Out of the Woods: The Threat Hunting Podcast Out of the Woods: The Threat Hunting Podcast

Threat Hunting Workshop: Hunting for Command and Control
31 July 2024 | 12:00 - 1:00 pm ET

Register Here!

Black Hat 2024 Training with Lee Archinal
"A Beginner's Guide to Threat Hunting: How to Shift Focus from IOCs to Behaviors and TTPs" | Secure your spot now at a discounted rate:



3-4 Aug 2024: Sign Up Here!


5-6 Aug 2024: Sign Up Here!


-----




Top 5 Threat Hunting Headlines - 22 July 2024



1. Popular Ukrainian Telegram Channels Hacked to Spread Russian Propaganda
https://therecord.media/ukrainian-news-telegram-channels-hacked-russian-propaganda?&web_view=true
2. New Play Ransomware Linux Variant Targets ESXI Shows Ties with Prolific Puma
https://www.trendmicro.com/en_us/research/24/g/new-play-ransomware-linux-variant-targets-esxi-shows-ties-with-p.html
3. Dragos Frostygoop Report
https://regmedia.co.uk/2024/07/23/dragos_frostygoop-report.pdf
4. Likely Ecrome Actor Capitalizing on Falcon Sensor Issues
https://www.crowdstrike.com/blog/likely-ecrime-actor-capitalizing-on-falcon-sensor-issues/
5. Internet Organised Crime Threat Assessment 2024
https://www.europol.europa.eu/cms/sites/default/files/documents/Internet%20Organised%20Crime%20Threat%20Assessment%20IOCTA%202024.pdf


-----

Follow Us!




Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc

Threat Hunting Workshop: Hunting for Command and Control
31 July 2024 | 12:00 - 1:00 pm ET

Register Here!

Black Hat 2024 Training with Lee Archinal
"A Beginner's Guide to Threat Hunting: How to Shift Focus from IOCs to Behaviors and TTPs"
Regular Registration closes on July 19, 2024! Secure your spot now at a discounted rate:



3-4 Aug 2024: Sign Up Here!


5-6 Aug 2024: Sign Up Here!


-----




Top 5 Threat Hunting Headlines - 15 July 2024



1. Infosecurity Magazine | CISA Urges Software Makers to Eliminate OS Command Injection Flaws
https://www.infosecurity-magazine.com/news/cisa-software-eliminate-command/?&web_view=true
2. Wazuh | Detecting Living Off the Land Attacks with Wazuh
https://wazuh.com/blog/detecting-living-off-the-land-attacks-with-wazuh/
3. ClickFIx Deception: A Social Engineering Tactic to Deploy Malware
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/clickfix-deception-a-social-engineering-tactic-to-deploy-malware/
4. The Hacker News | 10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit
https://thehackernews.com/2024/07/10000-victims-day-infostealer-garden-of.html?m=1
5. Blackberry | Coyote Banking Trojan Targets LATAM with a Focus on Brazillian Financial Institutions 
https://blogs.blackberry.com/en/2024/07/coyote-banking-trojan-targets-latam-with-a-focus-on-brazilian-financial-institutions?&web_view=true


-----

Follow Us!




Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc

Threat Hunting Workshop: Hunting for Command and Control
31 July 2024 | 12:00 - 1:00 pm ET

Register Here!

Black Hat 2024 Training with Lee Archinal
"A Beginner's Guide to Threat Hunting: How to Shift Focus from IOCs to Behaviors and TTPs"
Regular Registration closes on July 19, 2024! Secure your spot now at a discounted rate:



3-4 Aug 2024: Sign Up Here!


5-6 Aug 2024: Sign Up Here!


-----




Top 5 Threat Hunting Headlines - 1 July 2024



1. Qualys Security Blog | Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server?web_view=true
2. ZScaler | Kimsuky Deploys TRANSLATEXT to Target South Korean Academia
https://www.zscaler.com/blogs/security-research/kimsuky-deploys-translatext-target-south-korean-academia
3. The Register | Police Allege 'Evil Twin' In-Flight WiFi Used to Steal Info & Australian Federal Police | Man Charged Over Creation of 'Evil Twin' Free WiFi Networks to Access Personal Data

https://www.theregister.com/2024/07/01/australia_evil_twin_wifi_airline_attack/?&web_view=true
https://www.afp.gov.au/news-centre/media-release/man-charged-over-creation-evil-twin-free-wifi-networks-access-personal

4. GitHub | JPCERTCC/LogonTracer
https://github.com/JPCERTCC/LogonTracer
5. Help Net Security | 75% of New Vulnerabilities Exploited Within 19 Days 
https://www.helpnetsecurity.com/2024/06/27/nvd-vulnerabilities/?web_view=true
-----

Follow Us!




Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc

Black Hat 2024 Training with Lee Archinal
"A Beginner's Guide to Threat Hunting: How to Shift Focus from IOCs to Behaviors and TTPs"
Regular Registration closes on July 19, 2024! Secure your spot now at a discounted rate:
*3-4 Aug 2024: Sign Up Here!
*5-6 Aug 2024: Sign Up Here!

-----




Top 5 Threat Hunting Headlines - 25 June 2024



1. Positive Technologies | ExCobalt: GORed, the hidden-tunnel technique
https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/excobalt-gored-the-hidden-tunnel-technique/
2. Cisco Talos | SneakyChef espionage group targets government agencies with SugarCh0st and more infection techniques
https://blog.talosintelligence.com/sneakychef-sugarghost-rat/
3. Help Net Security | 1 out of 3 breaches go undetected 
https://www.helpnetsecurity.com/2024/06/24/detecting-breaches-struggle-in-organizations/?web_view=true
4. Ars Technica | Dell said return to office or else - nearly half of the workers chose "or else"
https://arstechnica.com/gadgets/2024/06/nearly-half-of-dells-workforce-refused-to-return-to-the-office/
5. Infosecurity Magazine | Cybersecurity Burnout Costing Firms $700m+ Annually
https://www.infosecurity-magazine.com/news/cybersecurity-burnout-costing-700m/?&web_view=true
-----

Follow Us!




Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc

Black Hat 2024 Training with Lee Archinal
"A Beginner's Guide to Threat Hunting: How to Shift Focus from IOCs to Behaviors and TTPs"
Regular Registration closes on July 19, 2024! Secure your spot now at a discounted rate:
*3-4 Aug 2024: Sign Up Here!
*5-6 Aug 2024: Sign Up Here!

-----




Top 5 Threat Hunting Headlines - 10 June 2024



1. Google Cloud | UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion
https://cloud.google.com/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion
2. Morphisec | Howling at the Inxos: Sticky Werewolf's Latest Malicious Aviation Attacks
https://blog.morphisec.com/sticky-werewolfs-aviation-attacks
3. Vonahi Security | Automated Penetration Testing & Cyber Security Services - Top 10 Crticial Pentest Findings Report
https://www.vonahi.io/pentest-report-2024?utm=source=701Rp00000B6bue
4. The DFIR Report | IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
https://thedfirreport.com/2024/06/10/icedid-brings-screenconnect-and-csharp-streamer-to-alphv-ransomware-deployment/
5. Zscaler | Technical Analysis of the Latest Variant of ValleyRAT
https://www.zscaler.com/blogs/security-research/technical-analysis-latest-variant-valleyrat
-----

Follow Us!




Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc

Black Hat 2024 Training with Lee Archinal
"A Beginner's Guide to Threat Hunting: How to Shift Focus from IOCs to Behaviors and TTPs"
Early registration closes on May 24, 2024! Secure your spot now at a discounted rate:
*3-4 Aug 2024: Sign Up Here!
*5-6 Aug 2024: Sign Up Here!

-----




Top 5 Threat Hunting Headlines - 22 May 2024



1. Kandji | Malware: Cuckoo Behaves Like Cross Between Infostealer and Spyware
https://blog.kandji.io/malware-cuckoo-infostealer-spyware
2. Rapid7 | Ongoing Malvertising Campaign Leads to Ransomware
https://www.rapid7.com/blog/post/2024/05/13/ongoing-malvertising-campaign-leads-to-ransomware/
3. Unit 42 | Payload Trends in Malicious OneNote Samples
https://unit42.paloaltonetworks.com/payloads-in-malicious-onenote-samples/
4. Check Point Research | Bad Karma, No Justice: Void Manticore Destructive Activities in Isreal
https://research.checkpoint.com/2024/bad-karma-no-justice-void-manticore-destructive-activities-in-israel/
5. Aqua Nautilus | Kinsing Demystified - A comprehensive Technical Guide
https://1665891.fs1.hubspotusercontent-na1.net/hubfs/1665891/Threat%20reports/AquaSecurity_Kinsing_Demystified_Technical_Guide.pdf


-----

Follow Us!




Twitter: https://twitter.com/CyborgSecInc
LinkedIn: https://www.linkedin.com/company/cyborg-security/
YouTube: https://www.youtube.com/cyborgsecurity
Discord: https://discord.gg/DR4mcW4zBr
TikTok: https://www.tiktok.com/@cyborgsecinc