Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.

  • Aruba Networks fixes 6 critical vulnerabilities in ArubaOS
    Threat Intelligence

    Aruba Networks fixes 6 critical vulnerabilities in ArubaOS

    March 2, 2023 Aruba Networks fixes 6 critical vulnerabilities in ArubaOS Aruba Networks issued a security advisory regarding six critical-severity vulnerabilities affecting multiple versions of ArubaOS, its proprietary network operating system. Aruba’s critical vulnerabilities are divided into two categories: command injection vulnerabilities and stack-based buffer vulnerabilities in the PAPI protocol (Aruba Networks access point management…

    Read More
  • Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones
    Threat Intelligence

    Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones

    March 2, 2023 Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones Cisco has patched a critical security vulnerability discovered in the Web UI of several IP Phone models, which unauthenticated and remote threat actors can exploit in remote code execution (RCE) attacks. The RCE Vulnerability CVE-2023-20078 (CVSS score: 9.8) – A vulnerability…

    Read More
  • Remove AV Exclusions for Microsoft’s Exchange
    Threat Intelligence

    Remove AV Exclusions for Microsoft’s Exchange

    February 27, 2023 Remove AV Exclusions for Microsoft’s Exchange According to Microsoft’s Exchange Team, it is recommended to remove specific folders and processes exclusions from the file-level Antivirus (AV) scanner. The Issue: Keeping the exclusions may prevent detections of Internet Information Services (IIS) webshells and backdoor modules. Threat actors might exploit malicious IIS web server…

    Read More
  • HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS.
    Threat Intelligence

    HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS.

    February 23, 2023 HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS. HP recently discovered potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities in their PC’s BIOS. The Vulnerabilities CVE-2022-27539, CVE-2022-27541, CVE-2022-43777, CVE-2022-43778 (CVSS:3.1 score: 7.8, High) – A threat actor may carry out remote code execution (RCE), denial of service (DoS), and information disclosure operations. Affected…

    Read More
  • VMware Patches a Critical Vulnerability in Carbon Black App Control
    Threat Intelligence

    VMware Patches a Critical Vulnerability in Carbon Black App Control

    February 23, 2023 VMware Patches a Critical Vulnerability in Carbon Black App Control Vmware has patched a critical injection vulnerability in VMware Carbon Black App Control. The Vulnerability: CVE-2023-20858 (CVSS:3.1 score: 9.1, Critical) – an injection vulnerability that could allow a threat actor with privileged access to the App Control administrative console to utilize specially…

    Read More
  • Cyber Insurance Coverage Checklist
    Guides & E-books

    Cyber Insurance Coverage Checklist

    Previously, attaining a cyber insurance policy demanded as little as an antivirus and a computer, today it's become much more difficult.

    Read More
View More
  • Cyber Insurance Coverage Checklist
    Guides & E-books

    Cyber Insurance Coverage Checklist

    Previously, attaining a cyber insurance policy demanded as little as an antivirus and a computer, today it's become much more difficult.

    Read More
  • 2022 Fraud and Email Compromise Analysis Report
    Guides & E-books

    2022 Fraud and Email Compromise Analysis Report

    This report details analysis that CYREBRO performed to understand the leading causes of a fraud attack, and what your organization can do to protect itself from fraud and email compromise.

    Read More
  • Incident Response Analysis Report
    Guides & E-books

    Incident Response Analysis Report

    After analyzing numerous internal incident response (IR) reports, CYREBRO discovered a shocking statistic: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility. Given that a single, minor blind spot can put your business at risk, ensuring that you achieve 100% visibility is critical.

    Read More
  • How to Build a SOC: A Complete Guide
    Guides & E-books

    How to Build a SOC: A Complete Guide

    Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.

    Read More
  • 2022 Attack Vector Landscape Analysis
    Guides & E-books

    2022 Attack Vector Landscape Analysis

    This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.

    Read More
  • The 6 Critical Capabilities of a Complete SOC Solution
    Guides & E-books

    The 6 Critical Capabilities of a Complete SOC Solution

    A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.

    Read More
View More
  • Aruba Networks fixes 6 critical vulnerabilities in ArubaOS
    Threat Intelligence

    Aruba Networks fixes 6 critical vulnerabilities in ArubaOS

    March 2, 2023 Aruba Networks fixes 6 critical vulnerabilities in ArubaOS Aruba Networks issued a security advisory regarding six critical-severity vulnerabilities affecting multiple versions of ArubaOS, its proprietary network operating system. Aruba’s critical vulnerabilities are divided into two categories: command injection vulnerabilities and stack-based buffer vulnerabilities in the PAPI protocol (Aruba Networks access point management…

    Read More
  • Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones
    Threat Intelligence

    Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones

    March 2, 2023 Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones Cisco has patched a critical security vulnerability discovered in the Web UI of several IP Phone models, which unauthenticated and remote threat actors can exploit in remote code execution (RCE) attacks. The RCE Vulnerability CVE-2023-20078 (CVSS score: 9.8) – A vulnerability…

    Read More
  • Remove AV Exclusions for Microsoft’s Exchange
    Threat Intelligence

    Remove AV Exclusions for Microsoft’s Exchange

    February 27, 2023 Remove AV Exclusions for Microsoft’s Exchange According to Microsoft’s Exchange Team, it is recommended to remove specific folders and processes exclusions from the file-level Antivirus (AV) scanner. The Issue: Keeping the exclusions may prevent detections of Internet Information Services (IIS) webshells and backdoor modules. Threat actors might exploit malicious IIS web server…

    Read More
  • HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS.
    Threat Intelligence

    HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS.

    February 23, 2023 HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS. HP recently discovered potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities in their PC’s BIOS. The Vulnerabilities CVE-2022-27539, CVE-2022-27541, CVE-2022-43777, CVE-2022-43778 (CVSS:3.1 score: 7.8, High) – A threat actor may carry out remote code execution (RCE), denial of service (DoS), and information disclosure operations. Affected…

    Read More
  • VMware Patches a Critical Vulnerability in Carbon Black App Control
    Threat Intelligence

    VMware Patches a Critical Vulnerability in Carbon Black App Control

    February 23, 2023 VMware Patches a Critical Vulnerability in Carbon Black App Control Vmware has patched a critical injection vulnerability in VMware Carbon Black App Control. The Vulnerability: CVE-2023-20858 (CVSS:3.1 score: 9.1, Critical) – an injection vulnerability that could allow a threat actor with privileged access to the App Control administrative console to utilize specially…

    Read More
  • Fortinet Patches 40 Vulnerabilities Affecting a Variety of Products, 2 Critical RCE Vulnerabilities
    Threat Intelligence

    Fortinet Patches 40 Vulnerabilities Affecting a Variety of Products, 2 Critical RCE Vulnerabilities

    February 19, 2023 Fortinet Patches 40 Vulnerabilities Affecting a Variety of Products, 2 Critical RCE Vulnerabilities Fortinet patched 40 vulnerabilities in various products, 2 of which had a Critical-Severity level. Successful exploitation of the critical vulnerabilities allows unauthenticated remote attacker to perform arbitrary write (RCE) on the affected system. The Critical Vulnerabilities CVE-2022-39952 (CVSS 3.1:…

    Read More
View More

Cybersecurity Solution Comparison Guide for SMBs

With nearly half of all cyberattacks targeting small businesses, choosing the right cybersecurity solution has never been more important. Use this guide to compare enterprise-grade cybersecurity solutions that are for an SMB.

Get Access Get Access