August OUT NOW is here! This month, we have a short and sweet release featuring two fully refactored Windows courses and an intriguing campaign on the dangerous SharePoint exploit chain. 

Let’s dig in!

Refactoring Windows Basic and Windows Advanced courses 

Two of our most foundational and widely used courses, Windows Basics and Windows Advanced, have received a thorough makeover to reflect our latest instructional standards and design methodology.  

These revamped courses go far beyond their original versions, offering a deeper, more structured learning experience grounded in real-world system administration and analysis tasks.  

The Windows Basics track builds essential knowledge across the Windows ecosystem:  

• File systems 

• Process and service management 

• Networking 

• Registry operations 

The Windows Advanced course takes it further, guiding learners through intricate areas: 

• Windows forensics 

• Credential artifacts 

• PowerShell analysis 

• WMI abuse 

• Persistence techniques 

With new labs, updated spotlights, and smarter learning flows, these courses are now better equipped than ever to train future Windows defenders and administrators.

Campaign of the month: SharePoint vulnerabilities 

In this month’s campaign, we feature a spotlight investigating the recent multi-stage exploit chain targeting Microsoft SharePoint on-prem environments.  

The Cyberbit research team chained together a series of vulnerabilities — including an authentication bypass and a deserialization flaw — to showcase how attackers are able to gain remote code execution on vulnerable servers.  

From there, the attacker deploys web shells, harvests credentials, and extracts machine keys to establish persistent access.  

This campaign breaks down the entire exploitation flow and highlights how easily misconfigured or unpatched SharePoint servers can become an open door into the enterprise network. 

Access the full spotlight here. 

Don’t forget your CVEs 

Staying up to date with new CVE disclosures and exploits is critical. But don’t forget that it’s not only new CVEs that are regularly exploited. Older CVEs pose an equally high risk if you don’t properly patch your systems.  

This month, we are adding two new CVEs to the Exploit the Latest CVEs course: 

• CVE-2024-34693: Input validation vulnerability in Apache Superset 

• CVE-2024-42007: SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files 

Time to put your team’s defending skills to the test 

This month’s release is all about raising the stakes and refining your defense game. Whether you’re diving into the CVEs, leveling up your Windows expertise, or studying the anatomy of a SharePoint exploit, every scenario is designed to prepare your team for the real-world fight. 

Book your next LFE and go head-to-head with these advanced threats. 

Not a Cyberbit customer yet? Let’s fix that! Request a demo and explore how we can take your team’s cyber readiness to the next level.