By Cyborg Security You know what really grinds my gears? The fact that seemingly every blog article about the benefits of threat hunting starts by telling people about some major breach, or uses some ridiculously vague statistic about how many cyber-attacks happen every second (the answer is apparently 44 or…

By Cyborg Security In the cyber security space, we can sometimes take for granted some of the less technical aspects of the job, often until it is too late. A great example of this was in one of my first more senior technical positions, when I was suddenly asked to…

By Cyborg Security It has often been said that if history doesn’t repeat itself, it sure as heck rhymes. Nowhere is this truer than in cyber security. And one of the most common “rhymes” is the trouble that blue teams have in detecting red team tools and activity in a…

By Cyborg Security There was a pretty significant statistic that was recently released in Mandiant’s M-Trends 2022 report. In it, they cite that the median number of days an attacker resides in a system before detection (the “dwell time”) fell from 24 days in 2020, to 21 days in 2021…

By Josh Campbell at Cyborg Security Threat hunting isn’t important for companies, it’s an imperative. I can say that with confidence as a practitioner who has worked in security analysis, threat intelligence, SOC management, security policy, and of course threat hunting in the government and the private sector for the…

THREAT SUMMARY Qakbot malware (also known as: QakBot, Quakbot, Pinkslipbot) is a prevalent and well known information-stealing malware that was discovered in 2007, existing for over a decade. Historically viewed as a Banking Trojan and loader (however not solely targeting financial organizations due to its modularity), has evolved since its conception to…

By Josh Campbell from Cyborg Security Implementing robust security strategies can help mitigate the risk of cyber threats, especially in the early stages of an attack. However, implementing a “robust security strategy” isn’t hard, it is Herculean, and requires significant time, talent, and financial commitments. Therefore, many companies turn their…

By Josh Campbell at Cyborg Security Ransomware continues to plague organizations and governments worldwide. In fact, in just the last few weeks, several major federal, state and local governments have been impacted by various ransomware operators. There are also reports of defense contractors being hit hard as well. This is…

by Josh Campbell from Cyborg Security Threat hunting is often referred to as a semi-scientific practice. This is because hunters will deploy hunts based on a hypothesis, collect evidence, and document their findings — all of which should stir (hopefully) fond memories of grade 9 science class. And just like…