CYREBRO Insights

Employee Insights: The Skills Needed To Analyze Phishing Campaigns

Phishing Campaigns Are No Match For Analysts With These Skills   Phishing campaigns are all too common these days. A look back at 2020 showed that 75% of companies globally suffered from an attack. In the United States, 74% of attacks were successful, a 14% increase from 2019, proving bad actors are getting smarter and using…

Opening Phishing Emails
  • Cybersecurity and Data Protection Laws: European Financial Services Firms

    Cybersecurity and Data Protection Laws: European Financial Services Firms

    Businesses operating in the European Union are subject to the strictest cybersecurity and data protection regulations in the world. This is doubly so for financial services firms, which are subject to general laws concerning all businesses as well as specific laws concerning businesses in essential industries. Financial services firms’ exact data protection and cybersecurity obligations…

  • Apache Patches Critical Apache HTTP Server RCE Vulnerability Exploited-in-the-Wild

    Apache Patches Critical Apache HTTP Server RCE Vulnerability Exploited-in-the-Wild

    Apache Software has released an update patching critical remote code execution vulnerability in Apache HTTP Server. A PoC (Proof of Concept) exploit has been published, and the vulnerability has been seen exploited in the wild. The vulnerability CVE-2021-41773 Path traversal vulnerability allowing RCE A vulnerability was found in a change made to path normalization in…

  • Implement These 5 Strategies To Create a Cyber Smart Company

    Implement These 5 Strategies To Create a Cyber Smart Company

    Cyber security is a top concern for every company. As the CISO, leading the charge to keep your company secure from hackers and attacks falls squarely on your shoulders, but it’s certainly not a job you can do on your own. Security and the measures your company takes to remain as secure as possible are…

  • Google Patches Critical Vulnerabilities in Chrome – Patch Now!

    Google Patches Critical Vulnerabilities in Chrome – Patch Now!

    Google has released an emergency update to fix 3 vulnerabilities in Chrome, 2 of them are being exploited in the wild. Successful exploitation of these vulnerabilities could lead to remote arbitrary code execution. Google has released an emergency update to fix 3 vulnerabilities in Chrome, 2 of them are being exploited in the wild. Successful…

  • Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Federal and state legislation say surprisingly little about how ordinary American businesses should manage their cybersecurity. However, financial services and insurance firms are not ordinary businesses. Because of their tendency to deal with sensitive personal data such as social security numbers, bank accounts and tax records, financial services and insurance firms are subject to a…

  • Cisco Patches Critical IOS XE Software RCE, Apple Patches Zero-Day RCE in Catalina, Google Patches Zero-Day RCE in Chrome

    Cisco Patches Critical IOS XE Software RCE, Apple Patches Zero-Day RCE in Catalina, Google Patches Zero-Day RCE in Chrome

    ** Please note this CTI alert contains 3 Sections – Cisco IOS XE Software, Google Chrome and Apple macOS Catalina vulnerabilities ** Cisco Patches Critical IOS XE Software for Catalyst 9000 Family Wireless Controllers RCE Vulnerability Cisco has patched a critical severity remote code execution vulnerability affecting multiple Catalyst 9000 family wireless controllers. The vulnerability may…

  • Employee Insights: The Skills Needed To Analyze Phishing Campaigns

    Employee Insights: The Skills Needed To Analyze Phishing Campaigns

    Phishing Campaigns Are No Match For Analysts With These Skills   Phishing campaigns are all too common these days. A look back at 2020 showed that 75% of companies globally suffered from an attack. In the United States, 74% of attacks were successful, a 14% increase from 2019, proving bad actors are getting smarter and using…

  • Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Federal and state legislation say surprisingly little about how ordinary American businesses should manage their cybersecurity. However, financial services and insurance firms are not ordinary businesses. Because of their tendency to deal with sensitive personal data such as social security numbers, bank accounts and tax records, financial services and insurance firms are subject to a…

  • Cybersecurity and Data Protection Laws: US Healthcare Businesses

    Cybersecurity and Data Protection Laws: US Healthcare Businesses

    Ordinary American businesses are legally obligated to tell consumers when there has been a data breach but are not obligated to have cybersecurity protection in place. However, healthcare organizations are not ordinary businesses. Because they deal with protected health information (PHI), healthcare organizations are subject to special cybersecurity and data privacy rules pertaining only to…

  • More (Security) Tools, More Problems: How Many Security Solutions Do You Really Need?

    More (Security) Tools, More Problems: How Many Security Solutions Do You Really Need?

    It seems like new cyber security threats emerge just about every day. When a potential threat hits the news cycle, security teams feel a sense of urgency to spring into action and purchase a new tool that can protect against the threat. That behavior leads us to where most teams find themselves today: inundated with…

  • Six months later: Key takeaways from the SolarWinds Supply Chain Attack 

    Six months later: Key takeaways from the SolarWinds Supply Chain Attack 

    Last year’s SolarWinds supply chain attack shook the security world. Hundreds of private businesses, many of them Fortune 500 companies, and several US agencies, including the Pentagon, Homeland Security, the Treasury, and the State Department, were all victims as they all use SolarWinds’ Orion system.   The scope of this attack and the fact that hackers…

  • Ransomware Explained (Part 1): What is it and how to prevent it

    Ransomware Explained (Part 1): What is it and how to prevent it

    The rise of ransomware attacks over the past decade has been nothing short of meteoric. Like other forms of malware, ransomware has been in existence for decades and generally poses a threat to all your personal and company devices and data. What makes up a ransomware attack? Why is it potentially one of the most feared cyber-attack types…

  • Cybersecurity and Data Protection Laws: European Financial Services Firms

    Cybersecurity and Data Protection Laws: European Financial Services Firms

    Businesses operating in the European Union are subject to the strictest cybersecurity and data protection regulations in the world. This is doubly so for financial services firms, which are subject to general laws concerning all businesses as well as specific laws concerning businesses in essential industries. Financial services firms’ exact data protection and cybersecurity obligations…

  • Implement These 5 Strategies To Create a Cyber Smart Company

    Implement These 5 Strategies To Create a Cyber Smart Company

    Cyber security is a top concern for every company. As the CISO, leading the charge to keep your company secure from hackers and attacks falls squarely on your shoulders, but it’s certainly not a job you can do on your own. Security and the measures your company takes to remain as secure as possible are…

  • ICYMI: How to Harden Your Security Posture by Maximizing Your Existing Security Tools (Webinar)

    ICYMI: How to Harden Your Security Posture by Maximizing Your Existing Security Tools (Webinar)

    Security professionals need to be laser-focused on strengthening their security posture, but with huge attack surfaces and a multitude of ever-advancing threats, the challenge can sometimes seem insurmountable. However, by using the right tools coupled with a deep understanding of their most valuable business assets, security teams can create a winning strategy that protects their…

  • How to Choose Cyber Security Tools That Won’t Get You Fired 

    How to Choose Cyber Security Tools That Won’t Get You Fired 

    You’ve heard the old saying, “Don’t bring a knife to a gunfight.” Of course, that can apply to so many situations, but it’s incredibly poignant for cyber security professionals. The criminals you’re up against have advanced weaponry. You need to have the same level of tools or ones that are even better if you want…

  • Why breadth of experience is critical in your cybersecurity provider

    Why breadth of experience is critical in your cybersecurity provider

    If there’s one thing we’ve learned from our vast experience in cybersecurity, it’s that cybercriminals don’t discriminate: for the most part they are not looking at location or even industry in their attacks, rather holes to climb through for a breach.   Like many target-driven professions (if we can call cybercrime a profession), cybercriminals look for the path of least…

  • Questions to Ask Your Incident Response Provider

    Questions to Ask Your Incident Response Provider

    It is said that somebody once asked Robert Baden-Powell, the founder of the worldwide Scout movement, what he meant when he coined the motto “Be Prepared.” “Be prepared for what?” the person asked. “Why, for any old thing,” responded Baden-Powell. What Baden-Powell meant by this was that we must always be prepared for whatever challenges…

  • Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Europe’s top value-added distributor has selected CYREBRO’s interactive cloud-based platform to provide an easy to implement, cost-effective solution to MS(S)Ps across Europe MUNICH, GERMANY and TEL AVIV, ISRAEL — AUGUST 10, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that Infinigate, Europe’s largest purveyor of cybersecurity solutions, will be using…

  • Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

  • What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

  • The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The cyberattacks that are launched on large enterprises are the ones that tend to grab the big headlines because of the big numbers involved with their colossal impact. Just from the past year, we had: SolarWinds: compromising 250 federal agencies and businesses Twitter: 130 users hit including high profile accounts such as those of Joe Biden, Barak Obama, Elon Musk, Jeff Bezos,…

  • What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    A close look at the pros and cons of SIEM, MSSP, MDR, and SOCaaS Think cyber criminals only target large enterprises? If you answered yes, you’re not alone. Nearly 70% of small-to-medium businesses (SMBs) are not worried about getting hacked, mostly because they don’t think they have the resources that hackers typically seek out, whether…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

  • Apache Patches Critical Apache HTTP Server RCE Vulnerability Exploited-in-the-Wild

    Apache Patches Critical Apache HTTP Server RCE Vulnerability Exploited-in-the-Wild

    Apache Software has released an update patching critical remote code execution vulnerability in Apache HTTP Server. A PoC (Proof of Concept) exploit has been published, and the vulnerability has been seen exploited in the wild. The vulnerability CVE-2021-41773 Path traversal vulnerability allowing RCE A vulnerability was found in a change made to path normalization in…

  • Google Patches Critical Vulnerabilities in Chrome – Patch Now!

    Google Patches Critical Vulnerabilities in Chrome – Patch Now!

    Google has released an emergency update to fix 3 vulnerabilities in Chrome, 2 of them are being exploited in the wild. Successful exploitation of these vulnerabilities could lead to remote arbitrary code execution. Google has released an emergency update to fix 3 vulnerabilities in Chrome, 2 of them are being exploited in the wild. Successful…

  • Cisco Patches Critical IOS XE Software RCE, Apple Patches Zero-Day RCE in Catalina, Google Patches Zero-Day RCE in Chrome

    Cisco Patches Critical IOS XE Software RCE, Apple Patches Zero-Day RCE in Catalina, Google Patches Zero-Day RCE in Chrome

    ** Please note this CTI alert contains 3 Sections – Cisco IOS XE Software, Google Chrome and Apple macOS Catalina vulnerabilities ** Cisco Patches Critical IOS XE Software for Catalyst 9000 Family Wireless Controllers RCE Vulnerability Cisco has patched a critical severity remote code execution vulnerability affecting multiple Catalyst 9000 family wireless controllers. The vulnerability may…

  • Voicenter Data Breach

    Voicenter Data Breach

    On September 19th, Voicenter became a victim of a Data Breach and a Ransomware attack. On September 21st, the attackers began leaking stolen data to the public. According to the attackers, they are in possession of 15 Terabytes of data related to Voicenter and ~8,000 of their clients. This information consists of names, emails, phone…

  • Apple Patches 4 RCE Vulnerabilities in Safari, VMware Patches Critical vCenter Server RCE, NETGEAR Patches Critical RCE in 11 Routers

    Apple Patches 4 RCE Vulnerabilities in Safari, VMware Patches Critical vCenter Server RCE, NETGEAR Patches Critical RCE in 11 Routers

    Please note this CTI alert contains 3 Sections – Apple’s Safari, VMware, and NETGEAR vulnerabilities  Apple Patches 4 RCE Vulnerabilities in Safari Apple has released a security update to address 4 Remote Code Execution vulnerabilities in Safari. The patches are available for macOS Big Sur and macOS Catalina.  The Vulnerabilities CVE-2021-30846 CVE-2021-30848 CVE-2021-30849 CVE-2021-30851 All…

  • Critical Vulnerability in Microsoft Azure Cosmos DB

    Critical Vulnerability in Microsoft Azure Cosmos DB

    Microsoft has fixed a critical vulnerability affecting Azure Cosmos DB. Azure Cosmos DB is a globally distributed and fully managed NoSQL database service. The vulnerability The vulnerability gives any Azure user full admin access (read, write, delete) to another customer’s Cosmos DB instances without authorization. The vulnerability has a trivial exploit that doesn’t require any…

Sign Up for Updates