Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    December 4, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 108.0.5359.94/.95 for Windows, Mac, and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    November 27, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 107.0.5304.121/.122 for Windows, Mac and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…

  • F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities
    Threat Intelligence

    F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities

    November 20, 2022 F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities F5 has released an advisory regarding 2 High-Severity vulnerabilities affecting BIG-IP and BIG-IQ devices. successful exploitation of these vulnerabilities may lead to remote code execution (RCE) and device takeover. The Vulnerabilities CVE-2022-41622 (CVSS 3.1: 8.8, High-severity) – A cross-site request forgery (CSRF) vulnerability through iControl SOAP, may…

  • Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild
    Threat Intelligence

    Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild

    November 20, 2022 Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild Atlassian has released security patches to address two critical vulnerabilities in Bitbucket Server, Data Center, and Crowd. An attacker might be able to execute remote code (RCE) by exploiting one of the vulnerabilities. The Vulnerabilities CVE-2022-43781, Critical (CVSS 3.1: 9.0) -Environment variable-based command injection…

  • Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader
    Threat Intelligence

    Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader

    November 14, 2022 Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader Foxit PDF document viewer has been updated to address a number of use-after-free security vulnerabilities that might be exploited to execute arbitrary code. To exploit these vulnerabilities, an attacker must persuade a victim into opening a malicious file. The Vulnerabilities CVE-2022-32774, CVE-2022-38097, CVE-2022-37332, CVE-2022-40129…

  • Intel has Released Security Updates that Affect a Wide Variety of Products
    Threat Intelligence

    Intel has Released Security Updates that Affect a Wide Variety of Products

    November 9, 2022 Intel has Released Security Updates that Affect a Wide Variety of Products As part of Patch Tuesday, Intel released several firmware and software updates, patching vulnerabilities that may lead to Arbitrary Code Execution, escalation of privilege, denial of service (DoS), and information disclosure. Affected Components: Intel NUC Firmware Intel DCM Intel Glorp…

  • 2022 Fraud and Email Compromise Analysis Report
    Guides & E-books

    2022 Fraud and Email Compromise Analysis Report

    This report details analysis that CYREBRO performed to understand the leading causes of a fraud attack, and what your organization can do to protect itself from fraud and email compromise.

  • Incident Response Analysis Report
    Guides & E-books

    Incident Response Analysis Report

    After analyzing numerous internal incident response (IR) reports, CYREBRO discovered a shocking statistic: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility. Given that a single, minor blind spot can put your business at risk, ensuring that you achieve 100% visibility is critical.

  • How to Build a SOC: A Complete Guide
    Guides & E-books

    How to Build a SOC: A Complete Guide

    Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.

  • 2022 Attack Vector Landscape Analysis
    Guides & E-books

    2022 Attack Vector Landscape Analysis

    This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.

  • The 6 Critical Capabilities of a Complete SOC Solution
    Guides & E-books

    The 6 Critical Capabilities of a Complete SOC Solution

    A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.

  • 7 Steps to Effective Incident Response
    Guides & E-books

    7 Steps to Effective Incident Response

    This guide is meant to help you take the first steps to creating an effective incident response plan. Every organization is different, so use this guide as a framework to create an incident response plan (IRP) that is uniquely tailored to your organization.  

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    December 4, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 108.0.5359.94/.95 for Windows, Mac, and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…

  • Google Chrome 0-Day Vulnerability Exploited in the Wild
    Threat Intelligence

    Google Chrome 0-Day Vulnerability Exploited in the Wild

    November 27, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 107.0.5304.121/.122 for Windows, Mac and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…

  • F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities
    Threat Intelligence

    F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities

    November 20, 2022 F5 BIG-IP & BIG-IQ High-Severity RCE Vulnerabilities F5 has released an advisory regarding 2 High-Severity vulnerabilities affecting BIG-IP and BIG-IQ devices. successful exploitation of these vulnerabilities may lead to remote code execution (RCE) and device takeover. The Vulnerabilities CVE-2022-41622 (CVSS 3.1: 8.8, High-severity) – A cross-site request forgery (CSRF) vulnerability through iControl SOAP, may…

  • Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild
    Threat Intelligence

    Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild

    November 20, 2022 Atlassian Critical Bitbucket RCE Vulnerability Exists in the Wild Atlassian has released security patches to address two critical vulnerabilities in Bitbucket Server, Data Center, and Crowd. An attacker might be able to execute remote code (RCE) by exploiting one of the vulnerabilities. The Vulnerabilities CVE-2022-43781, Critical (CVSS 3.1: 9.0) -Environment variable-based command injection…

  • Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader
    Threat Intelligence

    Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader

    November 14, 2022 Foxit Patches Several Code-Execution Vulnerabilities in PDF Reader Foxit PDF document viewer has been updated to address a number of use-after-free security vulnerabilities that might be exploited to execute arbitrary code. To exploit these vulnerabilities, an attacker must persuade a victim into opening a malicious file. The Vulnerabilities CVE-2022-32774, CVE-2022-38097, CVE-2022-37332, CVE-2022-40129…

  • Intel has Released Security Updates that Affect a Wide Variety of Products
    Threat Intelligence

    Intel has Released Security Updates that Affect a Wide Variety of Products

    November 9, 2022 Intel has Released Security Updates that Affect a Wide Variety of Products As part of Patch Tuesday, Intel released several firmware and software updates, patching vulnerabilities that may lead to Arbitrary Code Execution, escalation of privilege, denial of service (DoS), and information disclosure. Affected Components: Intel NUC Firmware Intel DCM Intel Glorp…