Tagged: Cybersecurity Tools

  • Common Entry Points #4 – RDSH

    Common Entry Points #4 – RDSH

    If there is a weak point in your IT environment, it’s only a matter of time before a threat actor exploits it. So far, our series of “Common Entry Points” has scrutinized ITaaS (IT-as-a-Service), VPNs, and unpatched and obsolete OSS, all based on real incidents CYREBRO has dealt with. Now, we’ll look at another common…

  • The New Phishing Method That Bypasses MFA

    The New Phishing Method That Bypasses MFA

    Security experts, including our team at CYREBRO, tout the benefits of using multi-factor authentication (MFA) for an added layer of security. While that is still sound advice, recent research shows that a new phishing technique, which steals authentication cookies through Microsoft Edge WebView2 applications, can render MFA useless if people don’t take other precautions. Discovering…

  • Common Entry Points #3 – Unpatched & Obsolete Operating Systems

    Common Entry Points #3 – Unpatched & Obsolete Operating Systems

    Military strategy is about knowing where an opponent’s weak points are and how to take advantage of them. It is the same concept for cyberattacks. External threat actors don’t bide their time chipping away at strong defenses.  Instead, they exploit known vulnerabilities such as unpatched operating systems. A single unpatched OS can be the entry…

  • Common Entry Points #2 – VPN

    Common Entry Points #2 – VPN

    In our last Common Entry Points post, we discussed how ITaaS can be a major weak link, providing bad actors entry into an infrastructure. Another common but often overlooked entry point for attackers is a business’s virtual private network (VPN). Work from home and bring your own device (BYOD) policies have led to expanded attack…

  • Common Entry Points #1 – ITaaS (IT as a Service) Part 2 

    Common Entry Points #1 – ITaaS (IT as a Service) Part 2 

    Assessing the weak links in your company network is an important part of cybersecurity. The people that sit behind the computer keyboards make up some of the weakest links, as there are always a small minority of users that will click on just about anything embedded or attached in an email despite being warned about…

  • Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    Eternity Malware-as-a-Service: A Modular Tool Kit for Threat Actors

    An unknown threat actor is selling a new malware toolkit called Eternity Project. Cybercriminals can buy stealers, clippers, worms, miners, ransomware, and DDoS Bots for a few hundred dollars each. What’s most notable about this malware-as-a-service (MaaS) is that in addition to being available on a TOR website, the hacker behind it is brazenly promoting…

Sign Up for Updates