Round and round we go. It’s the nature of cybersecurity. Hackers discover an exploitable attack avenue, and a patch is then created to block it, except it doesn’t end there. Hackers just find another vulnerability and the battle rages on. It’s not just cybersecurity companies that must constantly innovate to remain relevant. Hackers must do…

You would be hard pressed to come up with a more nostalgic image than a child running a lemonade stand in their front yard on a hot afternoon. Unfortunately, there is nothing nostalgic about what some young entrepreneurs are doing today.  A team of researchers recently uncovered a group of minors that were running what…

Cybersecurity is a constant game of the cat chasing the mouse. The cat (a business) continues to believe that with each new plan of attack (i.e., security strategy or tool), it will finally be able to catch the mouse or, in this case, harden its security posture enough to prevent the mouse (a bad actor)…

Why does your business need compliance to grow? SOC compliance is crucial for those in service organizations. There are various compliance standards and accreditations that your business can work towards and ascertain, such as ISO 27001, NIST 800-53, and FEDRAMP, just to name a few. But arguably the most widely recognized and respected is SOC,…

Tag, you’re it! That infamous saying may remind you of your childhood, but it’s also applicable to the never-ending game threat actors play. They hunt around looking for unsuspecting victims who simply haven’t paid attention to their security gaps and left their organization’s vulnerabilities unaddressed. With just a tap, hackers can deliver the same deadly…

It seems that everyone is trying to identify the next bubble to take some type of advanced action to avoid it or take advantage of it. Many of us have lived through more than one. There was the IT bubble at the start of the century followed by the housing bubble in 2008. Bubbles are…

You would be hard pressed to come up with a more nostalgic image than a child running a lemonade stand in their front yard on a hot afternoon. Unfortunately, there is nothing nostalgic about what some young entrepreneurs are doing today.  A team of researchers recently uncovered a group of minors that were running what…

Cybersecurity is a constant game of the cat chasing the mouse. The cat (a business) continues to believe that with each new plan of attack (i.e., security strategy or tool), it will finally be able to catch the mouse or, in this case, harden its security posture enough to prevent the mouse (a bad actor)…

Security experts, including our team at CYREBRO, tout the benefits of using multi-factor authentication (MFA) for an added layer of security. While that is still sound advice, recent research shows that a new phishing technique, which steals authentication cookies through Microsoft Edge WebView2 applications, can render MFA useless if people don’t take other precautions. Discovering…

Conti, one of today’s most prolific and profitable ransomware groups, launched an initial cyberattack against Costa Rica in mid-April. In recent weeks, the Russian-speaking Conti gang, or possibly an associated group called Hive, have stepped up the attacks and expanded the assault. After Costa Rica refused to pay the initial $10 million ransom or the…

An unknown threat actor is selling a new malware toolkit called Eternity Project. Cybercriminals can buy stealers, clippers, worms, miners, ransomware, and DDoS Bots for a few hundred dollars each. What’s most notable about this malware-as-a-service (MaaS) is that in addition to being available on a TOR website, the hacker behind it is brazenly promoting…

Has REvil re-emerged? That’s the question on everyone’s mind and the topic that’s got the cyber community talking. After months of silence, REvil, the infamous presumed Russian-based ransomware gang, seems to be back online as of last week, with a new leak site promoted on RuTOR. The hacker group’s old site, Happy Blog, has returned,…

If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

The constant headlines concerning the latest attacks on companies across the industry spectrum serve as constant reminders of the importance of cybersecurity. Digital transformation alone is not enough. You must secure that digital environment, and it’s something that even SMBs have come to realize all too well. Unfortunately, most SMBs lack the technology stack, talent,…

As cyber-attacks have become more frequent and complex, there has been a surge in the number of Security Operations Center SOC platforms specializing in threat hunting and incident response.  The SOC market is projected to grow from $471 million in 2020 to $1.656 billion by 2025, at a compound annual growth rate of 28.6% during…

The cybersecurity kill chain, initially defined by Lockheed Martin, continues to be a general standard inside Information Security to describe how a malicious actor, internal or external, performs an attack. The cyber kill chain 7 stages are defined as: Reconnaissance – Identify vulnerabilities, improperly configured services, and obtain credentials through active or passive methods. Weaponization…

In the world of digital warfare, Artificial Intelligence is transforming the Security Operation Centers (SOC) to better respond to cybersecurity threats and attacks. Leveraging AI-Based security tools, such as CYREBRO’s SOC Platform, can provide integration features whereby you will be better able to detect and respond to cybercrimes without an in-house SOC team in place. …

Cybersecurity is a critical component of every business around the world, regardless of size or industry, with the SOC being a key component during the detection and incident response phase. Red Team vs. Blue Team Cybersecurity in a Nutshell The Blue Team stands at the core of Cybersecurity. The foundational elements established in the Blue…

Tag, you’re it! That infamous saying may remind you of your childhood, but it’s also applicable to the never-ending game threat actors play. They hunt around looking for unsuspecting victims who simply haven’t paid attention to their security gaps and left their organization’s vulnerabilities unaddressed. With just a tap, hackers can deliver the same deadly…

As Bob Dylan so eloquently said in his classic song from the 1960s, “Times they are a-changin,” sixty years later they still are. Modern society has grown accustomed to change. It’s the pace of it that can cause you to catch your breath at times.  Just as the bulk of rock and country music is…

Different organizations and companies will define the stages within the lifecycle of a cyber security event a little differently. The National Institute of Standards and Technology (NIST) follows a four-step process of preparation, detection & analysis, containment, eradication & recovery, and post-incident activity. The International Organization for Standardization (ISO) quantifies the process with five stages: prepare, identify, assess, respond…

Where would the world be without the Internet?  The Internet allows us to access massive amounts of information in seconds, connect with people all over the globe, educate ourselves on any topic we want, work and collaborate remotely, sell and buy from–and do countless more things that would have been unimaginable just 30 years ago. …

Animal Crossing: New Horizons took the world by storm during the pandemic, selling more than 13 million copies in just six weeks. The game was splashed across the news, captivating users stuck at home with limited entertainment options. Nintendo and Nintendo Switch owners welcomed the game’s release, but Xbox users were left out in the…

When businesses shifted to remote work at the beginning of the coronavirus pandemic, they had the good fortune of being able to turn to an old solution to keep productivity high–the Remote Desktop Protocol (RDP). Microsoft released the protocol in 1998, but it wasn’t until the pandemic that many businesses realized its usefulness. Naturally, the…

We’ve written a lot on the CYREBRO blog about U.S. cybersecurity laws–rules that businesses in specific sectors such as financial services and healthcare are obligated to follow. Today we’d like to introduce a related but different topic: cybersecurity standards, namely the U.S. National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). A standard is…

Businesses operating in the European Union are subject to the strictest data protection regulation in the world, the General Data Protection Regulation (GDPR). Unlike the United States, the EU doesn’t have an industry-specific cybersecurity law for the healthcare sector. However, healthcare organizations are subject to a new cybersecurity law for businesses in essential industries, known…

QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow…

QRoC SIEM integration scripts CyberHat publishes codes on open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow the…

QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow…

QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to extract information and optimize from multiple security tools and create rules…

Fraud is nothing new and has existed well before the world wide web came into play. But with constant digital transformations and advancements in technology, it’s expected that fraud too will evolve and shift, becoming ever more dangerous and complex. Con artists continue to keep up with security trends, including digital resources, content, and organizational…

Today, the question isn’t if your company will suffer from a security incident, it’s when.  A few years ago, a shocking statistic came to light when CYREBRO analyzed internal incident response (IR) reports: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility.  Unearthing that…

SOCs are taking the center stage as the defenders of the network but many organizations don’t fully understand how to leverage a SOC, leaving them in the dark about the real value they provide.   On March 24, CYREBRO’s CEO and founder Nadav Arbel sat together with Ryan Alban Sr. Manager of Global Solution Leads at…

In this episode of CISO Series, we CYREBRO’s CTO, Ori Arbel, discussing the latest cybersecurity trends with the show hosts, cybersecurity journalist, David Spark, and veteran CISO, Andy Ellis. From the start of COVID and the cloud migration rush that followed, to practical tips to help improve incident response planning, the group discusses how to…

On March 8th, our company will proudly celebrate International Women’s Day. While this year’s theme, Break the Bias, applies to women in every professional field and country, we find it particularly relevant to the cybersecurity industry. Gender bias has gone on for too long. Many women haven’t been given the recognition and opportunities they deserve. …

Europe’s top value-added distributor has selected CYREBRO’s interactive cloud-based platform to provide an easy to implement, cost-effective solution to MS(S)Ps across Europe MUNICH, GERMANY and TEL AVIV, ISRAEL — AUGUST 10, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that Infinigate, Europe’s largest purveyor of cybersecurity solutions, will be using…