Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.

  • Microsoft Patches 3 Zero-Days, HP Patches 16 UEFI Vulnerabilities & Critical Vulnerabilities patched in APC Smart UPS
    Threat Intelligence

    Microsoft Patches 3 Zero-Days, HP Patches 16 UEFI Vulnerabilities & Critical Vulnerabilities patched in APC Smart UPS

    March 10, 2022  Microsoft Patches 3 Zero-Days & 3 Critical RCE vulnerabilities As part of the monthly security rollup updates, Microsoft has patched 3 Zero-Days, one being actively exploited in the wild, and 3 Critical-Rated Microsoft Security vulnerabilities.  In total, Microsoft has patched 71 vulnerabilities, not including 21 Microsoft Edge vulnerabilities.  The Vulnerabilities: The Zero-Day…

    Read More
  • Google Patches Exploited in the Wild Chrome Zero-Day
    Threat Intelligence

    Google Patches Exploited in the Wild Chrome Zero-Day

    February 16, 2022  Google has released an emergency update, addressing an exploited in the wild zero-day vulnerability in Chrome. No further details were released regarding the vulnerability except that it is a ‘use after free’ bug in the animation component, a type of vulnerability that typically leads to remote code execution on affected systems.  The…

    Read More
  • How to Build a SOC: A Complete Guide
    Guides & E-books

    How to Build a SOC: A Complete Guide

    Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.

    Read More
  • 2022 Attack Vector Landscape Analysis
    Guides & E-books

    2022 Attack Vector Landscape Analysis

    This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.

    Read More
  • ‘OAuth’ Phishing Campaign Targeting ‘Microsoft 365’ Users & Adobe Patches 2 Zero-Days and 8 ACEs
    Threat Intelligence

    ‘OAuth’ Phishing Campaign Targeting ‘Microsoft 365’ Users & Adobe Patches 2 Zero-Days and 8 ACEs

    January 27, 2022  Note: this CTI contains 2 alerts: Microsoft Advisory & Apple Updates  Phishing Campaign Targeting ‘Microsoft 365’ Users Abuses ‘OAuth Request’ Links  Microsoft has recently detected a ‘Consent Phishing’ campaign targeting ‘Microsoft 365’ users in which threat actors abuse ‘OAuth’ request links to allow a malicious app called ‘Upgrade’ to access victims’ email, contacts and…

    Read More
  • SolarWinds Patches Serv-U Vulnerability Actively Exploited for Log4J Attacks
    Threat Intelligence

    SolarWinds Patches Serv-U Vulnerability Actively Exploited for Log4J Attacks

    January 20, 2022  SolarWinds released an update addressing an improper input validation vulnerability in Serv-U.  The vulnerability has been actively exploited by threat actors to spread Log4J attacks to internal network devices.  The Vulnerability CVE-2021-35247 (CVSS 3.1: 4.3) – Improper Input Validation: The Serv-U web login screen to LDAP authentication was allowing characters that were not…

    Read More
View More
View More