Category: Guides

  • Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    An unknown threat actor is selling a new malware toolkit called Eternity Project. Cybercriminals can buy stealers, clippers, worms, miners, ransomware, and DDoS Bots for a few hundred dollars each. What’s most notable about this malware-as-a-service (MaaS) is that in addition to being available on a TOR website, the hacker behind it is brazenly promoting…

  • Common Entry Points #1 – ITaaS (IT as a service) Part 1

    Common Entry Points #1 – ITaaS (IT as a service) Part 1

    According to SonicWall’s 2022 Cyber Threat Report, nearly every category of cyberattack has increased in volume last year. The numbers point to an undeniable conclusion. SMB networks are under siege. In fact, let’s call it what it is. It’s a war out there. And while cyberattacks may not consist of traditional armies on the field…

  • A Smart SOC in space – Protecting the Millennium Falcon

    A Smart SOC in space – Protecting the Millennium Falcon

    If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

  • Malicious NPM packages – an increasingly popular vector

    Malicious NPM packages – an increasingly popular vector

    Cybersecurity is a complicated circular pattern. Tools, strategies, and methodologies are constantly evolving to protect more expansive attack surfaces. At the same time, hackers develop new attack vectors at unprecedented rates. Round and round it goes with no end in sight.  Companies are often aware of massive cyberattacks that land in the headlines of major…

  • REvil TOR sites back in action with new ransomware (RaaS) operations 

    REvil TOR sites back in action with new ransomware (RaaS) operations 

    Has REvil re-emerged? That’s the question on everyone’s mind and the topic that’s got the cyber community talking. After months of silence, REvil, the infamous presumed Russian-based ransomware gang, seems to be back online as of last week, with a new leak site promoted on RuTOR. The hacker group’s old site, Happy Blog, has returned,…

  • The 7 Stages of a Ransomware Kill Chain 

    The 7 Stages of a Ransomware Kill Chain 

    In the first major battle of the America Civil War at Bull Run, nearby residents gathered on the hill overlooking where that battle was to take place with picnic baskets and opera glasses to witness the battle and cheer their side to victory. They ended up fleeing in terror. For those without any military experience,…

  • Common Entry Points #1 – ITaaS (IT as a Service) Part 2 

    Common Entry Points #1 – ITaaS (IT as a Service) Part 2 

    Assessing the weak links in your company network is an important part of cybersecurity. The people that sit behind the computer keyboards make up some of the weakest links, as there are always a small minority of users that will click on just about anything embedded or attached in an email despite being warned about…

  • Common Entry Points #1 – ITaaS (IT as a service) Part 1

    Common Entry Points #1 – ITaaS (IT as a service) Part 1

    According to SonicWall’s 2022 Cyber Threat Report, nearly every category of cyberattack has increased in volume last year. The numbers point to an undeniable conclusion. SMB networks are under siege. In fact, let’s call it what it is. It’s a war out there. And while cyberattacks may not consist of traditional armies on the field…

  • Malicious NPM packages – an increasingly popular vector

    Malicious NPM packages – an increasingly popular vector

    Cybersecurity is a complicated circular pattern. Tools, strategies, and methodologies are constantly evolving to protect more expansive attack surfaces. At the same time, hackers develop new attack vectors at unprecedented rates. Round and round it goes with no end in sight.  Companies are often aware of massive cyberattacks that land in the headlines of major…

  • The 7 Stages of a Ransomware Kill Chain 

    The 7 Stages of a Ransomware Kill Chain 

    In the first major battle of the America Civil War at Bull Run, nearby residents gathered on the hill overlooking where that battle was to take place with picnic baskets and opera glasses to witness the battle and cheer their side to victory. They ended up fleeing in terror. For those without any military experience,…

  • Improve your network security by eliminating blind spots 

    Improve your network security by eliminating blind spots 

    Spaghetti and meatballs. Batman and Robin. Peanut butter and jelly. Notice a theme? Well, here are two other pairs that go together as clearly as these, but you might be less familiar with: cybersecurity and visibility, and threat actors, and vulnerabilities. Cybersecurity threats are at an all-time high as threat actors are ruthless and willing…

  • Ransomware Myths SMBs Need to Be Familiar With

    Ransomware Myths SMBs Need to Be Familiar With

    Ransomware attacks are skyrocketing so quickly alarm bells should be going off at every company. No one is safe, and experts predict 2022 will be a devastating year for ransomware attacks. This should come as no surprise, as attackers these days don’t even need to write their own ransomware code. They can launch an attack…

  • Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    An unknown threat actor is selling a new malware toolkit called Eternity Project. Cybercriminals can buy stealers, clippers, worms, miners, ransomware, and DDoS Bots for a few hundred dollars each. What’s most notable about this malware-as-a-service (MaaS) is that in addition to being available on a TOR website, the hacker behind it is brazenly promoting…

  • REvil TOR sites back in action with new ransomware (RaaS) operations 

    REvil TOR sites back in action with new ransomware (RaaS) operations 

    Has REvil re-emerged? That’s the question on everyone’s mind and the topic that’s got the cyber community talking. After months of silence, REvil, the infamous presumed Russian-based ransomware gang, seems to be back online as of last week, with a new leak site promoted on RuTOR. The hacker group’s old site, Happy Blog, has returned,…

  • Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data Traced back to January of this year, Okta, a publicly traded identity and access management company announced yesterday that it has been impacted by a cyber-attack claimed by the data extortion group Lapsus$. Okta and Lapsus$ disagree regarding the success of the breach, while companies like Cloudflare…

  • Threat Actors Using Omicron COVID-19 Phishing Lures

    Threat Actors Using Omicron COVID-19 Phishing Lures

    Over the last few weeks, threat actors have been launching phishing scams which leverage people’s fears and anxieties over the Omicron COVID-19 variant. The scams either inject the Dridex banking malware into a victim’s computer or other malware that collects passwords, credentials, and personal or financial data. Informing all employees about the threat is the…

  • Log4Shell hits big players with critical 0-day exploit

    Log4Shell hits big players with critical 0-day exploit

    [Last updated Dec. 19, 2021] A recently discovered Log4j vulnerability (Log4Shell, CVE-2021-44228) in the Apache utility that allows unauthenticated remote code execution (RCE) and server take over is said to be exploited in the wild. Due to how widely used the Apache tool is, affecting companies such as Amazon, Apple, Cisco, Steam, Tesla, Twitter, and many…

  • Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Cybersecurity and Data Protection Laws: US Financial Services and Insurance Firms

    Federal and state legislation say surprisingly little about how ordinary American businesses should manage their cybersecurity. However, financial services and insurance firms are not ordinary businesses. Because of their tendency to deal with sensitive personal data such as social security numbers, bank accounts and tax records, financial services and insurance firms are subject to a…

  • A Smart SOC in space – Protecting the Millennium Falcon

    A Smart SOC in space – Protecting the Millennium Falcon

    If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

  • Utilizing SOC Infrastructure vs MDR – an MSSP perspective

    Utilizing SOC Infrastructure vs MDR – an MSSP perspective

    The constant headlines concerning the latest attacks on companies across the industry spectrum serve as constant reminders of the importance of cybersecurity. Digital transformation alone is not enough. You must secure that digital environment, and it’s something that even SMBs have come to realize all too well. Unfortunately, most SMBs lack the technology stack, talent,…

  • 13 Questions to Ask your SOC provider

    13 Questions to Ask your SOC provider

    As cyber-attacks have become more frequent and complex, there has been a surge in the number of Security Operations Center SOC platforms specializing in threat hunting and incident response.  The SOC market is projected to grow from $471 million in 2020 to $1.656 billion by 2025, at a compound annual growth rate of 28.6% during…

  • The Role of a SOC During a Cyber Kill Chain

    The Role of a SOC During a Cyber Kill Chain

    The cybersecurity kill chain, initially defined by Lockheed Martin, continues to be a general standard inside Information Security to describe how a malicious actor, internal or external, performs an attack. The cyber kill chain 7 stages are defined as: Reconnaissance – Identify vulnerabilities, improperly configured services, and obtain credentials through active or passive methods. Weaponization…

  • The Role of Artificial intelligence (AI) in security operations center (SOC)

    The Role of Artificial intelligence (AI) in security operations center (SOC)

    In the world of digital warfare, Artificial Intelligence is transforming the Security Operation Centers (SOC) to better respond to cybersecurity threats and attacks. Leveraging AI-Based security tools, such as CYREBRO’s SOC Platform, can provide integration features whereby you will be better able to detect and respond to cybercrimes without an in-house SOC team in place. …

  • The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    Cybersecurity is a critical component of every business around the world, regardless of size or industry, with the SOC being a key component during the detection and incident response phase. Red Team vs. Blue Team Cybersecurity in a Nutshell The Blue Team stands at the core of Cybersecurity. The foundational elements established in the Blue…

  • Disaster Recovery vs. Cyber Recovery – Different Plans Preparing for Different Struggles

    Disaster Recovery vs. Cyber Recovery – Different Plans Preparing for Different Struggles

    As Bob Dylan so eloquently said in his classic song from the 1960s, “Times they are a-changin,” sixty years later they still are. Modern society has grown accustomed to change. It’s the pace of it that can cause you to catch your breath at times.  Just as the bulk of rock and country music is…

  • How to achieve effective cybercrime investigations

    How to achieve effective cybercrime investigations

    Different organizations and companies will define the stages within the lifecycle of a cyber security event a little differently. The National Institute of Standards and Technology (NIST) follows a four-step process of preparation, detection & analysis, containment, eradication & recovery, and post-incident activity. The International Organization for Standardization (ISO) quantifies the process with five stages: prepare, identify, assess, respond…

  • Taking Ownership on Safer Internet Day

    Taking Ownership on Safer Internet Day

    Where would the world be without the Internet?  The Internet allows us to access massive amounts of information in seconds, connect with people all over the globe, educate ourselves on any topic we want, work and collaborate remotely, sell and buy from–and do countless more things that would have been unimaginable just 30 years ago. …

  • Why a Tech Agnostic Cybersecurity Vendor is Critical in 2022

    Why a Tech Agnostic Cybersecurity Vendor is Critical in 2022

    Animal Crossing: New Horizons took the world by storm during the pandemic, selling more than 13 million copies in just six weeks. The game was splashed across the news, captivating users stuck at home with limited entertainment options. Nintendo and Nintendo Switch owners welcomed the game’s release, but Xbox users were left out in the…

  • The RDP attack, from advanced solution to attack vector nightmare

    The RDP attack, from advanced solution to attack vector nightmare

    When businesses shifted to remote work at the beginning of the coronavirus pandemic, they had the good fortune of being able to turn to an old solution to keep productivity high–the Remote Desktop Protocol (RDP). Microsoft released the protocol in 1998, but it wasn’t until the pandemic that many businesses realized its usefulness. Naturally, the…

  • Happy Holidays? Not if Hackers Have Their Way

    Happy Holidays? Not if Hackers Have Their Way

    Cybercriminals are savvy, calculating, and methodical. Like any good thief, they do their homework, investigating potential targets, stalking them to track habits, and identifying weak entry points. They are also patient, waiting for the perfect time to launch an attack. Attackers hit the hardest when defenses are at their lowest. More often than not, that…

  • What is the NIST Cybersecurity Framework and How is it Relevant to Your Organization?

    What is the NIST Cybersecurity Framework and How is it Relevant to Your Organization?

    We’ve written a lot on the CYREBRO blog about U.S. cybersecurity laws–rules that businesses in specific sectors such as financial services and healthcare are obligated to follow. Today we’d like to introduce a related but different topic: cybersecurity standards, namely the U.S. National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). A standard is…

  • Cybersecurity and Data Protection Laws: EU Healthcare Businesses

    Cybersecurity and Data Protection Laws: EU Healthcare Businesses

    Businesses operating in the European Union are subject to the strictest data protection regulation in the world, the General Data Protection Regulation (GDPR). Unlike the United States, the EU doesn’t have an industry-specific cybersecurity law for the healthcare sector. However, healthcare organizations are subject to a new cybersecurity law for businesses in essential industries, known…

  • QRoC SIEM integration Carbon Black script

    QRoC SIEM integration Carbon Black script

    QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow…

  • QRoC SIEM integration DUO script

    QRoC SIEM integration DUO script

    QRoC SIEM integration scripts CyberHat publishes codes on open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow the…

  • QRoC SIEM integration MongoDB-Atlas script

    QRoC SIEM integration MongoDB-Atlas script

    QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow…

  • QRoC SIEM integration Mimecast script

    QRoC SIEM integration Mimecast script

    QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to extract information and optimize from multiple security tools and create rules…

  • Dark Reading panel – The Next Generation SOC with CYREBRO CEO Nadav Arbel

    Dark Reading panel – The Next Generation SOC with CYREBRO CEO Nadav Arbel

    SOCs are taking the center stage as the defenders of the network but many organizations don’t fully understand how to leverage a SOC, leaving them in the dark about the real value they provide.   On March 24, CYREBRO’s CEO and founder Nadav Arbel sat together with Ryan Alban Sr. Manager of Global Solution Leads at…

  • CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    In this episode of CISO Series, we CYREBRO’s CTO, Ori Arbel, discussing the latest cybersecurity trends with the show hosts, cybersecurity journalist, David Spark, and veteran CISO, Andy Ellis. From the start of COVID and the cloud migration rush that followed, to practical tips to help improve incident response planning, the group discusses how to…

  • Women: A Powerful Part of Any Cybersecurity Company

    Women: A Powerful Part of Any Cybersecurity Company

    On March 8th, our company will proudly celebrate International Women’s Day. While this year’s theme, Break the Bias, applies to women in every professional field and country, we find it particularly relevant to the cybersecurity industry. Gender bias has gone on for too long. Many women haven’t been given the recognition and opportunities they deserve. …

  • Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Europe’s top value-added distributor has selected CYREBRO’s interactive cloud-based platform to provide an easy to implement, cost-effective solution to MS(S)Ps across Europe MUNICH, GERMANY and TEL AVIV, ISRAEL — AUGUST 10, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that Infinigate, Europe’s largest purveyor of cybersecurity solutions, will be using…

  • Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

Sign Up for Updates