Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.  

  • Adobe Patches Acrobat 3 Critical ACEs
    Threat Intelligence

    Adobe Patches Acrobat 3 Critical ACEs

    August 10, 2022 Adobe Patches Acrobat 3 Critical ACEs Adobe has released a serious security update for its Acrobat and Reader products, addressing 7 reported vulnerabilities, 3 of which might lead to arbitrary code execution attacks. In addition, Adobe released updates for the following products – Adobe Commerce, Illustrator, FrameMaker, Premiere Elements. The ACE Vulnerabilities CVE-2022-35665…

  • HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products
    Threat Intelligence

    HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products

    August 10, 2022 HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products HP issued an announcement stating that vulnerabilities in the system BIOS of select HP PC models have been detected, which may lead to arbitrary code execution, privilege escalation, denial of service, and information leaking. HP is currently working on the…

  • RARLAB Patches RCE in UnRAR 
    Threat Intelligence

    RARLAB Patches RCE in UnRAR 

    August 10, 2022 RARLAB Patches RCE in UnRAR RARLAB, the company that also develops WinRAR, has patched a remote code execution vulnerability in UnRAR (the Unix/Linux version of WinRAR). When a program or a victim user extracts an untrusted archive, the attacker has the ability to create files outside of the target extraction directory and execute…

  • Microsoft Patches One 0-Days & 31 RCE Vulnerabilities
    Threat Intelligence

    Microsoft Patches One 0-Days & 31 RCE Vulnerabilities

    August 10, 2022 Microsoft Patches One 0-Days & 31 RCE Vulnerabilities As part of August’s monthly security rollup updates, Microsoft has patched one 0-Day and 31 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 121 vulnerabilities across Windows, Azure, Active Directory, Hyper-V, Exchange, and others. The Zero-Day Vulnerability CVE-2022-34713 (CVSS 3.1: 7.2, High Severity) – Path…

  • Google Patches 7 High-Severity Chrome Vulnerabilities
    Threat Intelligence

    Google Patches 7 High-Severity Chrome Vulnerabilities

    August 4, 2022 Google Patches 7 High-Severity Chrome Vulnerabilities Google has released Chrome version 104.0.5112.79 (Mac/Linux) and 104.0.5112.79/80/81 (Windows), patching 27 vulnerabilities, including 7 High-Severity ‘use-after-free’ vulnerabilities which may lead to remote code execution (RCE). The High-Severity Vulnerabilities CVE-2022-2603, High Severity – Use after free in Omnibox. CVE-2022-2604, High Severity – Use after free in…

  • Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers
    Threat Intelligence

    Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers

    August 4, 2022 Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers Cisco has patched critical security vulnerabilities that allowed unauthenticated remote attackers to execute arbitrary code or commands and cause denial of service (DoS) conditions on vulnerable devices. The vulnerabilities were discovered in the web-based management interfaces and the web filter database update feature,…

  • 2022 Fraud and Email Compromise Analysis Report
    Guides & E-books

    2022 Fraud and Email Compromise Analysis Report

    This report details analysis that CYREBRO performed to understand the leading causes of a fraud attack, and what your organization can do to protect itself from fraud and email compromise.

  • Incident Response Analysis Report
    Guides & E-books

    Incident Response Analysis Report

    After analyzing numerous internal incident response (IR) reports, CYREBRO discovered a shocking statistic: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility. Given that a single, minor blind spot can put your business at risk, ensuring that you achieve 100% visibility is critical.

  • How to Build a SOC: A Complete Guide
    Guides & E-books

    How to Build a SOC: A Complete Guide

    Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.

  • 2022 Attack Vector Landscape Analysis
    Guides & E-books

    2022 Attack Vector Landscape Analysis

    This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.

  • The 6 Critical Capabilities of a Complete SOC Solution
    Guides & E-books

    The 6 Critical Capabilities of a Complete SOC Solution

    A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.

  • 7 Steps to Effective Incident Response
    Guides & E-books

    7 Steps to Effective Incident Response

    This guide is meant to help you take the first steps to creating an effective incident response plan. Every organization is different, so use this guide as a framework to create an incident response plan (IRP) that is uniquely tailored to your organization.  

  • Adobe Patches Acrobat 3 Critical ACEs
    Threat Intelligence

    Adobe Patches Acrobat 3 Critical ACEs

    August 10, 2022 Adobe Patches Acrobat 3 Critical ACEs Adobe has released a serious security update for its Acrobat and Reader products, addressing 7 reported vulnerabilities, 3 of which might lead to arbitrary code execution attacks. In addition, Adobe released updates for the following products – Adobe Commerce, Illustrator, FrameMaker, Premiere Elements. The ACE Vulnerabilities CVE-2022-35665…

  • HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products
    Threat Intelligence

    HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products

    August 10, 2022 HP Discloses High-Severity Vulnerabilities Affecting System BIOS of certain HP PC products HP issued an announcement stating that vulnerabilities in the system BIOS of select HP PC models have been detected, which may lead to arbitrary code execution, privilege escalation, denial of service, and information leaking. HP is currently working on the…

  • RARLAB Patches RCE in UnRAR 
    Threat Intelligence

    RARLAB Patches RCE in UnRAR 

    August 10, 2022 RARLAB Patches RCE in UnRAR RARLAB, the company that also develops WinRAR, has patched a remote code execution vulnerability in UnRAR (the Unix/Linux version of WinRAR). When a program or a victim user extracts an untrusted archive, the attacker has the ability to create files outside of the target extraction directory and execute…

  • Microsoft Patches One 0-Days & 31 RCE Vulnerabilities
    Threat Intelligence

    Microsoft Patches One 0-Days & 31 RCE Vulnerabilities

    August 10, 2022 Microsoft Patches One 0-Days & 31 RCE Vulnerabilities As part of August’s monthly security rollup updates, Microsoft has patched one 0-Day and 31 Remote Code Execution vulnerabilities. Overall, Microsoft has patched 121 vulnerabilities across Windows, Azure, Active Directory, Hyper-V, Exchange, and others. The Zero-Day Vulnerability CVE-2022-34713 (CVSS 3.1: 7.2, High Severity) – Path…

  • Google Patches 7 High-Severity Chrome Vulnerabilities
    Threat Intelligence

    Google Patches 7 High-Severity Chrome Vulnerabilities

    August 4, 2022 Google Patches 7 High-Severity Chrome Vulnerabilities Google has released Chrome version 104.0.5112.79 (Mac/Linux) and 104.0.5112.79/80/81 (Windows), patching 27 vulnerabilities, including 7 High-Severity ‘use-after-free’ vulnerabilities which may lead to remote code execution (RCE). The High-Severity Vulnerabilities CVE-2022-2603, High Severity – Use after free in Omnibox. CVE-2022-2604, High Severity – Use after free in…

  • Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers
    Threat Intelligence

    Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers

    August 4, 2022 Cisco Patches 2 Critical RCE Vulnerabilities Impacting VPN routers Cisco has patched critical security vulnerabilities that allowed unauthenticated remote attackers to execute arbitrary code or commands and cause denial of service (DoS) conditions on vulnerable devices. The vulnerabilities were discovered in the web-based management interfaces and the web filter database update feature,…