CYREBRO Blog

Why the Financial Sector Is Especially Vulnerable to the Insider Sabotage Threat 

In the 2008 crime comedy movie Mad Money, three women with menial jobs at the Federal Reserve Bank of Kansas City plot to steal money from the branch. Each works in a different department, but by leveraging their work responsibilities and unique access to areas of the building, they’re able to pull off their theft…

  • Maintaining Operations, Connectivity, and Security in the Manufacturing Sector

    Maintaining Operations, Connectivity, and Security in the Manufacturing Sector

    Build it and they will come. Not only is it the famous line from a movie, but it also rings true for cybercriminals. In this case, it isn’t what is being built, but the manufacturing process itself that attracts nefarious characters. A 2022 study conducted by IBM showed that no industry is targeted by cyber…

  • Why the Financial Sector Is Especially Vulnerable to the Insider Sabotage Threat 

    Why the Financial Sector Is Especially Vulnerable to the Insider Sabotage Threat 

    In the 2008 crime comedy movie Mad Money, three women with menial jobs at the Federal Reserve Bank of Kansas City plot to steal money from the branch. Each works in a different department, but by leveraging their work responsibilities and unique access to areas of the building, they’re able to pull off their theft…

  • Guarding Against MFA Fatigue with 24×7 Monitoring

    Guarding Against MFA Fatigue with 24×7 Monitoring

    Leveraging fatigue as a means of persuasion is a potent technique. Even young children pick up on this, persistently requesting treats until a weary parent finally gives in, seeking a brief respite. But children aren’t the only ones employing this tactic. How often have we made a purchase simply to deter a persistent salesperson? MFA…

  • Pre and Post Breach Insights From the MOVEit Incident – Strengthening Cyber Posture

    Pre and Post Breach Insights From the MOVEit Incident – Strengthening Cyber Posture

    In 1972, Edward Norton Lorenz, a mathematician and meteorologist, introduced the world to the Butterfly Effect, giving birth to the science of chaos theory. The “Butterfly Effect” rests on the notion that the world is so interconnected today, that a one-time small occurrence can have a major impact on a larger more complex system. He…

  • Living-off-the-Land: How Attackers Blend into Traffic

    Living-off-the-Land: How Attackers Blend into Traffic

    “Living off the land” is a strategy employed to discreetly achieve a dubious aim. Think about a couple of wedding crashers. Dressed impeccably, they blend in seamlessly with legitimate guests, indulging in the spread and avoiding direct contact with the newlyweds who might identify them as illegitimate guests. Similarly, a hiker in the wilderness becomes…

  • Tackling Ransomware’s Grip on Education

    Tackling Ransomware’s Grip on Education

    Educational institutions are facing a crisis. Over a short period of time, K-12 schools and universities became heavily reliant on technology. From online classes to managing student records, digitization is being embraced to enhance learning experiences and increase administrative efficiency. However, digital transformation comes at a cost – exposing these organizations to cyber threats. From an…

  • Guarding Against MFA Fatigue with 24×7 Monitoring

    Guarding Against MFA Fatigue with 24×7 Monitoring

    Leveraging fatigue as a means of persuasion is a potent technique. Even young children pick up on this, persistently requesting treats until a weary parent finally gives in, seeking a brief respite. But children aren’t the only ones employing this tactic. How often have we made a purchase simply to deter a persistent salesperson? MFA…

  • Pre and Post Breach Insights From the MOVEit Incident – Strengthening Cyber Posture

    Pre and Post Breach Insights From the MOVEit Incident – Strengthening Cyber Posture

    In 1972, Edward Norton Lorenz, a mathematician and meteorologist, introduced the world to the Butterfly Effect, giving birth to the science of chaos theory. The “Butterfly Effect” rests on the notion that the world is so interconnected today, that a one-time small occurrence can have a major impact on a larger more complex system. He…

  • Living-off-the-Land: How Attackers Blend into Traffic

    Living-off-the-Land: How Attackers Blend into Traffic

    “Living off the land” is a strategy employed to discreetly achieve a dubious aim. Think about a couple of wedding crashers. Dressed impeccably, they blend in seamlessly with legitimate guests, indulging in the spread and avoiding direct contact with the newlyweds who might identify them as illegitimate guests. Similarly, a hiker in the wilderness becomes…

  • Tackling Ransomware’s Grip on Education

    Tackling Ransomware’s Grip on Education

    Educational institutions are facing a crisis. Over a short period of time, K-12 schools and universities became heavily reliant on technology. From online classes to managing student records, digitization is being embraced to enhance learning experiences and increase administrative efficiency. However, digital transformation comes at a cost – exposing these organizations to cyber threats. From an…

  • Cobalt Strike – From Tool to Trap – When Malice Wields the Weapon

    Cobalt Strike – From Tool to Trap – When Malice Wields the Weapon

    It is a classic movie theme: a weapon of great power or mass destruction falls into the wrong hands. Many a James Bond film has used that script and it has proved to be a winning one. Unfortunately, it has also become a common script when it comes to cybersecurity in which hackers and financially…

  • SIEM Optimization Through MITRE ATT&CK: Staying Ahead of Threats with CYREBRO 

    SIEM Optimization Through MITRE ATT&CK: Staying Ahead of Threats with CYREBRO 

    The MITRE ATT&CK framework is a crucial tool in the cybersecurity landscape that enables organizations to improve their security posture. It is a knowledge base of adversary tactics, techniques, and procedures (TTPs) and a common language for discussing and understanding cyber threats. Security teams rely on the framework to identify potential weaknesses in their systems…

  • RansomWar in Costa Rica – Conti Ransomware Gang Attacks

    RansomWar in Costa Rica – Conti Ransomware Gang Attacks

    Conti, one of today’s most prolific and profitable ransomware groups, launched an initial cyberattack against Costa Rica in mid-April. In recent weeks, the Russian-speaking Conti gang, or possibly an associated group called Hive, have stepped up the attacks and expanded the assault. After Costa Rica refused to pay the initial $10 million ransom or the…

  • Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    An unknown threat actor is selling a new malware toolkit called Eternity Project. Cybercriminals can buy stealers, clippers, worms, miners, ransomware, and DDoS Bots for a few hundred dollars each. What’s most notable about this malware-as-a-service (MaaS) is that in addition to being available on a TOR website, the hacker behind it is brazenly promoting…

  • REvil TOR sites back in action with new ransomware (RaaS) operations 

    REvil TOR sites back in action with new ransomware (RaaS) operations 

    Has REvil re-emerged? That’s the question on everyone’s mind and the topic that’s got the cyber community talking. After months of silence, REvil, the infamous presumed Russian-based ransomware gang, seems to be back online as of last week, with a new leak site promoted on RuTOR. The hacker group’s old site, Happy Blog, has returned,…

  • Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data

    Lapsus$ Breaches Okta to Reach Customers’ Sensitive Data Traced back to January of this year, Okta, a publicly traded identity and access management company announced yesterday that it has been impacted by a cyber-attack claimed by the data extortion group Lapsus$. Okta and Lapsus$ disagree regarding the success of the breach, while companies like Cloudflare…

  • Threat Actors Using Omicron COVID-19 Phishing Lures

    Threat Actors Using Omicron COVID-19 Phishing Lures

    Over the last few weeks, threat actors have been launching phishing scams which leverage people’s fears and anxieties over the Omicron COVID-19 variant. The scams either inject the Dridex banking malware into a victim’s computer or other malware that collects passwords, credentials, and personal or financial data. Informing all employees about the threat is the…

  • Log4Shell hits big players with critical 0-day exploit

    Log4Shell hits big players with critical 0-day exploit

    [Last updated Dec. 19, 2021] A recently discovered Log4j vulnerability (Log4Shell, CVE-2021-44228) in the Apache utility that allows unauthenticated remote code execution (RCE) and server take over is said to be exploited in the wild. Due to how widely used the Apache tool is, affecting companies such as Amazon, Apple, Cisco, Steam, Tesla, Twitter, and many…

  • The Role of a SOC During a Cyber Kill Chain

    The Role of a SOC During a Cyber Kill Chain

    The cybersecurity kill chain, initially defined by Lockheed Martin, continues to be a general standard inside Information Security to describe how a malicious actor, internal or external, performs an attack. The cyber kill chain 7 stages are defined as: Reconnaissance – Identify vulnerabilities, improperly configured services, and obtain credentials through active or passive methods. Weaponization…

  • The Role of Artificial intelligence (AI) in security operations center (SOC)

    The Role of Artificial intelligence (AI) in security operations center (SOC)

    In the world of digital warfare, Artificial Intelligence is transforming the Security Operation Centers (SOC) to better respond to cybersecurity threats and attacks. Leveraging AI-Based security tools, such as CYREBRO’s SOC Platform, can provide integration features whereby you will be better able to detect and respond to cybercrimes without an in-house SOC team in place. …

  • The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    The Functionality of a SOC in a Red Team vs. Blue Team Exercise

    Cybersecurity is a critical component of every business around the world, regardless of size or industry, with the SOC being a key component during the detection and incident response phase. Red Team vs. Blue Team Cybersecurity in a Nutshell The Blue Team stands at the core of Cybersecurity. The foundational elements established in the Blue…

  • How Can a Cloud-Based SOC Help You Detect Internal Threats?

    How Can a Cloud-Based SOC Help You Detect Internal Threats?

    Businesses worldwide are continuously at risk from external threats which are looking for a way in, be it by phishing or vulnerabilities. Once they enter your infrastructure or software, they can then use it to pivot and move into sensitive data, stealing it, or destroying it to obtain a profit. Internal threats have increased rapidly…

  • Securing Healthcare in a Digital Age

    Securing Healthcare in a Digital Age

    Today, digitization has become the norm across industries. Businesses of all sizes are adopting new technologies and processes to stay competitive, operate more efficiently, and deliver the best possible services and experiences to customers. While the shift to a digital-first approach has come with a wealth of benefits, the neck-breaking speed of digitization has made…

  • How to Prepare for a Successful Cybersecurity Audit

    How to Prepare for a Successful Cybersecurity Audit

    The Dodd-Frank Wall Street Reform and Consumer Protection Act enacted in 2010 required the U.S. Federal Reserve to conduct annual stress tests for banks with a minimum amount of assets. C-suite leadership of these banks take these stress audits very seriously and devote ample resources and efforts to prepare for these reviews. This includes their…

  • Security-Focused Patching Best Practices

    Security-Focused Patching Best Practices

    As cyber threats become more sophisticated and prevalent, organizations of all sizes face an ever-increasing risk of becoming victims. That isn’t hyperbole. Check Point Research found that cyberattacks increased by 38% in 2022, compared to 2021, and weekly attacks increased by 7% in the first quarter of 2023 compared to the same quarter in 2022. While businesses must…

  • Navigating Cybersecurity Compliance Challenges

    Navigating Cybersecurity Compliance Challenges

    Over the past few decades, the business world shifted from filing cabinets overflowing with paperwork to a cloud-first approach where pen and paper are obsolete. Today we live in an almost limitless digital world that has afforded well-intentioned businesses with uncountable advantages. However, as our reliance on technology has grown, so too has the threat…

  • Are Backdoors Sitting in Your Environment? 

    Are Backdoors Sitting in Your Environment? 

    Have you ever hidden a house key under a doormat or flowerpot on your porch for a trusted friend to use on occasion? Have you ever made a copy to give to one of your neighbors to use in emergency situations when you are out of town?  Ever tape a key to your car underneath…

  • Building A Cybersecurity Compliance Program

    Building A Cybersecurity Compliance Program

    As if IT managers and CIOs didn’t have enough on their plates already, many are finding themselves with another heaping scoop of responsibility to manage: compliance. Various regulatory bodies set compliance requirements, which differ from country to country or even state to state in the US. For a company to be compliant, it must meet…

  • Dark Reading panel – The Next Generation SOC with CYREBRO CEO Nadav Arbel

    Dark Reading panel – The Next Generation SOC with CYREBRO CEO Nadav Arbel

    SOCs are taking the center stage as the defenders of the network but many organizations don’t fully understand how to leverage a SOC, leaving them in the dark about the real value they provide.   On March 24, CYREBRO’s CEO and founder Nadav Arbel sat together with Ryan Alban Sr. Manager of Global Solution Leads at…

  • CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security?

    In this episode of CISO Series, we CYREBRO’s CTO, Ori Arbel, discussing the latest cybersecurity trends with the show hosts, cybersecurity journalist, David Spark, and veteran CISO, Andy Ellis. From the start of COVID and the cloud migration rush that followed, to practical tips to help improve incident response planning, the group discusses how to…

  • Women: A Powerful Part of Any Cybersecurity Company

    Women: A Powerful Part of Any Cybersecurity Company

    On March 8th, our company will proudly celebrate International Women’s Day. While this year’s theme, Break the Bias, applies to women in every professional field and country, we find it particularly relevant to the cybersecurity industry. Gender bias has gone on for too long. Many women haven’t been given the recognition and opportunities they deserve. …

  • Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Top Value Added Distributor, Infinigate, Strengthens Cyber Solutions with Selection of CYREBRO’s SOC Platform

    Europe’s top value-added distributor has selected CYREBRO’s interactive cloud-based platform to provide an easy to implement, cost-effective solution to MS(S)Ps across Europe MUNICH, GERMANY and TEL AVIV, ISRAEL — AUGUST 10, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that Infinigate, Europe’s largest purveyor of cybersecurity solutions, will be using…

  • Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    Nadav Arbel of CYREBRO Named Finalist for Top 10 Cybersecurity Expert for 2021 by Cyber Defense Magazine

    TEL AVIV, ISRAEL — AUGUST 2, 2021 – CYREBRO, the only interactive SOC platform solution for SMBs, today announced that CEO and co-founder Nadav Arbel has been named a Finalist in the Top 10 Cybersecurity Experts for 2021 category at the Black Unicorn Awards for 2021 which take place annually at the Black Hat USA…

  • We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    We Are CYREBRO and This Is How We Are Revolutionizing Cybersecurity Operations

    When we first established our company, our goal was clear. We were on a mission to provide strategic support to Fortune 500 companies by helping them optimize their cybersecurity posture. Our way to do this was to leverage our team’s real-world experiences and deep domain expertise in cyber-forensics investigations, IR, and ethical hacking to provide…

Sign Up for Updates