Category: Insights

  • Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

  • The 7 Steps to Effective Incident Response

    The 7 Steps to Effective Incident Response

    Cybercriminals have been around for as long as the Internet, and they are becoming bolder and more sophisticated with each passing day.  Yet incredibly, the majority of businesses are still not ready to respond to cyberattacks or breach events, according to a recent FireEye survey of 800 chief information security officers and other senior executives from around the world.  In a recent study by the Ponemon Institute,…

  • Apple fixes Exploited-in-the-Wild macOS Big Sur Privileged Arbitrary Code Execution Zero-Day Vulnerability

    Apple fixes Exploited-in-the-Wild macOS Big Sur Privileged Arbitrary Code Execution Zero-Day Vulnerability

    Apple has released a security update to address an exploited-in-the-wild zero-day vulnerability which allows for Privileged Arbitrary Code Execution.  The vulnerability affects macOS Big Sur, iOS and iPadOS. (See Affected Products for affected versions)  Apple did not publish details regarding the attacks or attackers that have exploited this vulnerability.  The Vulnerability CVE-2021-30807  An application may be able…

  • Apple releases MacOS and Safari updates, patching multiple Remote and local Arbitrary Code Execution vulnerabilities

    Apple releases MacOS and Safari updates, patching multiple Remote and local Arbitrary Code Execution vulnerabilities

    Apple has released updates to MacOS Big Sur, Catalina, and Mojave, as well as the Safari browser.   The updates fix a Remote Code Execution vulnerability in Big Sur’s libxml2 library, and multiple Arbitrary Code Execution vulnerabilities affecting the products.  Apple Security Advisories macOS Big Sur 11.5 – 1 Remote Code Execution and 17 Arbitrary Code Execution vulnerabilities fixed.  Security Update…

  • Cisco patches Firepower Device Manager On-Box Software RCE vulnerability

    Cisco patches Firepower Device Manager On-Box Software RCE vulnerability

    Cisco patched a Remote Code Execution vulnerability in the Cisco Firepower Device Manager On-Box Software. The vulnerability only affects Cisco FDM On-Box Software.  The Vulnerability CVE-2021-1518 (CVSS 3.1: 6.3 Medium)  A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software, which due to insufficient sanitization of user input on specific REST API commands could…

  • Google Chrome Patches 7 Vulnerabilities, one of which is an Exploited-in-the-Wild, Critical Arbitrary Code Execution Zero-Day

    Google Chrome Patches 7 Vulnerabilities, one of which is an Exploited-in-the-Wild, Critical Arbitrary Code Execution Zero-Day

    Google has released a new Chrome update, patching 1 actively exploited arbitrary code execution zero-day vulnerability and 6 additional ones. The updated Chrome version is 91.0.4472.164 and is relevant to Windows, Mac, and Linux. 6 out of the patched vulnerabilities are classified by Google as of high severity. The actively exploited Arbitrary Code Execution Zero-Day…

  • Why you Need to Revamp your Security Strategy in a Mostly Remote World

    Why you Need to Revamp your Security Strategy in a Mostly Remote World

    It’s been nearly a year now since the pandemic has sent millions worldwide to work from home and has compelled organizations to establish operations outside the traditional security border. As such, there is now great pressure to protect these remote workers, their devices, and their network against ever-increasing rates of cyberattacks. To make the job…

  • Our 4 Predictions Impacting Cybersecurity in 2021 & How to Stay Protected

    Our 4 Predictions Impacting Cybersecurity in 2021 & How to Stay Protected

    There is no doubt that 2020 was a year of unprecedented challenge. Both personally and professionally we had to completely shift our perception of so many domains and adjust to a whole new reality on so many levels. Specifically, on the cybersecurity-level, we needed to change strategies and tactics and redefine how we protect our…

  • Why Being Technology Agnostic Is So Critical for Maximizing Cybersecurity

    Why Being Technology Agnostic Is So Critical for Maximizing Cybersecurity

    The Complex Web of Solutions Protecting your company against cyberattacks can require using up to dozens of different systems and solutions.This is because there are so many different vectors that require protection, including servers, endpoints, the network, exposed services, cloud-based applications, emails, and many more. In fact, to ensure protection most small-to-medium-sized organizations will have anywhere from at…

  • Zerologon and How to Detect It Like A Pro

    Zerologon and How to Detect It Like A Pro

    You’ve probably already heard about the Zerologon vulnerability (aka CVE-2020-1472) but in case you haven’t, here is what it is in a nutshell; and more importantly here are our insights on how to detect it. Zerologon is a critical vulnerability scored CVSS10.0 by Microsoft, essentially allowing an adversary to exploit the Netlogon Remote Protocol (MS-NRPC) aimed at…

  • 5 Tips for Educational Institutes to Avoid the Next Cyber-Attack

    5 Tips for Educational Institutes to Avoid the Next Cyber-Attack

    Why Protecting your Educational Institution is as Important as Ever During Covid-19 The Covid-19 pandemic has brought on a new set of challenges for the education system. With virtual learning becoming the new normal, it’s important to address the major cyber threat that has descended on educational institutions. Recently schools are becoming especially vulnerable to…

  • SIEM Optimization tips to Improve Your Cybersecurity Readiness

    SIEM Optimization tips to Improve Your Cybersecurity Readiness

    Security Information and Event Management (SIEM) technology has firmly established itself as a critical component to any robust cyber-security operation. SIEM tools aggregate data from multiple log sources and analyze it based on rules dictated by cybersecurity professionals. Properly optimized, these tools allow teams to make important decisions quickly. Improperly optimized, they can do more…

  • QRoC SIEM integration DUO script

    QRoC SIEM integration DUO script

    QRoC SIEM integration scripts CyberHat publishes codes on open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow the…

  • QRoC SIEM integration MongoDB-Atlas script

    QRoC SIEM integration MongoDB-Atlas script

    QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to take information from multiple security tools and create rules that allow…

  • The Role of Artificial intelligence (AI) in security operations center (SOC)

    The Role of Artificial intelligence (AI) in security operations center (SOC)

    In the world of digital warfare, Artificial Intelligence is transforming the Security Operation Centers (SOC) to better respond to cybersecurity threats and attacks. Leveraging AI-Based security tools, such as CYREBRO’s SOC Platform, can provide integration features whereby you will be better able to detect and respond to cybercrimes without an in-house SOC team in place. …

  • QRoC SIEM integration Mimecast script

    QRoC SIEM integration Mimecast script

    QRoC SIEM integration scripts We published codes on the open-source platform Github to improve global security Within the cybersecurity community, IBM’s QRoC software is something of a catch-all when it comes to managing security information. QRoC (like other SIEM technologies) provides the ability to extract information and optimize from multiple security tools and create rules…

  • The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    Cybersecurity is a critical component of every business around the world, regardless of size or industry, with the SOC being a key component during the detection and incident response phase. Red Team vs. Blue Team Cybersecurity in a Nutshell The Blue Team stands at the core of Cybersecurity. The foundational elements established in the Blue…

  • 5 Commonly Overlooked Signs of a Hack

    5 Commonly Overlooked Signs of a Hack

    There are security system rules configurations that can indicate these threats, so if you see any one of these, there is a good chance that your system has been compromised somewhere along the way. Someone else is reading your emails! (The Windows Outlook Hack) If you use Microsoft Outlook for your emails, your emails can…

Sign Up for Updates