Category: Insights

  • Ransomware Explained (Part 2): What is it and how to prevent it

    Ransomware Explained (Part 2): What is it and how to prevent it

    Ransomware attacks are all too common in the cyber world. As such, understanding what they are is critical, and can be found here. The next step is to understand the measures to implement to protect yourself from ransomware, as outlined below. Here are some specific tips for preventing or mitigating ransomware attacks in 2021. Back…

  • Cisco Patches Critical and High Severity RCE Vulnerabilities in VPN Routers

    Cisco Patches Critical and High Severity RCE Vulnerabilities in VPN Routers

    Cisco has released updates addressing 3 pre-auth security vulnerabilities affecting VPN routers. The vulnerabilities are remotely exploitable without requiring authentication and allow attackers to remotely execute commands and arbitrary code or to trigger a denial-of-service on vulnerable devices.  The Vulnerabilities CVE-2021-1609 (CVSS 3.1: 9.8, Critical) A vulnerability in the web-based management interface of Cisco Small…

  • Google Patches RCE Vulnerability in the New Chrome Update Release

    Google Patches RCE Vulnerability in the New Chrome Update Release

    Google has released Chrome Version 92.0.4515.131 for Windows, Mac and Linux. The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system. The Remote Code Execution Vulnerability CVE-2021-30590 (High Severity) A sandbox escape vulnerability that can be “exploited in combination with an extension or a…

  • Six months later: Key takeaways from the SolarWinds Supply Chain Attack 

    Six months later: Key takeaways from the SolarWinds Supply Chain Attack 

    Last year’s SolarWinds supply chain attack shook the security world. Hundreds of private businesses, many of them Fortune 500 companies, and several US agencies, including the Pentagon, Homeland Security, the Treasury, and the State Department, were all victims as they all use SolarWinds’ Orion system.   The scope of this attack and the fact that hackers…

  • Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

  • The 7 Steps to Effective Incident Response

    The 7 Steps to Effective Incident Response

    Cybercriminals have been around for as long as the Internet, and they are becoming bolder and more sophisticated with each passing day.  Yet incredibly, the majority of businesses are still not ready to respond to cyberattacks or breach events, according to a recent FireEye survey of 800 chief information security officers and other senior executives from around the world.  In a recent study by the Ponemon Institute,…

  • Two Emerging Vector Trends

    Two Emerging Vector Trends

    Life is never dull for cybersecurity teams, but we’ve seen an increase in two types of threat vectors during the first half of 2021. Reports of the recent Codecov Bash Uploaded security breach is an example of a supply chain attack, while common vulnerabilities and exposures (CVE) have shown up in increased frequency at Apple,…

  • Why Software Supply Chain Attacks are a CEO’s Nightmare

    Why Software Supply Chain Attacks are a CEO’s Nightmare

    Recent supply chain attacks such as SolarWinds and Mimecast have shown that these types of attacks are definitely on the increase for enterprises. You might think that as a small to medium business (SMB), you have less to worry about compared to an enterprise. But SMBs have just as much – if not more – to worry about…

  • The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    The 5 Best Password Hacking Scenes in Film and TV for World Password Day

    May 7 is World Password Day, the official day for the promotion of better password habits to businesses and individuals.    To mark this special day, here are five top scenes from film and TV that realistically portray some of the simple methods hackers can use to steal passwords.   1- WarGames This 80s classic begins with David Lightman (a young Matthew Broderick in his breakthrough…

  • A Smart SOC in space – Protecting the Millennium Falcon

    A Smart SOC in space – Protecting the Millennium Falcon

    If the title of this blog post grabbed your attention on May the 4th, of all days, then you probably need no introduction to the Star Wars franchise and its’ iconic starship the Millennium Falcon. But just in case you’ve been living under the remnants of the planet Alderaan since its destruction by the first…

  • Protecting Your Network Without an Internal Cyber Team

    Protecting Your Network Without an Internal Cyber Team

    It can be challenging for businesses to stay on top of their cybersecurity. They feel that their relative anonymity protects them from hackers who are looking to break into Fortune 500 networks and financial institutions. Unfortunately, hackers view their sites as ready-made training grounds.   Disruptions caused by hackers can harm sales, interfere with operations, and corrupt or expose data. Consumers…

  • Minimal Security Changes That Make A Significant Impact

    Minimal Security Changes That Make A Significant Impact

    If you find yourself saying, “I own a small company. I won’t be targeted,” unfortunately, the data is not on your side. Over 40% of data breaches happen to small businesses.   Fundera compiled a list of terrifying facts about cybercriminals, data breaches, and security hacks. It’s enough to make your head spin.   Cybercrime costs small and medium businesses…

  • Cybersecurity and Data Protection Laws 101

    Cybersecurity and Data Protection Laws 101

    Aside from the obvious need to protect your business, customers and reputation, there is another reason for businesses of all sizes to use cybersecurity to guard users’ personal information: staying compliant with the law. As things stand, federal laws in the United States deal mainly with who is obligated to implement cybersecurity protections (bottom line:…

  • What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    What Every Business Needs to Know About Social Engineering, Phishing, and Passwords

    There are multiple types of cyberattacks – many of which are very sophisticated, often because of the technology they use. But more often, the kind of attack that leaves the biggest impact on its victims – emotionally and psychologically, is the one that is not necessarily driven by sophisticated technology, and often appears to be…

  • The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The SMB’s Guide to Large Enterprise-Like Cybersecurity

    The cyberattacks that are launched on large enterprises are the ones that tend to grab the big headlines because of the big numbers involved with their colossal impact. Just from the past year, we had: SolarWinds: compromising 250 federal agencies and businesses Twitter: 130 users hit including high profile accounts such as those of Joe Biden, Barak Obama, Elon Musk, Jeff Bezos,…

  • What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    What’s the Best Cyber Security Approach for Your Small-to-Medium Business?

    A close look at the pros and cons of SIEM, MSSP, MDR, and SOCaaS Think cyber criminals only target large enterprises? If you answered yes, you’re not alone. Nearly 70% of small-to-medium businesses (SMBs) are not worried about getting hacked, mostly because they don’t think they have the resources that hackers typically seek out, whether…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

  • Why Mastering Cyber Incident Response Is a Must

    Why Mastering Cyber Incident Response Is a Must

    Every SMB Is at Risk “What you may not know, however, is that small to mid-sized businesses (SMBs) are frequent targets of destructive cyberattacks, many of which can be crippling.” (Forbes) There’s no getting around it. Sooner or later your organization will get hit by a cyber attack… if it hasn’t been already. If you believe that you’re not big…

  • How Can a Cloud-Based SOC Help You Detect Internal Threats?

    How Can a Cloud-Based SOC Help You Detect Internal Threats?

    Businesses worldwide are continuously at risk from external threats which are looking for a way in, be it by phishing or vulnerabilities. Once they enter your infrastructure or software, they can then use it to pivot and move into sensitive data, stealing it, or destroying it to obtain a profit. Internal threats have increased rapidly…

  • Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE

    Fortinet FortiManager & FortiAnalyzer fgfmsd vulnerability allows RCE

    Fortinet has released a security advisory regarding a Use-After-Free vulnerability which can lead to non-authenticated, privileged Remote Code Execution (RCE) on the affected system. The vulnerability affects FortiManager & FortiAnalyzer fgfmsd daemon. Please note that FGFM is disabled by default on FortiAnalyzer and can only be enabled on specific hardware models: 1000D, 1000E, 2000E, 3000D,…

  • Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability

    Critical Microsoft Windows Print Spooler Point and Print Arbitrary Code Execution Zero-Day Vulnerability

    A new Windows Print Spooler Zero-Day Vulnerability has been detected which allows for non-admin users to be able to install printer drivers via Point and Print.  By connecting to a malicious printer, an attacker may be able to execute arbitrary code with SYSTEM privileges on a vulnerable system.  The vulnerability is deemed CRITICAL as it affects all currently installed versions…

  • Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition

    Critical Vulnerability Allowing Remote Code Execution Patched in Juniper SBR Carrier Edition

    Juniper patched a critical Buffer Overflow vulnerability in Juniper Steel-Belted Radius (SBR) Carrier Edition with EAP authentication configured, which could result in remote code execution (RCE).  This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.  The Vulnerability CVE-2021-0276 CVSS 3.1 Score: 9.8, Critical  A stack-based Buffer Overflow vulnerability in Juniper…

  • Critical Ransomware Risk to Unpatched SonicWall SRA & SMA 8.X

    Critical Ransomware Risk to Unpatched SonicWall SRA & SMA 8.X

    SonicWall has released an URGENT security notice considering a risk to unpatched end-of-life SRA & SMA remote access devices. A HelloKitty Ransomware campaign targets SRA and SMA devices running 8.x firmware. Organizations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of…

  • Critical Vulnerability Affecting VMware vCenter Servers

    Critical Vulnerability Affecting VMware vCenter Servers

    VMware has released an urgent security update addressing a critical remote code execution (RCE) vulnerability in the Virtual SAN Health Check plug-in affecting ALL vCenter Server deployments. In addition, the company patched a medium severity vulnerability affecting Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. The Vulnerabilities CVE-2021-21985 CVSSv3 score 9.8 The…

Sign Up for Updates