Skip to content
🎉 Welcome! Threatbear can now offer managed detection and response services for 24x7x365 coverage!

Blog

How to enable the Elastic Defend system extension in macOS Sequoia

#elastic#cybersecurity#macos

Are you having trouble enabling Elastic system extension in macOS Sequoia? This guide helps you navigate the changes and enable the extension!

Read more →

June 24, 2025

Ag-tech Cybersecurity Partner for Darling Downs

#agtech#cybersecurity

Threatbear provides expert cybersecurity advice and technology to the agricultural industry in Toowoomba, Dalby and the Darling Downs.

Read more →

May 6, 2025

Network defence using RouterOS (Part 1)

#routerOs

When looking for threats sometimes you know exactly what you’re looking for. Sometimes — actually often — you only have a general direction in which you wish to conduct your hunt. RouterOS has an operator for a fuzzy search ~ and an operator for an exact match = . This is extremely useful for those situations in which you only have a single clue to go on! If you’re anything like me, once you have a single “high signal” indicator, this then is all the motivation you need to continue the search no matter how arduous.

Read more →

May 26, 2024

Is RouterOS vulnerable to CVE-2023-48795 ?

It was recently discovered that the SSH protocol has a weakness that enables an attacker with the ability to perform a man in the middle…

Read more →

December 19, 2023

Quick and dirty RouterOS forensics

#cybersecurity#routerOs

How to quickly perform a basic forensic investigation of a Mikrotik RouterOS system.

Read more →

December 14, 2023

RouterOS visibility using Elastic Security

#engineering#Mikrotik#Elastic

How to send Mikrotik RouterOS events to Elasticsearch using the Syslog UDP input.

Read more →

December 11, 2023

Backing up Proxmox VMs to Backblaze B2

#engineering

How to backup your proxmox cluster to cheap blob storage

Read more →

September 26, 2023

Microsoft Edge popping shells on macOS

If you’re wondering why Microsoft Edge on Mac spawns a bash shell on Mac you might have the same reaction and thought process as me.

Read more →

July 6, 2023

Properly renaming Proxmox nodes

#engineering

How to rename proxmox nodes when you have VMs already present on the cluster - this post shows how to do this in 5 steps.

Read more →

October 17, 2022

Zeek without rc.local

In order for Zeek to properly capture packets you need to disable some network card features, such as tcp offloading and the like.

Read more →

October 7, 2022

Next 2/3