Category: Insights

  • Cisco patches Firepower Device Manager On-Box Software RCE vulnerability

    Cisco patches Firepower Device Manager On-Box Software RCE vulnerability

    Cisco patched a Remote Code Execution vulnerability in the Cisco Firepower Device Manager On-Box Software. The vulnerability only affects Cisco FDM On-Box Software.  The Vulnerability CVE-2021-1518 (CVSS 3.1: 6.3 Medium)  A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, which due to insufficient sanitization of user input on specific REST API commands could…

  • Google Chrome Patches 7 Vulnerabilities, one of which is an Exploited-in-the-Wild, Critical Arbitrary Code Execution Zero-Day

    Google Chrome Patches 7 Vulnerabilities, one of which is an Exploited-in-the-Wild, Critical Arbitrary Code Execution Zero-Day

    Google has released a new Chrome update, patching 1 actively exploited arbitrary code execution zero-day vulnerability and 6 additional ones. The updated Chrome version is 91.0.4472.164 and is relevant to Windows, Mac, and Linux. 6 out of the patched vulnerabilities are classified by Google as of high severity. The actively exploited Arbitrary Code Execution Zero-Day…

  • Ransomware Explained (Part 1): What is it and how to prevent it

    Ransomware Explained (Part 1): What is it and how to prevent it

    The rise of ransomware attacks over the past decade has been nothing short of meteoric. Like other forms of malware, ransomware has been in existence for decades and generally poses a threat to all your personal and company devices and data. What makes up a ransomware attack? Why is it potentially one of the most feared cyber-attack types…

  • Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE

    Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE

    Fortinet has released a security advisory regarding a Use-After-Free vulnerability which can lead to non-authenticated, privileged Remote Code Execution (RCE) on the affected system. The vulnerability affects FortiManager & FortiAnalyzer fgfmsd daemon. Please note that FGFM is disabled by default on FortiAnalyzer and can only be enabled on specific hardware models: 1000D, 1000E, 2000E, 3000D,…

  • Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability

    Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability

    A new Windows Print Spooler Zero-Day Vulnerability has been detected which allows for non-admin users to be able to install printer drivers via Point and Print.  By connecting to a malicious printer, an attacker may be able to execute arbitrary code with SYSTEM privileges on a vulnerable system.  The vulnerability is deemed CRITICAL as it affects all currently installed versions…

  • Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition

    Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition

    Juniper patched a critical Buffer Overflow vulnerability in Juniper Steel-Belted Radius (SBR) Carrier Edition with EAP authentication configured, which could result in remote code execution (RCE).  This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.  The Vulnerability CVE-2021-0276 CVSS 3.1 Score: 9.8, Critical  A stack-based Buffer Overflow vulnerability in Juniper…

  • Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

    Colonial Pipeline Ransomware Attack: Lessons For SOC Operators

    Background Earlier this month, Colonial Pipeline — the largest pipeline system for refined oil production in the U.S. — suffered a ransomware attack that resulted in the closure of one of the largest U.S. pipelines. As a result of the attack, the pipeline operator was forced to temporarily halt all pipeline operations resulting in massive…

  • Cybersecurity Isn’t Enough: You Need A Human Intelligence Team

    Cybersecurity Isn’t Enough: You Need A Human Intelligence Team

    Cybersecurity threats are growing in number and sophistication every year. Since 2017, the industry has seen a year-over-year increase of 27%, with hundreds of millions of attacks occurring every day in 2020. As we saw with the SolarWinds attack and the recent attack on US fuel pipeline operator Colonial Pipeline, even the best cyber defenses implemented by…

  • What Is a SOC Platform and How It Can Help IT Professionals to Excel in Their Job

    What Is a SOC Platform and How It Can Help IT Professionals to Excel in Their Job

    Will your company survive if there is a breach of its data infrastructure? According to a prediction by Cybersecurity Ventures, businesses around the world are more likely to fall victim to ransome attacks every 11 seconds in 2021, compared to 14 seconds in 2019.   In todays’ business landscape, a single data breach can cause a…

  • Two Emerging Vector Trends

    Two Emerging Vector Trends

    Life is never dull for cybersecurity teams, but we’ve seen an increase in two types of threat vectors during the first half of 2021. Reports of the recent Codecov Bash Uploaded security breach is an example of a supply chain attack, while common vulnerabilities and exposures (CVE) have shown up in increased frequency at Apple,…

  • Why Software Supply Chain Attacks are a CEO’s Nightmare

    Why Software Supply Chain Attacks are a CEO’s Nightmare

    Recent supply chain attacks such as SolarWinds and Mimecast have shown that these types of attacks are definitely on the increase for enterprises. You might think that as a small to medium business (SMB), you have less to worry about compared to an enterprise. But SMBs have just as much – if not more – to worry about…

  • The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    May 7 is World Password Day, the official day for the promotion of better password habits to businesses and individuals.    To mark this special day, here are five top scenes from film and TV that realistically portray some of the simple methods hackers can use to steal passwords.   1- WarGames This 80s classic begins with David Lightman (a young Matthew Broderick in his breakthrough…

  • Minimal Security Changes That Make A Significant Impact

    Minimal Security Changes That Make A Significant Impact

    If you find yourself saying, “I own a small company. I won’t be targeted,” unfortunately, the data is not on your side. Over 40% of data breaches happen to small businesses.   Fundera compiled a list of terrifying facts about cybercriminals, data breaches, and security hacks. It’s enough to make your head spin.   Cybercrime costs small and medium businesses…

  • Cybersecurity and Data Protection Laws 101

    Cybersecurity and Data Protection Laws 101

    Aside from the obvious need to protect your business, customers and reputation, there is another reason for businesses of all sizes to use cybersecurity to guard users’ personal information: staying compliant with the law. As things stand, federal laws in the United States deal mainly with who is obligated to implement cybersecurity protections (bottom line:…

  • What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

  • The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The cyberattacks that are launched on large enterprises are the ones that tend to grab the big headlines because of the big numbers involved with their colossal impact. Just from the past year, we had: SolarWinds: compromising 250 federal agencies and businesses Twitter: 130 users hit including high profile accounts such as those of Joe Biden, Barak Obama, Elon Musk, Jeff Bezos,…

  • What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    A close look at the pros and cons of SIEM, MSSP, MDR, and SOCaaS Think cyber criminals only target large enterprises? If you answered yes, you’re not alone. Nearly 70% of small-to-medium businesses (SMBs) are not worried about getting hacked, mostly because they don’t think they have the resources that hackers typically seek out, whether…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

  • Why you Need to Revamp your Security Strategy in a Mostly Remote World

    Why you Need to Revamp your Security Strategy in a Mostly Remote World

    It’s been nearly a year now since the pandemic has sent millions worldwide to work from home and has compelled organizations to establish operations outside the traditional security border. As such, there is now great pressure to protect these remote workers, their devices, and their network against ever-increasing rates of cyberattacks. To make the job…

  • Our 4 Predictions Impacting Cybersecurity in 2021 & How to Stay Protected

    Our 4 Predictions Impacting Cybersecurity in 2021 & How to Stay Protected

    There is no doubt that 2020 was a year of unprecedented challenge. Both personally and professionally we had to completely shift our perception of so many domains and adjust to a whole new reality on so many levels. Specifically, on the cybersecurity-level, we needed to change strategies and tactics and redefine how we protect our…

  • Why Being Technology Agnostic Is So Critical for Maximizing Cybersecurity

    Why Being Technology Agnostic Is So Critical for Maximizing Cybersecurity

    The Complex Web of Solutions Protecting your company against cyberattacks can require using up to dozens of different systems and solutions.This is because there are so many different vectors that require protection, including servers, endpoints, the network, exposed services, cloud-based applications, emails, and many more. In fact, to ensure protection most small-to-medium-sized organizations will have anywhere from at…

  • 5 Tips for Educational Institutes to Avoid the Next Cyber-Attack

    5 Tips for Educational Institutes to Avoid the Next Cyber-Attack

    Why Protecting your Educational Institution is as Important as Ever During Covid-19 The Covid-19 pandemic has brought on a new set of challenges for the education system. With virtual learning becoming the new normal, it’s important to address the major cyber threat that has descended on educational institutions. Recently schools are becoming especially vulnerable to…

  • SIEM Optimization tips to Improve Your Cybersecurity Readiness

    SIEM Optimization tips to Improve Your Cybersecurity Readiness

    Security Information and Event Management (SIEM) technology has firmly established itself as a critical component to any robust cyber-security operation. SIEM tools aggregate data from multiple log sources and analyze it based on rules dictated by cybersecurity professionals. Properly optimized, these tools allow teams to make important decisions quickly. Improperly optimized, they can do more…

  • How Can a Cloud-Based SOC Help You Detect Internal Threats?

    How Can a Cloud-Based SOC Help You Detect Internal Threats?

    Businesses worldwide are continuously at risk from external threats which are looking for a way in, be it by phishing or vulnerabilities. Once they enter your infrastructure or software, they can then use it to pivot and move into sensitive data, stealing it, or destroying it to obtain a profit. Internal threats have increased rapidly…

  • Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE

    Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE

    Fortinet has released a security advisory regarding a Use-After-Free vulnerability which can lead to non-authenticated, privileged Remote Code Execution (RCE) on the affected system. The vulnerability affects FortiManager & FortiAnalyzer fgfmsd daemon. Please note that FGFM is disabled by default on FortiAnalyzer and can only be enabled on specific hardware models: 1000D, 1000E, 2000E, 3000D,…

  • Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability

    Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability

    A new Windows Print Spooler Zero-Day Vulnerability has been detected which allows for non-admin users to be able to install printer drivers via Point and Print.  By connecting to a malicious printer, an attacker may be able to execute arbitrary code with SYSTEM privileges on a vulnerable system.  The vulnerability is deemed CRITICAL as it affects all currently installed versions…

  • Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition

    Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition

    Juniper patched a critical Buffer Overflow vulnerability in Juniper Steel-Belted Radius (SBR) Carrier Edition with EAP authentication configured, which could result in remote code execution (RCE).  This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.  The Vulnerability CVE-2021-0276 CVSS 3.1 Score: 9.8, Critical  A stack-based Buffer Overflow vulnerability in Juniper…

  • Critical Ransomware Risk to Unpatched SonicWall SRA & SMA 8.X

    Critical Ransomware Risk to Unpatched SonicWall SRA & SMA 8.X

    SonicWall has released an URGENT security notice considering a risk to unpatched end-of-life SRA & SMA remote access devices. A HelloKitty Ransomware campaign targets SRA and SMA devices running 8.x firmware. Organizations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of…

  • Critical Vulnerability Affecting VMware vCenter Servers

    Critical Vulnerability Affecting VMware vCenter Servers

    VMware has released an urgent security update addressing a critical remote code execution (RCE) vulnerability in the Virtual SAN Health Check plug-in affecting ALL vCenter Server deployments. In addition, the company patched a medium severity vulnerability affecting Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. The Vulnerabilities CVE-2021-21985 CVSSv3 score 9.8 The…

Sign Up for Updates