Threat Overview – CVE-2023-20198 In October 2023, Cisco revealed a severe vulnerability, CVE-2023-20198, affecting the Web User Interface of Cisco IOS XE software. Critical due to its potential impact, this flaw poses a significant risk to devices with the HTTP/S Server feature enabled, allowing attackers to create high-privilege user accounts ... Read More

As organizations continue to pivot towards the cloud, an emergent and dynamic threat landscape follows. The cloud, while offering unprecedented agility and scalability, presents new vulnerabilities and challenges in safeguarding sensitive data. Cloud-based infrastructures, much like their on-premises counterparts, are not immune to adversarial objectives such as access gain, privilege ... Read More

In the complex maze of cyber threat vectors, effective action hinges on accurate, timely intelligence. For practitioners in the field, the bridge between raw data and actionable strategies is where the real challenge—and opportunity—lies. Join us in “Mastering the Hunt,” where we delve into the technical intricacies of merging cyber ... Read More

Threat Overview – Scattered Spider Scattered Spider, a moniker for a multifaceted threat group also known as Storm-0875, Roasted 0ktapus, Scatter Swine, and UNC3944, has emerged as a significant cybersecurity threat. Active since May 2022, this group has recently gained notoriety for compromising systems linked to major players like MGM ... Read More

When you hear the term “threat intelligence”, what do you think of? If you’re visualizing lists of Indicators of Compromise (IOCs), alerts pinging like pinball machines, or reams of data being churned out by a SIEM system, you’re not exactly wrong. But if that’s all you’re seeing, your vision is ... Read More

Cyborg Security is launching a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they come out of the woods to explore some of ... Read More

Cyborg Security is launching a podcast with a twist! Join us for the first fully interactive threat hunting podcast where you can hang out with threat hunters from all over the world! Join a rag-tag bunch of threat hunters as they come out of the woods to explore some of ... Read More

Threat Overview – Rhysida Enter the world of Rhysida Ransomware: A deep dive into one of the most formidable advanced persistent threats (APTs) to date. Using a unique cryptographic approach, it employs a combination of a 4096-bit RSA key and the ChaCha20 algorithm. This strategy makes it stand out in ... Read More

Threat Overview – FlawedGrace FlawedGrace is not a newcomer in the world of cyber warfare. Originating in 2017, this malicious RAT is a favored weapon of the notorious TA505 threat group, believed to have ties with Russia. Known by another alias, Hive0065, this group has shown a propensity for both ... Read More

Threat Overview – CVE-2023-36884 CVE-2023-36884 is a newly discovered critical security flaw in Microsoft Office and Windows HTML, enabling remote code execution on the victim’s system. The threat actor group, ‘STORM-0978’ (also known as RomCom or DEV-0978), allegedly connected to Russia, has been seen exploiting this vulnerability. They specifically target ... Read More