Category: Insights

  • Today’s Cyber Challenge: Multi-Site Security With a Diverse Tech Stack

    Today’s Cyber Challenge: Multi-Site Security With a Diverse Tech Stack

    In today’s globalized economy, it’s easier than ever for businesses to operate in multiple locations, with many crossing borders to reach a broader customer base. While this can bring many benefits, it can also create significant challenges, particularly when managing IT and cybersecurity. As organizations increase their reach, they must work with service providers in…

  • Strengthen Your Security Posture With MITRE ATT&CK Framework

    Strengthen Your Security Posture With MITRE ATT&CK Framework

    Those who used to watch old police detective TV shows will recall the classic scenes in which a crime victim or witness is asked to look through large binders of mug shots while sitting at a police station desk. This is because police detectives know that certain types of crimes continue to be committed by…

  • Casinos & Gaming – Hackers’ Favorite Targets

    Casinos & Gaming – Hackers’ Favorite Targets

    With the increase in online casinos, as well as the use of technology in brick-and-mortar casinos the shift towards online gambling has opened up a new world for players and cyber threats alike. Hackers see these platforms, technology, and apps as target-rich environments since they can deliver a one-two combination punch, going after a platform’s…

  • Faster Processors, Means Faster Threats, and Less Time to Waste

    Faster Processors, Means Faster Threats, and Less Time to Waste

    It is another example of the law of unintended consequences. What is originally deemed to be a benefit to society can also have a dark side, comprised of unforeseen circumstances and unexpected interactions between different entities. There are many examples of this. For instance, it seems natural that governments should regulate the introduction of new…

  • From GDPR to CCPA – Staying Ahead of the Curve in a Rapidly Changing Regulatory Landscape

    From GDPR to CCPA – Staying Ahead of the Curve in a Rapidly Changing Regulatory Landscape

    In 1986, the United States enacted a vital piece of legislation known as the Computer Fraud and Abuse Act (CFAA) to address a rise in computer-related crimes. CFAA made many computer-based offenses illegal, including hacking, computer trespassing, unauthorized access to computers and computer networks, and using computers to commit fraud or access national security information.…

  • Defending Your Email Infrastructure

    Defending Your Email Infrastructure

    Email is an incredible tool for businesses, but it’s also an equally incredible tool for threat actors, consistently remaining the most popular attack vector for hackers looking to gain access into an organization. And it’s not hard to see why. When planning an attack, the decisive question for a hacker is, “Will it be easier…

  • Dealing with Stress and Attrition in Cybersecurity Jobs

    Dealing with Stress and Attrition in Cybersecurity Jobs

    Picture yourself as a cybersecurity leader seated in a conference room with other cybersecurity leaders from across your industry. Now imagine looking at the person seated to the left of you. Chances are that the person seated beside you will not be in their present role in 2025. That is because according to Gartner, nearly…

  • Today’s Cyber Challenge: Multi-Site Security With a Diverse Tech Stack

    Today’s Cyber Challenge: Multi-Site Security With a Diverse Tech Stack

    In today’s globalized economy, it’s easier than ever for businesses to operate in multiple locations, with many crossing borders to reach a broader customer base. While this can bring many benefits, it can also create significant challenges, particularly when managing IT and cybersecurity. As organizations increase their reach, they must work with service providers in…

  • Strengthen Your Security Posture With MITRE ATT&CK Framework

    Strengthen Your Security Posture With MITRE ATT&CK Framework

    Those who used to watch old police detective TV shows will recall the classic scenes in which a crime victim or witness is asked to look through large binders of mug shots while sitting at a police station desk. This is because police detectives know that certain types of crimes continue to be committed by…

  • Casinos & Gaming – Hackers’ Favorite Targets

    Casinos & Gaming – Hackers’ Favorite Targets

    With the increase in online casinos, as well as the use of technology in brick-and-mortar casinos the shift towards online gambling has opened up a new world for players and cyber threats alike. Hackers see these platforms, technology, and apps as target-rich environments since they can deliver a one-two combination punch, going after a platform’s…

  • Faster Processors, Means Faster Threats, and Less Time to Waste

    Faster Processors, Means Faster Threats, and Less Time to Waste

    It is another example of the law of unintended consequences. What is originally deemed to be a benefit to society can also have a dark side, comprised of unforeseen circumstances and unexpected interactions between different entities. There are many examples of this. For instance, it seems natural that governments should regulate the introduction of new…

  • From GDPR to CCPA – Staying Ahead of the Curve in a Rapidly Changing Regulatory Landscape

    From GDPR to CCPA – Staying Ahead of the Curve in a Rapidly Changing Regulatory Landscape

    In 1986, the United States enacted a vital piece of legislation known as the Computer Fraud and Abuse Act (CFAA) to address a rise in computer-related crimes. CFAA made many computer-based offenses illegal, including hacking, computer trespassing, unauthorized access to computers and computer networks, and using computers to commit fraud or access national security information.…

  • RansomWar in Costa Rica – Conti Ransomware Gang Attacks

    RansomWar in Costa Rica – Conti Ransomware Gang Attacks

    Conti, one of today’s most prolific and profitable ransomware groups, launched an initial cyberattack against Costa Rica in mid-April. In recent weeks, the Russian-speaking Conti gang, or possibly an associated group called Hive, have stepped up the attacks and expanded the assault. After Costa Rica refused to pay the initial $10 million ransom or the…

  • Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    An unknown threat actor is selling a new malware toolkit called Eternity Project. Cybercriminals can buy stealers, clippers, worms, miners, ransomware, and DDoS Bots for a few hundred dollars each. What’s most notable about this malware-as-a-service (MaaS) is that in addition to being available on a TOR website, the hacker behind it is brazenly promoting…

  • REvil TOR sites back in action with new ransomware (RaaS) operations 

    REvil TOR sites back in action with new ransomware (RaaS) operations 

    Has REvil re-emerged? That’s the question on everyone’s mind and the topic that’s got the cyber community talking. After months of silence, REvil, the infamous presumed Russian-based ransomware gang, seems to be back online as of last week, with a new leak site promoted on RuTOR. The hacker group’s old site, Happy Blog, has returned,…

  • Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data Traced back to January of this year, Okta, a publicly traded identity and access management company announced yesterday that it has been impacted by a cyber-attack claimed by the data extortion group Lapsus$. Okta and Lapsus$ disagree regarding the success of the breach, while companies like Cloudflare…

  • Threat Actors Using Omicron COVID-19 Phishing Lures

    Threat Actors Using Omicron COVID-19 Phishing Lures

    Over the last few weeks, threat actors have been launching phishing scams which leverage people’s fears and anxieties over the Omicron COVID-19 variant. The scams either inject the Dridex banking malware into a victim’s computer or other malware that collects passwords, credentials, and personal or financial data. Informing all employees about the threat is the…

  • Log4Shell hits big players with critical 0-day exploit

    Log4Shell hits big players with critical 0-day exploit

    [Last updated Dec. 19, 2021] A recently discovered Log4j vulnerability (Log4Shell, CVE-2021-44228) in the Apache utility that allows unauthenticated remote code execution (RCE) and server take over is said to be exploited in the wild. Due to how widely used the Apache tool is, affecting companies such as Amazon, Apple, Cisco, Steam, Tesla, Twitter, and many…

  • The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    Cybersecurity is a critical component of every business around the world, regardless of size or industry, with the SOC being a key component during the detection and incident response phase. Red Team vs. Blue Team Cybersecurity in a Nutshell The Blue Team stands at the core of Cybersecurity. The foundational elements established in the Blue…

  • How Can a Cloud-Based SOC Help You Detect Internal Threats?

    How Can a Cloud-Based SOC Help You Detect Internal Threats?

    Businesses worldwide are continuously at risk from external threats which are looking for a way in, be it by phishing or vulnerabilities. Once they enter your infrastructure or software, they can then use it to pivot and move into sensitive data, stealing it, or destroying it to obtain a profit. Internal threats have increased rapidly…

  • How to Prevent the Cybersecurity Talent Gap from Slowing You Down  

    How to Prevent the Cybersecurity Talent Gap from Slowing You Down  

    Nearly every type of business has had to contend with staffing shortages of some type over the past few years. Talent that is in demand is hard to find, and it’s especially true in cybersecurity. Unfortunately, the lack of cybersecurity professionals in the field today presents greater challenges than just filling job openings. The Consequences…

  • How to Prevent Insider Threats 

    How to Prevent Insider Threats 

    In the 1999 workplace comedy classic Office Space, three disgruntled employees devise a plan: they will plant a virus in the company’s financial system, which siphons fractions of a cent from each transaction and deposits it in one of their bank accounts. Since the transactions are so small, the men are convinced that no one…

  • How SSO can lead to a Pass-The-Hash Attacks

    How SSO can lead to a Pass-The-Hash Attacks

    Apple AirTags. Google Maps. Single sign-on technology. What do these three seemingly random tech advancements have in common? Each was created to make our daily experiences more convenient, yet each has been exploited for evil purposes. Stalkers are using AirTags to track the whereabouts of unsuspecting victims; criminals are plotting attacks and burglaries using detailed…

  • Cybersecurity Awareness Month – CYREBRO’s Awareness Insights

    Cybersecurity Awareness Month – CYREBRO’s Awareness Insights

    In many fields, including cybersecurity, common wisdom does not always translate into common practice. The majority of the data breaches that have occurred in recent years are not the result of the failure of some cutting-edge artificial intelligence firewall or of the discovery of a critical zero-day exploit. In most cases, a data breach is…

  • Common Entry Points #5 – External Vendors

    Common Entry Points #5 – External Vendors

    Tag, you’re it! That infamous saying may remind you of your childhood, but it’s also applicable to the never-ending game threat actors play. They hunt around looking for unsuspecting victims who simply haven’t paid attention to their security gaps and left their organization’s vulnerabilities unaddressed. With just a tap, hackers can deliver the same deadly…

  • Common Entry Points #4 – RDSH

    Common Entry Points #4 – RDSH

    If there is a weak point in your IT environment, it’s only a matter of time before a threat actor exploits it. So far, our series of “Common Entry Points” has scrutinized ITaaS (IT-as-a-Service), VPNs, and unpatched and obsolete OSS, all based on real incidents CYREBRO has dealt with. Now, we’ll look at another common…

  • CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    In this episode of CISO Series, we CYREBRO’s CTO, Ori Arbel, discussing the latest cybersecurity trends with the show hosts, cybersecurity journalist, David Spark, and veteran CISO, Andy Ellis. From the start of COVID and the cloud migration rush that followed, to practical tips to help improve incident response planning, the group discusses how to…

  • Women: A Powerful Part of Any Cybersecurity Company

    Women: A Powerful Part of Any Cybersecurity Company

    On March 8th, our company will proudly celebrate International Women’s Day. While this year’s theme, Break the Bias, applies to women in every professional field and country, we find it particularly relevant to the cybersecurity industry. Gender bias has gone on for too long. Many women haven’t been given the recognition and opportunities they deserve. …

  • Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Europe’s top value-added distributor has selected CYREBRO’s interactive cloud-based platform to provide an easy to implement, cost-effective solution to MS(S)Ps across Europe MUNICH, GERMANY and TEL AVIV, ISRAEL — AUGUST 10, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that Infinigate, Europe’s largest purveyor of cybersecurity solutions, will be using…

  • Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

Sign Up for Updates