Resources

Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.

Threat Intelligence

Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack

May 22, 2022 Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack On May 17th, the cash register vendor AutoSoft has been targeted by the infamous ‘LockBit 2.0’ ransomware. According to a private statement sent to their customers by AutoSoft, 200 computers have been compromised, and attempts are being made to contact…

Read More
Threat Intelligence

Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation

May 18, 2022 Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation According to an advisory by WordFence, a critical privilege escalation vulnerability affecting ‘Jupiter’ theme and ‘JupiterX Core’ plugin for WordPress was detected and patched. The Vulnerability CVE-2022-1654 (CVSS 3.1: 9.9, Critical) – Authenticated Privilege Escalation and Post deletion. The vulnerability enables any authenticated attacker,…

Read More
Threat Intelligence

VMWare Patches Critical Authentication Bypass Vulnerability

May 19, 2022 VMWare Patches Critical Authentication Bypass Vulnerability VMWare has patched a critical vulnerability, which may allow attackers to obtain administrative access without the need to authenticate. The Vulnerability CVE-2022-22972, (CVSS 3.1: 9.8, Critical) – A malicious actor with network access to the UI may be able to obtain administrative access without authentication. Affected Products VMware…

Read More
Threat Intelligence

NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers

May 18, 2022 NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers NVIDIA has released a security update that addresses 4 high-severity and 6 medium-severity vulnerabilities in its GPU drivers.  The vulnerabilities can lead denial of service, information exposure, privilege elevation, arbitrary code execution (ACE), etc. The ACE Vulnerabilities CVE-2022-28181, High…

Read More
Threat Intelligence

Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days

May 17, 2022 Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days Apple has released security updates to address 2 zero-day vulnerabilities actively exploited in the wiled in attacks targeting Macs and Apple Watch devices. Overall, Apple has patched 50 vulnerabilities in Apple macOS Big Sur 11.6.6,  including several arbitrary code…

Read More
Threat Intelligence

Zyxel Patches a Critical Firewall Vulnerability

May 15, 2022 Zyxel Patches a Critical Firewall Vulnerability Zyxel has released a security advisory addressing a critical unauthenticated remote command Injection vulnerability affecting several firewall models. The Vulnerability CVE-2022-30525 (CVSS:9.8 – critical) – An unauthenticated remote command injection via the HTTP interface vulnerability, affecting Zyxel firewalls supporting Zero Touch Provisioning (ZTP). Successful Exploitation could…

Read More

Case Studies

Hedge Fund Case Study

The company is one of the top US hedge funds in the alternative investment space and invests in various public equity markets including financial, telecom, healthcare, and industrial companies, on a global scale

View File

Guides & E-books

How to Build a SOC: A Complete Guide

Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.

Read More
Guides & E-books

2022 Attack Vector Landscape Analysis

This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.

Read More
Guides & E-books

The 6 Critical Capabilities of a Complete SOC Solution

A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.

Read More
Guides & E-books

7 Steps to Effective Incident Response

This guide is meant to help you take the first steps to creating an effective incident response plan. Every organization is different, so use this guide as a framework to create an incident response plan (IRP) that is uniquely tailored to your organization.

Read More
Guide

Predictions for 2022

Cybersecurity should be considered a right, not a privilege. As such, investment into solutions that can transform chaos into clarity, as well as improving employee awareness, will be critical when facing threats into 2022 and beyond

Read More
Guides & E-books

The Real State of DevSecOps and Where It’s Going

Get the ultimate 2021 DevSecOps guide to bolster the capabilities of your DevSecOps team. Find out about the challenges facing the field, what to watch out for, how to boost protection, and key takeaways regarding consolidation, compartmentalization, and accountability.

Read More

Podcast & Webinars

Dark Reading Panel: Next Gen SOC with CYREBRO CEO Nadav Arbel

Learn about the new tools and practices that are being added to today’s SOCs such as threat hunting capabilities, tools such as XDR and orchestration, and more.

Read More
Podcast & Webinars

CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security

How do CISOs digest the latest cybersecurity trends of 2022? What struggles do companies deal with surrounding cloud migrations and how can they overcome them?

Read More
Podcast & Webinars

Maximize Your Existing Systems to Harden Your Security Posture

To combat the ever-growing threat of cyber-attacks from actors who are becoming more and more sophisticated, organizations are investing in DevSecOps to embed security deep into the development process. This also means that it’s also critical to stay on top of the quickly evolving DevSecOps tools and tactics.

Read More

Threat Intelligence

Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack

May 22, 2022 Cash Register Vendors Targeted, AutoSoft Compromised by Ransomware in a Supply-Chain Attack On May 17th, the cash register vendor AutoSoft has been targeted by the infamous ‘LockBit 2.0’ ransomware. According to a private statement sent to their customers by AutoSoft, 200 computers have been compromised, and attempts are being made to contact…

Read More
Threat Intelligence

Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation

May 18, 2022 Critical WordPress ‘Jupiter’ Theme & Plugin Privilege Escalation According to an advisory by WordFence, a critical privilege escalation vulnerability affecting ‘Jupiter’ theme and ‘JupiterX Core’ plugin for WordPress was detected and patched. The Vulnerability CVE-2022-1654 (CVSS 3.1: 9.9, Critical) – Authenticated Privilege Escalation and Post deletion. The vulnerability enables any authenticated attacker,…

Read More
Threat Intelligence

VMWare Patches Critical Authentication Bypass Vulnerability

May 19, 2022 VMWare Patches Critical Authentication Bypass Vulnerability VMWare has patched a critical vulnerability, which may allow attackers to obtain administrative access without the need to authenticate. The Vulnerability CVE-2022-22972, (CVSS 3.1: 9.8, Critical) – A malicious actor with network access to the UI may be able to obtain administrative access without authentication. Affected Products VMware…

Read More
Threat Intelligence

NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers

May 18, 2022 NVIDIA fixes 10 vulnerabilities, 2 Leading to ACE in Windows GPU display drivers NVIDIA has released a security update that addresses 4 high-severity and 6 medium-severity vulnerabilities in its GPU drivers.  The vulnerabilities can lead denial of service, information exposure, privilege elevation, arbitrary code execution (ACE), etc. The ACE Vulnerabilities CVE-2022-28181, High…

Read More
Threat Intelligence

Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days

May 17, 2022 Apple Patches 50 Vulnerabilities in Apple macOS Big Sur 11.6.6, Including 2 Zero-Days Apple has released security updates to address 2 zero-day vulnerabilities actively exploited in the wiled in attacks targeting Macs and Apple Watch devices. Overall, Apple has patched 50 vulnerabilities in Apple macOS Big Sur 11.6.6,  including several arbitrary code…

Read More
Threat Intelligence

Zyxel Patches a Critical Firewall Vulnerability

May 15, 2022 Zyxel Patches a Critical Firewall Vulnerability Zyxel has released a security advisory addressing a critical unauthenticated remote command Injection vulnerability affecting several firewall models. The Vulnerability CVE-2022-30525 (CVSS:9.8 – critical) – An unauthenticated remote command injection via the HTTP interface vulnerability, affecting Zyxel firewalls supporting Zero Touch Provisioning (ZTP). Successful Exploitation could…

Read More

Cybersecurity Solution Comparison Guide for SMBs

With nearly half of all cyberattacks targeting small businesses, choosing the right cybersecurity solution has never been more important. Use this guide to compare enterprise-grade cybersecurity solutions that are for an SMB.

Get Access Get Access

Resources

Threat Intelligence

Threat Intelligence

Threat Intelligence

Threat Intelligence

Threat Intelligence

Threat Intelligence

Case Studies

Guides & E-books

Guides & E-books

Guides & E-books

Guides & E-books

Guide

Guides & E-books

Podcast & Webinars

Podcast & Webinars

Podcast & Webinars

Threat Intelligence

Threat Intelligence

Threat Intelligence

Threat Intelligence

Threat Intelligence

Threat Intelligence

Cybersecurity Solution Comparison Guide for SMBs