Get ready to elevate your threat hunting skills with Cyborg Security’s exhilarating and interactive workshop, focusing on the pivotal MITRE ATT&CK Tactic: Privilege Escalation. This isn’t just another workshop; it’s an opportunity to immerse yourself in the world of advanced threat hunting, guided by the expertise of Cyborg Security’s seasoned ... Read More

JOIN US FOR AN EVENING OF THREAT HUNTING FUN! Cyborg Security has launched a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they ... Read More

As we surge into 2024, the cybersecurity landscape is witnessing a paradigm shift. Gone are the days when Indicators of Compromise (IOCs) held the throne. 2023 marked the realization within cybersecurity circles that while IOCs serve a purpose, particularly in confirming participation in major breaches, their continuous monitoring leads to ... Read More

Microsoft recently released patches for nearly 80 new security vulnerabilities, including two zero-day exploits, CVE-2023-23397 and CVE-2023-24880. CVE-2023-23397 is an elevation-of-privilege (EoP) vulnerability in Microsoft Outlook that could allow an attacker to obtain a victim’s password hash. The vulnerability occurs when an attacker sends a message to the victim with ... Read More

Introduction In the dynamic landscape of cybersecurity, the concept of exposure management has become a cornerstone of corporate defense strategies. Exposure management, fundamentally, is the practice of identifying, assessing, and addressing the myriad security risks associated with an organization’s digital presence. This practice is critical in today’s cyber environment, where ... Read More

JOIN US FOR AN EVENING OF THREAT HUNTING FUN! Cyborg Security has launched a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they ... Read More

In the evolving landscape of cybersecurity, where threats grow more sophisticated by the day, prioritization is not just a strategy, it’s a necessity. The cyber community is witnessing a paradigm shift – moving away from the acquisition of new ‘blackbox’ solutions towards enhancing existing security tools with quality content. This ... Read More

Threat Overview – BlueSky In the ever-evolving landscape of cyber threats, a new player has emerged with alarming efficiency: the BlueSky Ransomware variant. First spotted in June 2022, this malicious software has been targeting public-facing MSSQL servers, showing similarities with infamous ransomware variants like Conti and Babuk. BlueSky’s tactics, infrastructure, ... Read More

Threat hunting has become a vital part of an organization’s defense strategy. As attackers employ increasingly sophisticated methods, defenders must proactively search for hidden threats before they become catastrophic issues. In this pursuit, Artificial Intelligence and Machine Learning (AI/ML) are both hailed as saviors and scrutinized for potential shortcomings. In ... Read More

Threat Overview – CVE-2023-4966 A significant security concern has emerged for organizations utilizing Citrix NetScaler Gateways and ADC appliances. In October 2023, Citrix identified a critical vulnerability, designated CVE-2023-4966, posing a severe threat to these devices. This sensitive information disclosure vulnerability, scoring a high 9.4 on the CVSS scale, has ... Read More