
Revealing the Power of Keylogging: Hunting for the Revealer Keylogger
Backstory Recently I was reading an article by the famed Group-IB security team title “OPERA1ER: Playing God Without Permission” about an advanced persistent threat (APT)
Backstory Recently I was reading an article by the famed Group-IB security team title “OPERA1ER: Playing God Without Permission” about an advanced persistent threat (APT)
The Internet of Gas Station Tank Gauges: This post is a part of Cyborg Security’s guest threat hunter series, where we invite talented threat hunting
User Account Control (UAC) Bypass is a clever method that can be used for privilege escalation either manually or via scripts and can be exploited
Ransomware continues to be a hot button issue for organizations around the world. APT actors, commodity malware operators and even attackers who had never used
In this instalment of Cyborg Security’s latest series “Living off the Land,” we will cover the topic of RDP hijacking. Specifically, we will look at
Cyborg Security is starting an exciting new series of threat hunting videos dedicated to the practice of Living off the Land (LotL)! Living off the
Late last year, an Apache Struts Remote Code Execution (RCE) vulnerability (CVE-2020-17530) was discovered. In Apache Struts versions 2.0.0 – 2.5.25 a forced Object Graph
A core tenant for malware authors and threat actors is that persistence is key. Afterall, its reported that only 4 percent of users click on phishing links and attachments.
On December 13th 2020, it was unveiled by FireEye that SolarWinds has been impacted by a sophisticated supply chain compromise affecting their SolarWinds Orion software.
Application Shimming is a malicious technique on Microsoft Windows operating systems in which Application Shim’s are abused to establish persistence, inject DLLs, elevate privileges, and