Cyborg Security

Cyborg Security

JOIN US FOR AN EVENING OF THREAT HUNTING FUN! Cyborg Security has launched a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they ... Read More

Threat Overview – CVE-2024-3400 – Palo Alto OS Command Injection Vulnerability CVE-2024-3400 is a unauthenticated remote code execution vulnerability identified in devices utilizing GlobalProtect, and was identified by Volexity Threat Researchers on April of 2024. Reported to impact PAN-OS firewalls running versions 10.2, 11.0 and 11.1, this security flaw has ... Read More

Discover the Cutting-Edge of Cybersecurity in the “SANS 2024 Threat Hunting Survey: Hunting for Normal Within Chaos” Are you navigating the complexities of threat hunting in today’s chaotic cyber landscape? SANS’s ninth annual Threat Hunting Survey offers unparalleled insights into the evolving practices, challenges, and methodologies shaping cybersecurity strategies across ... Read More

Threat Overview – Volt Typhoon Threat Group On Tuesday (3/19/24), an advisory from President Biden’s administration was released to state governors, detailing the threat of foreign entities including the Volt Typhoon group targeting critical drinking water and wastewater infrastructure – with the potential to “disrupt the critical lifeline of clean ... Read More

In the cybersecurity domain, the evolution from a purely reactive stance to a proactive, anticipatory approach encapsulates the transition to a Threat-Informed Defense strategy. This paradigm shift, underscored by the sophisticated methodology of Behavioral Threat Hunting, represents a critical juncture in cybersecurity’s maturation. Unlike conventional strategies anchored in the deployment ... Read More

Threat Overview – Phobos The Phobos Ransomware variant has been active since May of 2019, targeting a variety of entities that include governments, emergency services, critical infrastructure, education and public healthcare. Operating under a RaaS (Ransomware-as-a-Service) model, this ransomware variant has been responsible for the extortion of millions of dollars ... Read More

JOIN US FOR AN EVENING OF THREAT HUNTING FUN! Cyborg Security has launched a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they ... Read More

Threat Overview – DarkCasino The APT group, DarkCasino (also known as Water Hydra), has been in the wild since 2021 and has had operations observed targeting online trading platforms in Asia, the Middle East, and Europe. Examples of the specific targets are gambling websites, casinos, banks, cryptocurrency and stock trading ... Read More

Get ready to elevate your threat hunting skills with Cyborg Security’s exhilarating and interactive workshop, focusing on the pivotal MITRE ATT&CK Tactic: Initial Access. This isn’t just another workshop; it’s an opportunity to immerse yourself in the world of advanced threat hunting, guided by the expertise of Cyborg Security’s seasoned ... Read More

Threat Overview – #MonikerLink CVE-2024-21413 (MonikerLink) is a critical security vulnerability in the Microsoft Outlook software. This vulnerability, released by CheckPoint and Microsoft in February 2024, is suspected to impact all prior versions of Microsoft Outlook due to the method in which it interacts with COM API’s. CheckPoint research stated ... Read More