The holidays mean different things to different people. For consumers, holidays are about celebrating with friends and family and scooping up great deals. Stores and eCommerce brands plan their sales all year long to coincide with holidays, but Black Friday and Cyber Monday are two of their most important days. According to the National Retail Federation,…

Many businesses already spend a great deal on cybersecurity but are still inadequately prepared, and the solution often lies in their general approach. Reactive and proactive cybersecurity follow different approaches and offer unique benefits, and these two approaches also require different processes and tools to maximize cybersecurity.   Which of these security approaches is more effective for your business?…

We’ve written a lot on the CYREBRO blog about U.S. cybersecurity laws–rules that businesses in specific sectors such as financial services and healthcare are obligated to follow. Today we’d like to introduce a related but different topic: cybersecurity standards, namely the U.S. National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). A standard is…

Businesses operating in the European Union are subject to the strictest data protection regulation in the world, the General Data Protection Regulation (GDPR). Unlike the United States, the EU doesn’t have an industry-specific cybersecurity law for the healthcare sector. However, healthcare organizations are subject to a new cybersecurity law for businesses in essential industries, known…

If given a choice between doing something that took a lot of time and effort for what you perceive as very little payoff or just skipping the task altogether, which would you choose? Although we’d all like to think we’d buckle down and do the work, the truth is that most people wouldn’t, particularly if…

Phishing Campaigns Are No Match For Analysts With These Skills   Phishing campaigns are all too common these days. A look back at 2020 showed that 75% of companies globally suffered from an attack. In the United States, 74% of attacks were successful, a 14% increase from 2019, proving bad actors are getting smarter and using…

We’ve written a lot on the CYREBRO blog about U.S. cybersecurity laws–rules that businesses in specific sectors such as financial services and healthcare are obligated to follow. Today we’d like to introduce a related but different topic: cybersecurity standards, namely the U.S. National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). A standard is…

Businesses operating in the European Union are subject to the strictest data protection regulation in the world, the General Data Protection Regulation (GDPR). Unlike the United States, the EU doesn’t have an industry-specific cybersecurity law for the healthcare sector. However, healthcare organizations are subject to a new cybersecurity law for businesses in essential industries, known…

If given a choice between doing something that took a lot of time and effort for what you perceive as very little payoff or just skipping the task altogether, which would you choose? Although we’d all like to think we’d buckle down and do the work, the truth is that most people wouldn’t, particularly if…

Cyber security is a top concern for every company. As the CISO, leading the charge to keep your company secure from hackers and attacks falls squarely on your shoulders, but it’s certainly not a job you can do on your own. Security and the measures your company takes to remain as secure as possible are…

Security professionals need to be laser-focused on strengthening their security posture, but with huge attack surfaces and a multitude of ever-advancing threats, the challenge can sometimes seem insurmountable. However, by using the right tools coupled with a deep understanding of their most valuable business assets, security teams can create a winning strategy that protects their…

If there’s one thing we’ve learned from our vast experience in cybersecurity, it’s that cybercriminals don’t discriminate: for the most part they are not looking at location or even industry in their attacks, rather holes to climb through for a breach.   Like many target-driven professions (if we can call cybercrime a profession), cybercriminals look for the path of least…

Europe’s top value-added distributor has selected CYREBRO’s interactive cloud-based platform to provide an easy to implement, cost-effective solution to MS(S)Ps across Europe MUNICH, GERMANY and TEL AVIV, ISRAEL — AUGUST 10, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that Infinigate, Europe’s largest purveyor of cybersecurity solutions, will be using…

TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

Every SMB Is at Risk “What you may not know, however, is that small to mid-sized businesses (SMBs) are frequent targets of destructive cyberattacks, many of which can be crippling.” (Forbes) There’s no getting around it. Sooner or later your organization will get hit by a cyber attack… if it hasn’t been already. If you believe that you’re not big…

It’s been nearly a year now since the pandemic has sent millions worldwide to work from home and has compelled organizations to establish operations outside the traditional security border. As such, there is now great pressure to protect these remote workers, their devices, and their network against ever-increasing rates of cyberattacks. To make the job…

Apache Software has released an update patching critical remote code execution vulnerability in Apache HTTP Server. A PoC (Proof of Concept) exploit has been published, and the vulnerability has been seen exploited in the wild. The vulnerability CVE-2021-41773 Path traversal vulnerability allowing RCE A vulnerability was found in a change made to path normalization in…

** Please note this CTI alert contains 3 Sections – Cisco IOS XE Software, Google Chrome and Apple macOS Catalina vulnerabilities ** Cisco Patches Critical IOS XE Software for Catalyst 9000 Family Wireless Controllers RCE Vulnerability Cisco has patched a critical severity remote code execution vulnerability affecting multiple Catalyst 9000 family wireless controllers. The vulnerability may…

On September 19th, Voicenter became a victim of a Data Breach and a Ransomware attack. On September 21st, the attackers began leaking stolen data to the public. According to the attackers, they are in possession of 15 Terabytes of data related to Voicenter and ~8,000 of their clients. This information consists of names, emails, phone…

Please note this CTI alert contains 3 Sections – Apple’s Safari, VMware, and NETGEAR vulnerabilities  Apple Patches 4 RCE Vulnerabilities in Safari Apple has released a security update to address 4 Remote Code Execution vulnerabilities in Safari. The patches are available for macOS Big Sur and macOS Catalina.  The Vulnerabilities CVE-2021-30846 CVE-2021-30848 CVE-2021-30849 CVE-2021-30851 All…

Microsoft has fixed a critical vulnerability affecting Azure Cosmos DB. Azure Cosmos DB is a globally distributed and fully managed NoSQL database service. The vulnerability The vulnerability gives any Azure user full admin access (read, write, delete) to another customer’s Cosmos DB instances without authorization. The vulnerability has a trivial exploit that doesn’t require any…

As part of F5’s monthly security advisory, a high severity Remote Code Execution vulnerability affecting ALL BIG-IP modules was patched.  Additionally, F5 has disclosed multiple other vulnerabilities affecting BIG-IP and BIG-IQ products.  For the full list of addressed vulnerabilities and mitigations, review the full F5 Monthly Security Advisory.  The Vulnerability CVE-2021-23025 (CVSSv3: 7.2, High)  An authenticated remote command execution…