Episoder
-
Top 5 Threat Hunting Headlines - 13 May 2024
1. Infosecurity Magazine | AI-Powered Russian Network Pushes Fake Political Newshttps://www.infosecurity-magazine.com/news/aipowered-russian-network-fake-news/?&web_view=true2. Elastic Security Labs | Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Twohttps://www.elastic.co/security-labs/dissecting-remcos-rat-part-two3. The Record | Cyberthreat Landscape Permanently Altered by Chinese Operations, US Officials Sayhttps://therecord.media/cyberthreat-landscape-altered-chinese-operations?&web_view=true4. Elastic Security Labs | Dissecting REMCOS RAT: An in- depth analysis of a widespread 2024 malware, Part Fourhttps://www.elastic.co/security-labs/dissecting-remcos-rat-part-four5. Help Net Security | How Secure is the "Password Protection" on Your Files and Drives?https://www.helpnetsecurity.com/2024/05/10/password-protect-pdf-excel-files/?web_view=true
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
Top 5 Threat Hunting Headlines - 22 April 2024
1. The Record | NATO to launch new cyber center to contest cyberspace 'at all times'https://therecord.media/nato-new-military-civilian-cyber-center-mons-belgium?&web_view=true2. Securonix | Securonix Threat Research Knowledge Sharing Series: Detecting DLL Sideloading Techniques Found In Recent Real-world Malware Attack Chainshttps://www.securonix.com/blog/detecting-dll-sideloading-techniques-in-malware-attack-chains/3. Darkreading | Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malwarehttps://www.darkreading.com/application-security/evil-xdr-researcher-turns-palo-alto-software-into-perfect-malware?&web_view=true4. HackTrickshttps://book.hacktricks.xyz5. CSA | Deploying AI Systems Securelyhttps://media.defense.gov/2024/Apr/15/2003439257/-1/-1/0/CSI-DEPLOYING-AI-SYSTEMS-SECURELY.PDF-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
Manglende episoder?
-
Top 5 Threat Hunting Headlines - 15 April 2024
1. Volexity | Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400)https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/2. Trend Micro | Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbearhttps://www.trendmicro.com/en_no/research/24/d/earth-hundun-waterbear-deuterbear.html3. The Cyber Express | FatalRAT Targets Cryptocurrency Users With DLL Side-loading Techniqueshttps://thecyberexpress.com/fatalrat-phishing-campaign/?&web_view=true4. Elastic Security Labs | Linux detection engineering with Auditdhttps://www.elastic.co/security-labs/linux-detection-engineering-with-auditd5. NIST Special Publication | Incident Response Recommendations and Considerations for Cybersecurity Risk Managementhttps://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r3.ipd.pdf
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
To be fully interactive by asking questions and giving feedback and opinions in real-time, join our Discord Server! Be sure to join the live recording of our next episode to be a part of the fun! --> https://discord.gg/sHw5c3qwRh
Looking to have your cyber security questions or insights featured on our next episode? Tag #OutOfTheWoodsPodcast on your socials when you share your thoughts. No question is too specific, no insight too niche—we're here for it all!
------------
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
TikTok: https://www.tiktok.com/@cyborgsecinc -
**[LIVE] Out of the Woods Podcast Episode
April 4, 2024 | 7:00 - 8:30 PM ET
More Details/Registration 👇https://info.cyborgsecurity.com/en-us/threathuntingpodcast-e15
Get your FREE HUNTER Community Account today! 👇https://www.cyborgsecurity.com/user-account-creation/
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
**[LIVE] Out of the Woods Podcast Episode
April 4, 2024 | 7:00 - 8:30 PM ET
More Details/Registration 👇https://info.cyborgsecurity.com/en-us/threathuntingpodcast-e15
----
Top 5 Threat Hunting Headlines - 20 March 2024
1. IBM X-Force Threat Intelligence Index 2024https://www.ibm.com/reports/threat-intelligence?utm_content=SRCWW&p1=Search&p4=43700079592066619&p5=e&gad_source=1&gclsrc=ds2. Almond | UAC Bypass via Elevated .NET Applicationshttps://offsec.almond.consulting/UAC-bypass-dotnet.html3. Help Net Security | Only 13% of Medical Devices Support Endpoint Protection Agentshttps://www.helpnetsecurity.com/2024/03/14/medical-devices-cybersecurity-concerns/?web_view=true4. Sonicwall - By Security News | Interesting Multi-Stage StopCrypt Ransomware Variant Propagating in the Wildhttps://blog.sonicwall.com/en-us/2024/03/new-multi-stage-stopcrypt-ransomware/5. Bleeping Computer | Hackers Exploit Aiohttp Bug to Find Vulnerable Networkshttps://www.bleepingcomputer.com/news/security/hackers-exploit-aiohttp-bug-to-find-vulnerable-networks/?&web_view=true
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
**Threat Hunting Workshop: Hunting for Initial Access
March 20, 2024 | 12:00 - 1:00 PM ET
More Details/ Registration 👇https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-10
**[LIVE] Out of the Woods Podcast Episode
April 4, 2024 | 7:00 - 8:30 PM ET
More Details/Registration 👇https://info.cyborgsecurity.com/en-us/threathuntingpodcast-e15
----
Top 5 Threat Hunting Headlines - 11 March 2024
1. The Hacker News | Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secretshttps://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html?m=1https://blog.talosintelligence.com/deep-dive-into-phobos-ransomware/2. Almond | UAC Bypass via Elevated .NET Applications https://offsec.almond.consulting/UAC-bypass-dotnet.html3. Check Point Research | Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/?web_view=true4. https://www.nieuwsblad.be/cnt/dmf20240306_93861112
5. Infosecurity Magazine | Dropbox Used to Steal Credentials and Bypass MFA in Novel Phishing Campaignhttps://www.infosecurity-magazine.com/news/dropbox-credentials-bypass-mfa/?&web_view=true-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
**Threat Hunting Workshop: Hunting for Initial Access
March 20, 2024 | 12:00 - 1:00 PM ET
More Details/ Registration 👇https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-10
Top 5 Threat Hunting Headlines - 04 March 2024
1. TrendMicro - Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPOhttps://www.trendmicro.com/en_us/research/24/c/multistage-ra-world-ransomware.html?&web_view=true2. Help Net Security - Cybercriminals harness AI for new era of malware developmenthttps://www.helpnetsecurity.com/2024/03/01/hi-tech-crime-trends-2023-2024/?web_view=true3. Malware Bytes - Malicious meeting invite fix targets Mac usershttps://www.malwarebytes.com/blog/news/2024/03/malicious-meeting-invite-fix-targets-mac-users?&web_view=true4. Security Affairs - A U.S. Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Metahttps://securityaffairs.com/159847/security/nso-group-vs-meta-pegasus-hand-over.html?web_view=true5. Security Affairs - U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities cataloghttps://securityaffairs.com/159796/security/cisa-adds-microsoft-streaming-service-bug-known-exploited-vulnerabilities-catalog.html?web_view=true
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
To be fully interactive by asking questions and giving feedback and opinions in real-time, join our Discord Server! Be sure to join the live recording of our next episode to be a part of the fun! --> https://discord.gg/sHw5c3qwRh
------------
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
TikTok: https://www.tiktok.com/@cyborgsecinc -
Top 5 Threat Hunting Headlines - 26 February 2024
1. The DFIR Report: SEO Poisoning to Domain Control: The Gootloader Saga Continueshttps://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues/2. Cybersecurity & Infrastructure Security Agency: Updated: Top Cyber Actions for Securing Water Systemshttps://www.cisa.gov/news-events/alerts/2024/02/23/updated-top-cyber-actions-securing-water-systemshttps://www.cisa.gov/sites/default/files/2024-02/fact-sheet-top-cyber-actions-for-securing-water-systems.pdf3. The Hacker News: LockBit Ransomware Group Resurfaces After Law Enforcement Takedownhttps://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html4. Group-IB: Extra Credit: VietCredCare Information Stealer Takes Aim at Vietnamese Businesseshttps://www.group-ib.com/blog/vietcredcare-stealer/5. Help Net Security: Cybersecurity Fears Drive a Return to On-Premise Infrastructure From Cloud Computinghttps://www.helpnetsecurity.com/2024/02/22/cloud-repatriation-projects-reasons/?web_view=true-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc -
Top 5 Threat Hunting Headlines - 05 February 2024
1. Exploring the Latest Mispadu Stealer Varianthttps://unit42.paloaltonetworks.com/mispadu-infostealer-variant/?web_view=true2. Buzzing on Christmas Eve: Trigona Ransomware in 3 Hourshttps://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours/3. DDoS Attack Power Skyrockets to 1.6 Tbpshttps://www.helpnetsecurity.com/2024/02/02/ddos-attacks-h2-2023/?web_view=true4. Evolution of UNC4990: Uncovering USB Malwarehttps://www.mandiant.com/resources/blog/unc4990-evolution-usb-malware5. Detecting and Mitigating a Phishing Threat: "Greatness"https://blog.sucuri.net/2024/02/detecting-and-mitigating-a-phishing-threat-greatness.html?web_view=true-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity -
Top 5 Threat Hunting Headlines - 22 January 2024
1. MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Librarieshttps://thehackernews.com/2024/01/hackers-hijack-popular-java-and-android.htmlhttps://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications/#maven-philosophy2. North Korea's ScarCruft Attackers Gear Up to Target Cybersecurity Proshttps://www.darkreading.com/threat-intelligence/north-koreasc-arcruft-attackers-target-cybersecurity-proshttps://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals/3. The Fake Fix: New Chae$ 4.1 Malware Hides in Driver Downloadshttps://www.hackread.com/fake-fix-chaes-4-1-malware-hides-driver-downloads/?web_view=true4. Outlook Vulnerability Discovery and New Ways to Leak NTLM Hasheshttps://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes5. Bulletproof Hosting: A Critical Cybercriminal Servicehttps://intel471.com/blog/bulletproof-hosting-a-critical-cybercriminal-service?&web_view=true-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity -
Top 5 Threat Hunting Headlines - 08 January 2024
1. The Hacker News | Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companieshttps://thehackernews.com/2024/01/sea-turtle-cyber-espionage-campaign.html?&web_view=truehttps://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/tortoise-and-malwahare.html2. TRM | North Korean Hackers Stole $600 Million in Crypto in 2023https://www.trmlabs.com/post/north-korean-hackers-stole-600-million-in-crypto-in-20233. ClearSky Cyber Securfity | No-Justice Wiperhttps://www.clearskysec.com/wp-content/uploads/2024/01/No-Justice-Wiper.pdf4. Uptycs | Ukraine Targeted by UAC-0050 Using Remcos RAT Pipe Method for Evasionhttps://www.uptycs.com/blog/remcos-rat-uac-0500-pipe-method5. The Register | Ransomware payment ban: Wrong idea at the wrong timehttps://www.theregister.com/2024/01/06/ransomware_payment_ban_wrong_idea/?&web_view=true
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
Top 5 TTPs & Behaviors - 11 Dec 2023
Get your FREE HUNTER Community Account to hunt for these TTPs and Behaviors 👇
https://hunter.cyborgsecurity.io/login
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
To be fully interactive by asking questions and giving feedback and opinions in real-time, join our Discord Server! Be sure to join the live recording of our next episode to be a part of the fun! --> https://discord.gg/sHw5c3qwRh
------------
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
Bonus Episode - November 30, 2023
Embark on an exploratory journey through the domain of cybersecurity with our host, Scott Poley, in this enlightening podcast episode. Our distinguished guest, Major Pierce, currently serving as the Director of Cyber Operations for the PA National Guard, unfolds her unique narrative within the digital defense realm – from her initial draw to the cyber sector to the pivotal decisions guiding her to a leading role.
Major Pierce's tenure at the PA National Guard is far from typical. In her pivotal position, she directs a nuanced strategy of cyber operations, tackling the complexities of digital warfare within the U.S. Army. The operations she oversees are characterized by a sophisticated blend of tactical foresight and the raw talent of her team, crafting bespoke solutions that address the multifaceted challenges of national security.
In this episode, Major Pierce offers a rare glimpse behind the scenes of military cybersecurity, discussing the trials and triumphs that shape the sector's landscape. As she narrates her professional trajectory and operational insights, listeners are invited to discover the synergy between individual expertise and collective operational success in the dynamic arena of cyber operations. Tune in for an episode rich in anecdotes and wisdom from the forefront of cybersecurity innovation.
*Connect with Major Pierce: https://www.linkedin.com/in/christine-pierce-mps-cissp-3a128080/
-----
Follow Us!Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
Top 5 Threat Hunting Headlines - 27 Nov 2023
Secure List: HrServ – Previously Unknown Web Shell Used in APT Attackhttps://securelist.com/hrserv-apt-web-shell/111119/
Group-IB: Hunting Rituals #2.2: Threat Hunting for Abuse of Windows Serviceshttps://www.group-ib.com/blog/hunting-rituals-windows-services-part-2/
Red Canary: Threat Hunting for PsExec, Open-Source Clones, and Other Lateral Movement Toolshttps://redcanary.com/blog/threat-hunting-psexec-lateral-movement/
Talos: A Deep Dive into Phobos Ransomware, Recently Deployed by 8Base Grouphttps://blog.talosintelligence.com/deep-dive-into-phobos-ransomware/
Cyware: Lazarus Group Exploit MagicLine2NX Flaw to Launch Supply Chain Attackshttps://cyware.com/news/lazarus-group-exploit-magicline4nx-flaw-to-launch-supply-chain-attacks-11b98153
-----
Follow Us!
Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
Join our host, Scott Poley, in this insightful bonus episode where he sits down with Tony Pietrocola, the driving force behind AgileBlue. Tony shares his personal expedition into the realm of cybersecurity, detailing the journey that shaped his expertise. He also unfolds his forward-thinking perspective on the future of cybersecurity in our rapidly evolving digital age.
AgileBlue offers a synergy of AI-driven cybersecurity fortified with the reliability of human expertise. Their sophisticated SOC|SOAR platform stands guard over your digital and cloud infrastructure. It provides comprehensive 24/7 oversight, adept at swiftly pinpointing and mitigating cyber threats, ensuring peace of mind through vigilant monitoring, detection, and responsive action.
*Learn more about AgileBlue – https://www.linkedin.com/in/tonypietrocola/
*Connect with Tony - https://agileblue.com/
-----
Follow Us!Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
Bonus Episode - November 17, 2023
Dive into the world of cybersecurity with Sam Paredes on our latest podcast episode. As the Founder and Security Researcher at BugNode, Samuel shares his personal odyssey within the tech industry, from a burgeoning passion to the helm of a trailblazing security enterprise.
BugNode isn't just another web application testing service. Under Samuel's leadership, the company champions a meticulous, hands-on approach to safeguarding applications. By tackling security challenges with human ingenuity, BugNode's expert team crafts a tailored defense strategy for each client, ensuring robust protection that empowers businesses to thrive without the overhead of digital threats.
Throughout the episode, Samuel provides an insider's look at the hurdles faced by security professionals and how BugNode strategically overcomes them. Tune in to gain valuable insights into the intersection of personal growth and professional excellence in the fast-evolving landscape of application security.
*Learn more about BugNode - https://www.bugnode.io/
*Connect with Sam - https://www.linkedin.com/in/sam-par/
-----
Follow Us!Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc -
Top 5 Threat Hunting Headlines - 13 Nov 2023
Kaspersky Threat Intelligence - Modern Asian APT Groupshttps://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2023/11/09055246/Modern-Asian-APT-groups-TTPs_report_eng.pdf
Unit 42 - Agonizing Serpens (Aka Agrius) Targeting the Israeli Higher Education and Tech Sectorshttps://unit42.paloaltonetworks.com/agonizing-serpens-targets-israeli-tech-higher-ed-sectors/
Huntress - Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattackhttps://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack
Mandiant - Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technologyhttps://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
Security Affairs - North Korea-Linked APT Sapphire Sleet Targets IT Job Seekers with Bogus Skills Assessment Portalshttps://securityaffairs.com/154082/apt/sapphire-sleet-apt-targets-it-job-seekers.html?web_view=true
-----
Follow Us!Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Instagram: https://www.instagram.com/cyborgsecinc/
Facebook: https://www.facebook.com/CyborgSecInc - Vis mere
