CYREBRO Insights

Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

Background Earlier this month, Colonial Pipeline — the largest pipeline system for refined oil production in the U.S. — suffered a ransomware attack that resulted in the closure of one of the largest U.S. pipelines. As a result of the attack, the pipeline operator was forced to temporarily halt all pipeline operations resulting in massive…

  • Cybersecurity Isn’t Enough: You Need A Human Intelligence Team

    Cybersecurity Isn’t Enough: You Need A Human Intelligence Team

    Cybersecurity threats are growing in number and sophistication every year. Since 2017, the industry has seen a year-over-year increase of 27%, with hundreds of millions of attacks occurring every day in 2020. As we saw with the SolarWinds attack and the recent attack on US fuel pipeline operator Colonial Pipeline, even the best cyber defenses implemented by…

  • Two Emerging Vector Trends

    Two Emerging Vector Trends

    Life is never dull for cybersecurity teams, but we’ve seen an increase in two types of threat vectors during the first half of 2021. Reports of the recent Codecov Bash Uploaded security breach is an example of a supply chain attack, while common vulnerabilities and exposures (CVE) have shown up in increased frequency at Apple,…

  • Why Software Supply Chain Attacks are a CEO’s Nightmare

    Why Software Supply Chain Attacks are a CEO’s Nightmare

    Recent supply chain attacks such as SolarWinds and Mimecast have shown that these types of attacks are definitely on the increase for enterprises. You might think that as a small to medium business (SMB), you have less to worry about compared to an enterprise. But SMBs have just as much – if not more – to worry about…

  • Best Practices for Improving Cloud Incident Response in 2021

    Best Practices for Improving Cloud Incident Response in 2021

    According to a recent report, 75% of enterprises are concerned about the security of their cloud assets, data, and systems.  With the average global cost of a data breach coming in at $3.86 million, it has never been more important to be able to detect, prevent, and resolve incidents as effectively and as quickly as possible.  But doing so can be very challenging.…

  • The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    May 7 is World Password Day, the official day for the promotion of better password habits to businesses and individuals.    To mark this special day, here are five top scenes from film and TV that realistically portray some of the simple methods hackers can use to steal passwords.   1- WarGames This 80s classic begins with David Lightman (a young Matthew Broderick in his breakthrough…

  • A Smart SOC in space – Protecting the Millennium Falcon

    A Smart SOC in space – Protecting the Millennium Falcon

    If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

  • Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

    Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

    Background Earlier this month, Colonial Pipeline — the largest pipeline system for refined oil production in the U.S. — suffered a ransomware attack that resulted in the closure of one of the largest U.S. pipelines. As a result of the attack, the pipeline operator was forced to temporarily halt all pipeline operations resulting in massive…

  • Cybersecurity Isn’t Enough: You Need A Human Intelligence Team

    Cybersecurity Isn’t Enough: You Need A Human Intelligence Team

    Cybersecurity threats are growing in number and sophistication every year. Since 2017, the industry has seen a year-over-year increase of 27%, with hundreds of millions of attacks occurring every day in 2020. As we saw with the SolarWinds attack and the recent attack on US fuel pipeline operator Colonial Pipeline, even the best cyber defenses implemented by…

  • Two Emerging Vector Trends

    Two Emerging Vector Trends

    Life is never dull for cybersecurity teams, but we’ve seen an increase in two types of threat vectors during the first half of 2021. Reports of the recent Codecov Bash Uploaded security breach is an example of a supply chain attack, while common vulnerabilities and exposures (CVE) have shown up in increased frequency at Apple,…

  • Why Software Supply Chain Attacks are a CEO’s Nightmare

    Why Software Supply Chain Attacks are a CEO’s Nightmare

    Recent supply chain attacks such as SolarWinds and Mimecast have shown that these types of attacks are definitely on the increase for enterprises. You might think that as a small to medium business (SMB), you have less to worry about compared to an enterprise. But SMBs have just as much – if not more – to worry about…

  • The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    May 7 is World Password Day, the official day for the promotion of better password habits to businesses and individuals.    To mark this special day, here are five top scenes from film and TV that realistically portray some of the simple methods hackers can use to steal passwords.   1- WarGames This 80s classic begins with David Lightman (a young Matthew Broderick in his breakthrough…

  • A Smart SOC in space – Protecting the Millennium Falcon

    A Smart SOC in space – Protecting the Millennium Falcon

    If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

  • Best Practices for Improving Cloud Incident Response in 2021

    Best Practices for Improving Cloud Incident Response in 2021

    According to a recent report, 75% of enterprises are concerned about the security of their cloud assets, data, and systems.  With the average global cost of a data breach coming in at $3.86 million, it has never been more important to be able to detect, prevent, and resolve incidents as effectively and as quickly as possible.  But doing so can be very challenging.…

  • Protecting Your Network Without an Internal Cyber Team

    Protecting Your Network Without an Internal Cyber Team

    It can be challenging for businesses to stay on top of their cybersecurity. They feel that their relative anonymity protects them from hackers who are looking to break into Fortune 500 networks and financial institutions. Unfortunately, hackers view their sites as ready-made training grounds.   Disruptions caused by hackers can harm sales, interfere with operations, and corrupt or expose data. Consumers…

  • 7 Challenges That Stand in the Way of Your Compliance Efforts

    7 Challenges That Stand in the Way of Your Compliance Efforts

    Ensuring cybersecurity compliance can be cumbersome (and a pain), but if you don’t do it, it can literally cost you your business. There are hundreds of controls, and numerous requirements imposed by multiple regulatory bodies and private industry groups. What’s more, organizations with global operations must face the additional and major challenge of having to…

  • Minimal Security Changes That Make A Significant Impact

    Minimal Security Changes That Make A Significant Impact

    If you find yourself saying, “I own a small company. I won’t be targeted,” unfortunately, the data is not on your side. Over 40% of data breaches happen to small businesses.   Fundera compiled a list of terrifying facts about cybercriminals, data breaches, and security hacks. It’s enough to make your head spin.   Cybercrime costs small and medium businesses…

  • Cybersecurity and Data Protection Laws 101

    Cybersecurity and Data Protection Laws 101

    Aside from the obvious need to protect your business, customers and reputation, there is another reason for businesses of all sizes to use cybersecurity to guard users’ personal information: staying compliant with the law. As things stand, federal laws in the United States deal mainly with who is obligated to implement cybersecurity protections (bottom line:…

  • What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

  • What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

  • The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The cyberattacks that are launched on large enterprises are the ones that tend to grab the big headlines because of the big numbers involved with their colossal impact. Just from the past year, we had: SolarWinds: compromising 250 federal agencies and businesses Twitter: 130 users hit including high profile accounts such as those of Joe Biden, Barak Obama, Elon Musk, Jeff Bezos,…

  • What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    A close look at the pros and cons of SIEM, MSSP, MDR, and SOCaaS Think cyber criminals only target large enterprises? If you answered yes, you’re not alone. Nearly 70% of small-to-medium businesses (SMBs) are not worried about getting hacked, mostly because they don’t think they have the resources that hackers typically seek out, whether…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

  • Why Mastering Cyber Incident Response Is a Must

    Why Mastering Cyber Incident Response Is a Must

    Every SMB Is at Risk “What you may not know, however, is that small to mid-sized businesses (SMBs) are frequent targets of destructive cyberattacks, many of which can be crippling.” (Forbes) There’s no getting around it. Sooner or later your organization will get hit by a cyber attack… if it hasn’t been already. If you believe that you’re not big…

  • Why you Need to Revamp your Security Strategy in a Mostly Remote World

    Why you Need to Revamp your Security Strategy in a Mostly Remote World

    It’s been nearly a year now since the pandemic has sent millions worldwide to work from home and has compelled organizations to establish operations outside the traditional security border. As such, there is now great pressure to protect these remote workers, their devices, and their network against ever-increasing rates of cyberattacks. To make the job…

Sign Up for Updates