Category: Cyborg Labs

I think it is safe to say that 2020 has proven to be a year of fear, uncertainty, and doubt, and the data supports that threat actors

Last year, during a routine code review, Qualys discovered a Remote Command Execution (RCE) vulnerability in the Exim Mail Transfer Agent (MTA) mail server. The

Last weekend, Cyborg Security hosted our first Capture the Flag (CTF) event. The CTF was oriented for people interested in threat hunting, cyber defense, blue

Cyborg Security’s very own director of Research and Intelligence walks through how his team uses Atomic Red Team for threat hunting in new and innovate ways to minimize false negatives in a security environment!

A truism is that where there is money, there is crime — it applies in every corner of society, from street markets to financial markets, and everything

DNSTwist is an open source tool that generates a list of potential domain names related to an input domain. It does this through mutation, transposition, homoglyph and substition among other techniques commonly employed by attackers. Once the list of domains are generated it performs DNS lookups to determine if it is an active domain and can look up Mail Exchange (MX) records as well to determine if it may be capable of sending and receiving email. This enables threat hunters and analysts to obtain a list of visually similar and other similar domains that could be utilized in phishing attacks. The most useful function of DNSTwist in an organization would be for proactive research of brand protection, by regularly searching for imitation domains being used for phishing or fraud.

Ransomware is not a new threat. While the first ransomware is thought to have appeared in 2012, it wasn’t until 2014 that organizations really began

During Black Hat USA 2020 we here at Cyborg Security released into the ether of the internet a cyber security hacking puzzle, similar to a