CYREBRO Blog

The OSINT Impact on Modern Cybersecurity Practices

Think about the thousands of artifacts and clues that a team of archeologists excavate and examine to construct a coherent narrative of past civilizations. Each artifact serves as a clue that provides a snippet of insight into how the people of that time lived. Digging up small artifacts in this matter is still being conducted…

  • Securing the Growing Attack Surface Introduced by IoTs

    Securing the Growing Attack Surface Introduced by IoTs

    Spurred by digitization and substantial advances in artificial intelligence (AI) and machine learning (ML), the number of Internet of Things (IoT) devices is increasing at breakneck speeds. Every minute, 7,620 new IoT devices are added to the Internet, and by 2030, there will be more than 29 billion connected IoT devices. While IoT devices enhance an organization’s efficiency…

  • A Different Kind of Threat – Hacktivism in a Connected World

    A Different Kind of Threat – Hacktivism in a Connected World

    Is there ever a circumstance when committing a crime can be justified? Picture a scenario where authorities apprehend an individual for hacking into a massive database and publishing the exfiltrated data. As he is put into cuffs, the defendant states, “It was for a good cause.” This defense could very likely be the creed of…

  • Maximizing Cybersecurity ROI – The Hidden Value of MSSPs in Today’s Landscape

    Maximizing Cybersecurity ROI – The Hidden Value of MSSPs in Today’s Landscape

    Cyberattacks are relentless, evolving, and increasingly sophisticated; hardening your security posture and safeguarding your organization’s digital assets is more critical than ever. But, with business expenses rising and budgets tightening, how can companies amp up security while keeping costs down?  For many business leaders, cybersecurity remains an enigma, often overshadowed by the belief that outsourcing…

  • Ransomware Strikes Manufacturers: Growing Threats to IP and Downtime 

    Ransomware Strikes Manufacturers: Growing Threats to IP and Downtime 

    The manufacturing industry has found itself on the front lines of a relentless and escalating battle against ransomware attacks in recent years. These malicious threats are being launched at manufacturers of all sizes, and attacks no longer stop with data encryption. While causing downtime through operational and manufacturing disruption remains the most impactful way for…

  • Mastering the Alert Storm – The Security Alert Management Process 

    Mastering the Alert Storm – The Security Alert Management Process 

    Securing a home mortgage for a residential property can be an overwhelming experience given the sheer volume of paperwork involved. Amidst the myriad pages requiring your signature and initials, it’s easy to lose sight of the details you’re consenting to. This is where a closing attorney steps in to guide and elucidate. In today’s digital…

  • You Clicked on a Phishing Link, Now What?

    You Clicked on a Phishing Link, Now What?

    We all experience that “uh-oh moment” from time to time. It’s that moment you wake up and realize you left your credit card sitting on the table at the restaurant last night. Fortunately, it only takes a phone call to cancel the card and receive a new one in two days. If you had left…

  • The OSINT Impact on Modern Cybersecurity Practices

    The OSINT Impact on Modern Cybersecurity Practices

    Think about the thousands of artifacts and clues that a team of archeologists excavate and examine to construct a coherent narrative of past civilizations. Each artifact serves as a clue that provides a snippet of insight into how the people of that time lived. Digging up small artifacts in this matter is still being conducted…

  • A Different Kind of Threat – Hacktivism in a Connected World

    A Different Kind of Threat – Hacktivism in a Connected World

    Is there ever a circumstance when committing a crime can be justified? Picture a scenario where authorities apprehend an individual for hacking into a massive database and publishing the exfiltrated data. As he is put into cuffs, the defendant states, “It was for a good cause.” This defense could very likely be the creed of…

  • Maximizing Cybersecurity ROI – The Hidden Value of MSSPs in Today’s Landscape

    Maximizing Cybersecurity ROI – The Hidden Value of MSSPs in Today’s Landscape

    Cyberattacks are relentless, evolving, and increasingly sophisticated; hardening your security posture and safeguarding your organization’s digital assets is more critical than ever. But, with business expenses rising and budgets tightening, how can companies amp up security while keeping costs down?  For many business leaders, cybersecurity remains an enigma, often overshadowed by the belief that outsourcing…

  • Ransomware Strikes Manufacturers: Growing Threats to IP and Downtime 

    Ransomware Strikes Manufacturers: Growing Threats to IP and Downtime 

    The manufacturing industry has found itself on the front lines of a relentless and escalating battle against ransomware attacks in recent years. These malicious threats are being launched at manufacturers of all sizes, and attacks no longer stop with data encryption. While causing downtime through operational and manufacturing disruption remains the most impactful way for…

  • Mastering the Alert Storm – The Security Alert Management Process 

    Mastering the Alert Storm – The Security Alert Management Process 

    Securing a home mortgage for a residential property can be an overwhelming experience given the sheer volume of paperwork involved. Amidst the myriad pages requiring your signature and initials, it’s easy to lose sight of the details you’re consenting to. This is where a closing attorney steps in to guide and elucidate. In today’s digital…

  • Maintaining Operations, Connectivity, and Security in the Manufacturing Sector

    Maintaining Operations, Connectivity, and Security in the Manufacturing Sector

    Build it and they will come. Not only is it the famous line from a movie, but it also rings true for cybercriminals. In this case, it isn’t what is being built, but the manufacturing process itself that attracts nefarious characters. A 2022 study conducted by IBM showed that no industry is targeted by cyber…

  • Log4j Is Still Causing Havoc: What We Learned From Log4Shell

    Log4j Is Still Causing Havoc: What We Learned From Log4Shell

    If you knew you were at risk for diabetes or cancer, you’d take all the necessary precautions to avoid or delay onset. You’d go for routine checkups and tests to ensure that if signs of the disease appear, you could catch it early, treat it, and hopefully avoid a deadly outcome. A company’s cybersecurity health…

  • Reverse Proxies Are Killing Your MFA

    Reverse Proxies Are Killing Your MFA

    If you’re old enough to remember landlines (or have seen any 1980s or 90s movie about teens looking to put one over on their parents), chances are your parents pulled a real-world man-in-the-middle attack (MITM) on you. There you were as a sneaky teenager plotting with a friend over the phone about going to a…

  • Phishing with GIFShell in Microsoft Teams

    Phishing with GIFShell in Microsoft Teams

    People love GIFs. We add them to emails, texts, tweets, and Slack chat groups all day long as we chat away with co-workers, friends, and family. We use them as a communication tool to show emotion and convey a tone when a plain text message might fall flat. If a picture says a thousand words,…

  • Legitimate Platforms Becoming not so Legitimate Playgrounds for Hackers

    Legitimate Platforms Becoming not so Legitimate Playgrounds for Hackers

    You would be hard pressed to come up with a more nostalgic image than a child running a lemonade stand in their front yard on a hot afternoon. Unfortunately, there is nothing nostalgic about what some young entrepreneurs are doing today.  A team of researchers recently uncovered a group of minors that were running what…

  • Phishing-Resistant MFA Proves Again That Weak Links Should Be Layered with Defense

    Phishing-Resistant MFA Proves Again That Weak Links Should Be Layered with Defense

    Cybersecurity is a constant game of the cat chasing the mouse. The cat (a business) continues to believe that with each new plan of attack (i.e., security strategy or tool), it will finally be able to catch the mouse or, in this case, harden its security posture enough to prevent the mouse (a bad actor)…

  • The New Phishing Method That Bypasses MFA

    The New Phishing Method That Bypasses MFA

    Security experts, including our team at CYREBRO, tout the benefits of using multi-factor authentication (MFA) for an added layer of security. While that is still sound advice, recent research shows that a new phishing technique, which steals authentication cookies through Microsoft Edge WebView2 applications, can render MFA useless if people don’t take other precautions. Discovering…

  • SIEM Optimization Through MITRE ATT&CK: Staying Ahead of Threats with CYREBRO 

    SIEM Optimization Through MITRE ATT&CK: Staying Ahead of Threats with CYREBRO 

    The MITRE ATT&CK framework is a crucial tool in the cybersecurity landscape that enables organizations to improve their security posture. It is a knowledge base of adversary tactics, techniques, and procedures (TTPs) and a common language for discussing and understanding cyber threats. Security teams rely on the framework to identify potential weaknesses in their systems…

  • Alert Prioritization – Correlations Create Context, Context Creates Clarity

    Alert Prioritization – Correlations Create Context, Context Creates Clarity

    How many times have you seen the following scenarios play out? A big news event occurs, and TV networks rush to get the story out before everybody else. Unfortunately, the early conclusions made about the event turn out to be completely wrong once additional facts come out. In another example, a video snippet showing someone…

  • Taking Visibility to a New Level CYREBRO SOC Platform 2.0

    Taking Visibility to a New Level CYREBRO SOC Platform 2.0

    Our mission at CYREBRO is to bring state-level cybersecurity to businesses of all sizes and types. We believe that all businesses should always see and understand their cybersecurity with clarity, and have the means and capabilities to mitigate cyber threats against their business. That’s why we are launching a new version of our SOC Platform.…

  • A Smart SOC in space – Protecting the Millennium Falcon

    A Smart SOC in space – Protecting the Millennium Falcon

    If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

  • Utilizing SOC Infrastructure vs Managed EDR – an MSSP perspective

    Utilizing SOC Infrastructure vs Managed EDR – an MSSP perspective

    The constant headlines concerning the latest attacks on companies across the industry spectrum serve as constant reminders of the importance of cybersecurity. Digital transformation alone is not enough. You must secure that digital environment, and it’s something that even SMBs have come to realize all too well. Unfortunately, most SMBs lack the technology stack, talent,…

  • 13 Questions to ask your SOC provider

    13 Questions to ask your SOC provider

    As cyber-attacks have become more frequent and complex, there has been a surge in the number of Security Operations Center SOC platforms specializing in threat hunting and incident response.  The SOC market is projected to grow from $471 million in 2020 to $1.656 billion by 2025, at a compound annual growth rate of 28.6% during…

  • The OSINT Impact on Modern Cybersecurity Practices

    The OSINT Impact on Modern Cybersecurity Practices

    Think about the thousands of artifacts and clues that a team of archeologists excavate and examine to construct a coherent narrative of past civilizations. Each artifact serves as a clue that provides a snippet of insight into how the people of that time lived. Digging up small artifacts in this matter is still being conducted…

  • Securing the Growing Attack Surface Introduced by IoTs

    Securing the Growing Attack Surface Introduced by IoTs

    Spurred by digitization and substantial advances in artificial intelligence (AI) and machine learning (ML), the number of Internet of Things (IoT) devices is increasing at breakneck speeds. Every minute, 7,620 new IoT devices are added to the Internet, and by 2030, there will be more than 29 billion connected IoT devices. While IoT devices enhance an organization’s efficiency…

  • You Clicked on a Phishing Link, Now What?

    You Clicked on a Phishing Link, Now What?

    We all experience that “uh-oh moment” from time to time. It’s that moment you wake up and realize you left your credit card sitting on the table at the restaurant last night. Fortunately, it only takes a phone call to cancel the card and receive a new one in two days. If you had left…

  • Pre and Post Breach Insights From the MOVEit Incident – Strengthening Cyber Posture

    Pre and Post Breach Insights From the MOVEit Incident – Strengthening Cyber Posture

    In 1972, Edward Norton Lorenz, a mathematician and meteorologist, introduced the world to the Butterfly Effect, giving birth to the science of chaos theory. The “Butterfly Effect” rests on the notion that the world is so interconnected today, that a one-time small occurrence can have a major impact on a larger more complex system. He…

  • Beyond Patch Management: The Hidden Danger of Network Scans

    Beyond Patch Management: The Hidden Danger of Network Scans

    Police officers, during a blackout, often check if a neighborhood has regained power by spotting the faint glow of doorbells. This tiny beacon of light, even in an empty house, indicates the restoration of electricity. Similarly, criminals employ surprisingly simplistic methods to identify potential targets. For instance, car thieves casually traverse streets, subtly lifting car…

  • Defending the Classroom: Cybersecurity Threats in Education Systems

    Defending the Classroom: Cybersecurity Threats in Education Systems

    Duck, duck, duck… goose! In the classic schoolyard game, the ‘it’ player walks around a circle of seated children, gently tapping their heads and calling them ‘duck.’ Tension builds with every tap until the player chooses an opponent by calling them ‘goose.’ The ‘it’ player runs around the circle and tries to slide into the…

  • The Benefits of Choosing a Reliable MSSP (Part 2 of 2)

    The Benefits of Choosing a Reliable MSSP (Part 2 of 2)

    Businesses are facing an uphill battle when it comes to cybersecurity. The number of threat actors is multiplying daily, as are their skills and attacks. Simultaneously, security leaders, already dealing with staff and skills shortages, must do more with lower budgets. How can a business amp up its security in such turbulent times? In a…

  • The Benefits of Choosing a Reliable MSSP (Part 1 of 2)

    The Benefits of Choosing a Reliable MSSP (Part 1 of 2)

    The last few years have put SMBs in a precarious position, and it doesn’t appear as though their situation will ease any time soon. Current inflation rates and a looming recession have forced many to tighten their belts and reevaluate how their budgets are distributed across different departments. In the wake of several years of…

  • What is the NIST Cybersecurity Framework and How is it Relevant to Your Organization?

    What is the NIST Cybersecurity Framework and How is it Relevant to Your Organization?

    We’ve written a lot on the CYREBRO blog about U.S. cybersecurity laws–rules that businesses in specific sectors such as financial services and healthcare are obligated to follow. Today we’d like to introduce a related but different topic: cybersecurity standards, namely the U.S. National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). A standard is…

  • Cybersecurity and Data Protection Laws: EU Healthcare Businesses

    Cybersecurity and Data Protection Laws: EU Healthcare Businesses

    Businesses operating in the European Union are subject to the strictest data protection regulation in the world, the General Data Protection Regulation (GDPR). Unlike the United States, the EU doesn’t have an industry-specific cybersecurity law for the healthcare sector. However, healthcare organizations are subject to a new cybersecurity law for businesses in essential industries, known…

  • 5 Commonly Overlooked Signs of a Hack

    5 Commonly Overlooked Signs of a Hack

    There are security system rules configurations that can indicate these threats, so if you see any one of these, there is a good chance that your system has been compromised somewhere along the way. Someone else is reading your emails! (The Windows Outlook Hack) If you use Microsoft Outlook for your emails, your emails can…

  • Why the Financial Sector Is Especially Vulnerable to the Insider Sabotage Threat 

    Why the Financial Sector Is Especially Vulnerable to the Insider Sabotage Threat 

    In the 2008 crime comedy movie Mad Money, three women with menial jobs at the Federal Reserve Bank of Kansas City plot to steal money from the branch. Each works in a different department, but by leveraging their work responsibilities and unique access to areas of the building, they’re able to pull off their theft…

  • Blog – Cybertech TLV 2023 – AI & Cloud & Regulations, Oh My!

    Blog – Cybertech TLV 2023 – AI & Cloud & Regulations, Oh My!

    Despite the stormy weather, Cybertech TLV 2023 drew in cybersecurity experts and leaders from around the world, gathering in Tel Aviv to share ideas, present solutions, discuss current and future trends, and provide valuable insights into the challenges and opportunities facing the industry. What came as no surprise was the main issue of combating the…

  • CYREBRO’s Most Popular Articles from 2022 – Year End Wrap-up 

    CYREBRO’s Most Popular Articles from 2022 – Year End Wrap-up 

    It’s been three years since COVID first made headlines, and although we’ve come a long way since then, some of our pandemic-coping strategies have become commonplace. For example, the shift to remote work has been embraced by employees who report they have a better work-life balance and are happier, more productive, and more engaged in their work.…

  • Taking Visibility to a New Level CYREBRO SOC Platform 2.0

    Taking Visibility to a New Level CYREBRO SOC Platform 2.0

    Our mission at CYREBRO is to bring state-level cybersecurity to businesses of all sizes and types. We believe that all businesses should always see and understand their cybersecurity with clarity, and have the means and capabilities to mitigate cyber threats against their business. That’s why we are launching a new version of our SOC Platform.…

  • CYREBRO’s Fraud Analysis Sheds Light on How to Fight Against BEC and Fraud

    CYREBRO’s Fraud Analysis Sheds Light on How to Fight Against BEC and Fraud

    Fraud is nothing new and has existed well before the world wide web came into play. But with constant digital transformations and advancements in technology, it’s expected that fraud too will evolve and shift, becoming ever more dangerous and complex. Con artists continue to keep up with security trends, including digital resources, content, and organizational…

  • CYREBRO’s IR Analysis – Visibility Gaps and How to Eliminate Them

    CYREBRO’s IR Analysis – Visibility Gaps and How to Eliminate Them

    Today, the question isn’t if your company will suffer from a security incident, it’s when.  A few years ago, a shocking statistic came to light when CYREBRO analyzed internal incident response (IR) reports: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility.  Unearthing that…

Sign Up for Updates