Google has released Chrome Version 92.0.4515.131 for Windows, Mac and Linux. The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system. The Remote Code Execution Vulnerability CVE-2021-30590 (High Severity) A sandbox escape vulnerability that can be “exploited in combination with an extension or a…

Last year’s SolarWinds supply chain attack shook the security world. Hundreds of private businesses, many of them Fortune 500 companies, and several US agencies, including the Pentagon, Homeland Security, the Treasury, and the State Department, were all victims as they all use SolarWinds’ Orion system.   The scope of this attack and the fact that hackers…

TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

Cybercriminals have been around for as long as the Internet, and they are becoming bolder and more sophisticated with each passing day.  Yet incredibly, the majority of businesses are still not ready to respond to cyberattacks or breach events, according to a recent FireEye survey of 800 chief information security officers and other senior executives from around the world.  In a recent study by the Ponemon Institute,…

Apple has released a security update to address an exploited-in-the-wild zero-day vulnerability which allows for Privileged Arbitrary Code Execution.  The vulnerability affects macOS Big Sur, iOS and iPadOS. (See Affected Products for affected versions)  Apple did not publish details regarding the attacks or attackers that have exploited this vulnerability.  The Vulnerability CVE-2021-30807  An application may be able…

Apple has released updates to MacOS Big Sur, Catalina, and Mojave, as well as the Safari browser.   The updates fix a Remote Code Execution vulnerability in Big Sur’s libxml2 library, and multiple Arbitrary Code Execution vulnerabilities affecting the products.  Apple Security Advisories macOS Big Sur 11.5 – 1 Remote Code Execution and 17 Arbitrary Code Execution vulnerabilities fixed.  Security Update…

Cybercriminals have been around for as long as the Internet, and they are becoming bolder and more sophisticated with each passing day.  Yet incredibly, the majority of businesses are still not ready to respond to cyberattacks or breach events, according to a recent FireEye survey of 800 chief information security officers and other senior executives from around the world.  In a recent study by the Ponemon Institute,…

After a brief decline in 2019, phishing attacks spiked again in 2020. Last year, they were so prevalent that one in every 4,200 emails was a phishing scam. Businesses lost approximately $17,700 every minute due to a phishing attack. Research from the FBI’s Internet Crime Complaint Center found that phishing (including vishing, SMiShing, and pharming) was one of the biggest cyber threats,…

Modern organizations use multiple connected devices to conduct their business, including intelligent printers, appliances, BYOD cellphones and tablets, and more. Following the pandemic, 1 in 4 Americans will work from home in 2021 and beyond. Technology has made it easy to connect remotely from anywhere around the globe, and employees are plugging their devices in…

According to a recent report, 75% of enterprises are concerned about the security of their cloud assets, data, and systems.  With the average global cost of a data breach coming in at $3.86 million, it has never been more important to be able to detect, prevent, and resolve incidents as effectively and as quickly as possible.  But doing so can be very challenging.…

It can be challenging for businesses to stay on top of their cybersecurity. They feel that their relative anonymity protects them from hackers who are looking to break into Fortune 500 networks and financial institutions. Unfortunately, hackers view their sites as ready-made training grounds.   Disruptions caused by hackers can harm sales, interfere with operations, and corrupt or expose data. Consumers…

Ensuring cybersecurity compliance can be cumbersome (and a pain), but if you don’t do it, it can literally cost you your business. There are hundreds of controls, and numerous requirements imposed by multiple regulatory bodies and private industry groups. What’s more, organizations with global operations must face the additional and major challenge of having to…

TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

The cyberattacks that are launched on large enterprises are the ones that tend to grab the big headlines because of the big numbers involved with their colossal impact. Just from the past year, we had: SolarWinds: compromising 250 federal agencies and businesses Twitter: 130 users hit including high profile accounts such as those of Joe Biden, Barak Obama, Elon Musk, Jeff Bezos,…

A close look at the pros and cons of SIEM, MSSP, MDR, and SOCaaS Think cyber criminals only target large enterprises? If you answered yes, you’re not alone. Nearly 70% of small-to-medium businesses (SMBs) are not worried about getting hacked, mostly because they don’t think they have the resources that hackers typically seek out, whether…

When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

Every SMB Is at Risk “What you may not know, however, is that small to mid-sized businesses (SMBs) are frequent targets of destructive cyberattacks, many of which can be crippling.” (Forbes) There’s no getting around it. Sooner or later your organization will get hit by a cyber attack… if it hasn’t been already. If you believe that you’re not big…

Cisco has released updates addressing 3 pre-auth security vulnerabilities affecting VPN routers. The vulnerabilities are remotely exploitable without requiring authentication and allow attackers to remotely execute commands and arbitrary code or to trigger a denial-of-service on vulnerable devices.  The Vulnerabilities CVE-2021-1609 (CVSS 3.1: 9.8, Critical) A vulnerability in the web-based management interface of Cisco Small…

Google has released Chrome Version 92.0.4515.131 for Windows, Mac and Linux. The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system. The Remote Code Execution Vulnerability CVE-2021-30590 (High Severity) A sandbox escape vulnerability that can be “exploited in combination with an extension or a…

Apple has released a security update to address an exploited-in-the-wild zero-day vulnerability which allows for Privileged Arbitrary Code Execution.  The vulnerability affects macOS Big Sur, iOS and iPadOS. (See Affected Products for affected versions)  Apple did not publish details regarding the attacks or attackers that have exploited this vulnerability.  The Vulnerability CVE-2021-30807  An application may be able…

Apple has released updates to MacOS Big Sur, Catalina, and Mojave, as well as the Safari browser.   The updates fix a Remote Code Execution vulnerability in Big Sur’s libxml2 library, and multiple Arbitrary Code Execution vulnerabilities affecting the products.  Apple Security Advisories macOS Big Sur 11.5 – 1 Remote Code Execution and 17 Arbitrary Code Execution vulnerabilities fixed.  Security Update…

Cisco patched a Remote Code Execution vulnerability in the Cisco Firepower Device Manager On-Box Software. The vulnerability only affects Cisco FDM On-Box Software.  The Vulnerability CVE-2021-1518 (CVSS 3.1: 6.3 Medium)  A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, which due to insufficient sanitization of user input on specific REST API commands could…

Google has released a new Chrome update, patching 1 actively exploited arbitrary code execution zero-day vulnerability and 6 additional ones. The updated Chrome version is 91.0.4472.164 and is relevant to Windows, Mac, and Linux. 6 out of the patched vulnerabilities are classified by Google as of high severity. The actively exploited Arbitrary Code Execution Zero-Day…