10:31 am
Learn how to detect LLMNR poisoning attacks in part three of a special five-part series on critical Active Directory (AD) attack detections & misconfigurations
- Meet global cyber skills standards with the new HTB Defense Operations Analyst certificate programon June 12, 2025 at 2:59 pm
An ANAB‑accredited, threat‑informed coursework that prepares cyber defenders for DoD 8140 roles and competencies. Delivering verifiable skills in just 15 weeks.
- How to use SmartScreen logs to find evidence of execution and user activity analysison February 27, 2025 at 3:24 am
CyberJunkie walks us through a new detection technique he uncovered using Windows SmartScreen Debug Event Logs. Follow this step-by-step guide to see how it works.
- Memory dump analysis with Signal decryptionon December 20, 2024 at 11:07 am
A deep-dive into Signal’s move to safeStorage API and how an HTB forensic content engineer creates a CTF Challenge.
- New Sherlocks updates: Academy recommendations, CPE credits (and more!)on December 2, 2024 at 1:29 pm
Ready for a more rewarding dive into your blue team investigations? Well, we have made new updates to Sherlocks that will give you momentum and a bonus to time well spent.
- Malware analysis for beginners (step-by-step)on September 18, 2024 at 10:21 am
Get familiar with industry-standard tools and methodologies to identify, understand, and detect malware threats.
- 5 Active Directory misconfigurations (& how they’re exploited)on September 11, 2024 at 12:36 pm
Audit your AD environment for misconfigurations (and attacks) that can lead to severe consequences when exploited by malicious actors.
- NTDS dumping attack detectionon August 29, 2024 at 10:22 am
Learn how to detect NTDS dumping attacks in issue five of a special series on critical Active Directory (AD) attack detections & misconfigurations.
