HackTheBox announced the launch of BlackSky, three new Cloud Hacking Lab scenarios, deployed especially for the enterprises intent to move on the cloud, for understanding cloud hacking techniques, vulnerabilities, and more.
Understanding the possible cloud threats
With the Covid-19 pandemic, there is a huge increase in companies transitioning their infrastructure to the cloud. Cloud computing helps enterprises focus on their business, instead of struggling with maintaining and managing the systems. On the other hand, cloud computing brings its own risks.
Understanding the possible cloud hacking vectors, and how to protect your business from these threats is critical. With this in mind, Hack the Box launched the BlackSky Professional Labs, featuring Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) environments.
The new environments allow cybersecurity teams to familiarize themselves with a variety of cloud exploitation techniques and gain the knowledge of which can be used to protect their business.
About the BlackSky scenarios
Hack the Box team created fun and instructive scenarios, with fictional companies, such as Mega Multinational. Mega Multinational is a global leader in the Freight Logistics industry. They are not cloud-native but are looking to transition more infrastructure to a leading cloud platform, to mitigate the perceived risks of hosting their own infrastructure. They have enlisted your services to perform an assessment of their cloud infrastructure, starting with a single external IP address.
BlackSky showcases a wide range of misconfigurations, common privilege escalation techniques, and attack paths seen in real engagements, and how they can be exploited and mitigated.
For joining the BlackSky scenarios, users should have a basic knowledge of cloud infrastructure, Linux operating system, and web & network exploitation.
After completion of the labs, the players will have gained familiarity with the tools and techniques that are used to exploit cloud platform environments and enterprise networks. The users will also gain knowledge of AWS/GCP/Azure enumeration, exploitation of serverless applications, exploiting misconfigurations, local privilege escalation, measures to avoid such situations.
BlackSky is available through Hack the Box’s new Enterprise Platform. Learn more about it here. And if you’re curious to learn more about cloud hacking in general, Hack the Box is running a webinar on November 22nd. Spaces are limited! You can save your space here.
See more Cyber Security News