Resources
Featured Content
Authentication Token Vulnerability with Microsoft Teams
OVERVIEW In mid-September 2022, security researchers at Vectra released information a post-exploitation vulnerability affecting the Microsoft Teams collaboration platform. The vulnerability allows “… malicious actors
Authentication Token Vulnerability with Microsoft Teams
OVERVIEW In mid-September 2022, security researchers at Vectra released information a post-exploitation vulnerability affecting the Microsoft Teams collaboration platform. The vulnerability allows “… malicious actors
WEBINARS
Threat Hunting Workshop: Persistence is Futile
You’ve read the threat hunting blogs. You’ve followed some of the tutorials and deep dives on YouTube. You might have even started to sift through
Hunting for CONTI: TTPs Not IOCs
The Conti ransomware is one of the most well-known and feared ransomware operations around, primarily because of their prolific targeting and ruthless efficiency. This has
Thinking Like a Threat Actor: Hunting the Ghost in the Machine
An advanced adversary has bypassed the perimeter defenses, moved inside the environment, and become a literal ghost in the machine, free to move from system
BLOGS
Threat Hunting Program: 5 Best Practices for Success
There was a pretty significant statistic that was recently released in Mandiant’s M-Trends 2022 report. In it, they cite that the median number of days
Proactive Security and Why Every Business Needs It… Yesterday
Threat hunting isn’t important for companies, it’s an imperative. I can say that with confidence as a practitioner who has worked in security analysis, threat
Cyborg Security featured on Cybernews!
Probably the best motivation for us is community feedback – especially when that feedback is positive! It validates our mission and helps give us great
White papers
The Threat Hunter’s Hypothesis
A case for structured threat hunting and how to make it work in the real world. While every large organization wants to threat hunt, many
Threat Hunting Framework
Threat Hunting can be challenging for organizations, especially when they don’t know where to start. Cyborg Security’s “Threat Hunting Framework” makes it easy to get
The Content Revolution
There’s a Content Problem. We have the Solution. Quality threat content can make or break threat hunting and detection efforts. Unfortunately, many security teams struggle
Cyborg Labs
Threat Hunt Deep Dives: User Account Control Bypass Via Registry Modification
User Account Control (UAC) Bypass is a clever method that can be used for privilege escalation either manually or via scripts and can be exploited
Ransomware: Hunting for Inhibiting System Backup or Recovery
Ransomware continues to be a hot button issue for organizations around the world. APT actors, commodity malware operators and even attackers who had never used
Living off the Land (LotL) – RDP Hijacking
In this instalment of Cyborg Security’s latest series “Living off the Land,” we will cover the topic of RDP hijacking. Specifically, we will look at
Videos
Threat Hunt Deep Dives Ep. 10 – Get to Know Your Logs Pt. 2
Registry keys can be a very useful method for hunting and detecting malicious activity, but if they are ingested wholesale they can also be one of the noisiest methods of detection. However, if organizations take the time to understand how registry keys can be used to help detect malicious activity, they can help security teams improve their security posture significantly. Join Cyborg Security’s Lee Archinal in his second instalment of our Threat Hunt Deep Dive series “Get to Know Your Logs!”
