Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack
May 22, 2022 Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack On May 17th, the cash register vendor AutoSoft has been targeted by the infamous ‘LockBit 2.0’ ransomware. According to a private statement sent to their customers by AutoSoft, 200 computers have been compromised, and attempts are being made to contact…
-
Threat Intelligence
Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation
May 18, 2022 Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation According to an advisory by WordFence, a critical privilege escalation vulnerability affecting ‘Jupiter’ theme and ‘JupiterX Core’ plugin for WordPress was detected and patched. The Vulnerability CVE-2022-1654 (CVSS 3.1: 9.9, Critical) – Authenticated Privilege Escalation and Post deletion. The vulnerability enables any authenticated attacker,…
-
Threat Intelligence
VMWare Patches Critical Authentication Bypass Vulnerability
May 19, 2022 VMWare Patches Critical Authentication Bypass Vulnerability VMWare has patched a critical vulnerability, which may allow attackers to obtain administrative access without the need to authenticate. The Vulnerability CVE-2022-22972, (CVSS 3.1: 9.8, Critical) – A malicious actor with network access to the UI may be able to obtain administrative access without authentication. Affected Products VMware…
-
Threat Intelligence
NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers
May 18, 2022 NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers NVIDIA has released a security update that addresses 4 high-severity and 6 medium-severity vulnerabilities in its GPU drivers. The vulnerabilities can lead denial of service, information exposure, privilege elevation, arbitrary code execution (ACE), etc. The ACE Vulnerabilities CVE-2022-28181, High…
-
Threat Intelligence
Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days
May 17, 2022 Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days Apple has released security updates to address 2 zero-day vulnerabilities actively exploited in the wiled in attacks targeting Macs and Apple Watch devices. Overall, Apple has patched 50 vulnerabilities in Apple macOS Big Sur 11.6.6, including several arbitrary code…
-
Threat Intelligence
Zyxel Patches a Critical Firewall Vulnerability
May 15, 2022 Zyxel Patches a Critical Firewall Vulnerability Zyxel has released a security advisory addressing a critical unauthenticated remote command Injection vulnerability affecting several firewall models. The Vulnerability CVE-2022-30525 (CVSS:9.8 – critical) – An unauthenticated remote command injection via the HTTP interface vulnerability, affecting Zyxel firewalls supporting Zero Touch Provisioning (ZTP). Successful Exploitation could…
-
Case Studies
Hedge Fund Case Study
The company is one of the top US hedge funds in the alternative investment space and invests in various public equity markets including financial, telecom, healthcare, and industrial companies, on a global scale
-
Guides & E-books
How to Build a SOC: A Complete Guide
Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.
-
Guides & E-books
2022 Attack Vector Landscape Analysis
This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.
-
Guides & E-books
The 6 Critical Capabilities of a Complete SOC Solution
A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.
-
Guides & E-books
7 Steps to Effective Incident Response
This guide is meant to help you take the first steps to creating an effective incident response plan. Every organization is different, so use this guide as a framework to create an incident response plan (IRP) that is uniquely tailored to your organization.
-
Guide
Predictions for 2022
Cybersecurity should be considered a right, not a privilege. As such, investment into solutions that can transform chaos into clarity, as well as improving employee awareness, will be critical when facing threats into 2022 and beyond
-
Guides & E-books
The Real State of DevSecOps and Where It’s Going
Get the ultimate 2021 DevSecOps guide to bolster the capabilities of your DevSecOps team. Find out about the challenges facing the field, what to watch out for, how to boost protection, and key takeaways regarding consolidation, compartmentalization, and accountability.
-
Podcast & Webinars
Dark Reading Panel: Next Gen SOC with CYREBRO CEO Nadav Arbel
Learn about the new tools and practices that are being added to today’s SOCs such as threat hunting capabilities, tools such as XDR and orchestration, and more.
-
Podcast & Webinars
CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security
How do CISOs digest the latest cybersecurity trends of 2022? What struggles do companies deal with surrounding cloud migrations and how can they overcome them?
-
Podcast & Webinars
Maximize Your Existing Systems to Harden Your Security Posture
To combat the ever-growing threat of cyber-attacks from actors who are becoming more and more sophisticated, organizations are investing in DevSecOps to embed security deep into the development process. This also means that it’s also critical to stay on top of the quickly evolving DevSecOps tools and tactics.
-
Threat Intelligence
Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack
May 22, 2022 Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack On May 17th, the cash register vendor AutoSoft has been targeted by the infamous ‘LockBit 2.0’ ransomware. According to a private statement sent to their customers by AutoSoft, 200 computers have been compromised, and attempts are being made to contact…
-
Threat Intelligence
Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation
May 18, 2022 Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation According to an advisory by WordFence, a critical privilege escalation vulnerability affecting ‘Jupiter’ theme and ‘JupiterX Core’ plugin for WordPress was detected and patched. The Vulnerability CVE-2022-1654 (CVSS 3.1: 9.9, Critical) – Authenticated Privilege Escalation and Post deletion. The vulnerability enables any authenticated attacker,…
-
Threat Intelligence
VMWare Patches Critical Authentication Bypass Vulnerability
May 19, 2022 VMWare Patches Critical Authentication Bypass Vulnerability VMWare has patched a critical vulnerability, which may allow attackers to obtain administrative access without the need to authenticate. The Vulnerability CVE-2022-22972, (CVSS 3.1: 9.8, Critical) – A malicious actor with network access to the UI may be able to obtain administrative access without authentication. Affected Products VMware…
-
Threat Intelligence
NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers
May 18, 2022 NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers NVIDIA has released a security update that addresses 4 high-severity and 6 medium-severity vulnerabilities in its GPU drivers. The vulnerabilities can lead denial of service, information exposure, privilege elevation, arbitrary code execution (ACE), etc. The ACE Vulnerabilities CVE-2022-28181, High…
-
Threat Intelligence
Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days
May 17, 2022 Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days Apple has released security updates to address 2 zero-day vulnerabilities actively exploited in the wiled in attacks targeting Macs and Apple Watch devices. Overall, Apple has patched 50 vulnerabilities in Apple macOS Big Sur 11.6.6, including several arbitrary code…
-
Threat Intelligence
Zyxel Patches a Critical Firewall Vulnerability
May 15, 2022 Zyxel Patches a Critical Firewall Vulnerability Zyxel has released a security advisory addressing a critical unauthenticated remote command Injection vulnerability affecting several firewall models. The Vulnerability CVE-2022-30525 (CVSS:9.8 – critical) – An unauthenticated remote command injection via the HTTP interface vulnerability, affecting Zyxel firewalls supporting Zero Touch Provisioning (ZTP). Successful Exploitation could…