THREAT SUMMARY Qakbot malware (also known as: QakBot, Quakbot, Pinkslipbot) is a prevalent and well known information-stealing malware that was discovered in 2007, existing for over a decade. Historically viewed as a Banking Trojan and loader (however not solely targeting financial organizations due to its modularity), has evolved since its conception to…

By Josh Campbell from Cyborg Security Implementing robust security strategies can help mitigate the risk of cyber threats, especially in the early stages of an attack. However, implementing a “robust security strategy” isn’t hard, it is Herculean, and requires significant time, talent, and financial commitments. Therefore, many companies turn their…

By Josh Campbell at Cyborg Security Ransomware continues to plague organizations and governments worldwide. In fact, in just the last few weeks, several major federal, state and local governments have been impacted by various ransomware operators. There are also reports of defense contractors being hit hard as well. This is…

by Josh Campbell from Cyborg Security Threat hunting is often referred to as a semi-scientific practice. This is because hunters will deploy hunts based on a hypothesis, collect evidence, and document their findings — all of which should stir (hopefully) fond memories of grade 9 science class. And just like…

By Cyborg Security Introduction Structured threat hunting (often referred to as hypothesis-based hunting) remains one of the best ways that organizations can find previously undetected threats in their environment. It works so well because it structures the hunt around a central proposition, and at the end of the hunt, hunt teams…

By Josh Campbell at Cyborg Security The threat hunting community is quite small. As a result of that, the threat hunting community is also very tight knit. This can make breaking into the field a challenge, especially when you are just starting out and looking for advice. …

By Josh Campbell at Cyborg Security Cyber threat hunting is a sub-discipline to threat detection that relies on proactive and iterative searching through data to identify otherwise undetected threats. It does this through a variety of mechanisms and methodologies, typically by looking for statistical outliers (in so-called data-driven­ hunting) or…

By Josh Campbell at Cyborg Security One thing every threat hunter knows is that there is often more than one way to skin a… ahem… digital cat. And a lot of threat hunters will share their knowledge and toolsets with other hunters informally, making it hard for the burgeoning hunting…

By Josh Campbell at Cyborg Security One thing every threat hunter finds out early on is that learning to hunt ain’t easy. There is a lot of great material out there that tends to focus on theory and strategy, but a lot less that gets into the weeds of threat…