Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
Jenkins patches 9 high-severity Vulnerabilities in 22 Plugins
January 25, 2023 Jenkins patches 9 high-severity Vulnerabilities in 22 Plugins The Jenkins security team has reported 38 vulnerabilities (29 of them rated high-severity) affecting 22 Jenkins plugins. Successful exploitation of the vulnerabilities may lead to Sandbox bypass, gain administrator access to Jenkins and more. The Vulnerabilities & Affected Plugins A full list of the vulnerabilities…
-
Threat Intelligence
Critical WordPress ”LearnPress” Plugin Vulnerabilities
January 25, 2023 Critical WordPress ”LearnPress” Plugin Vulnerabilities Multiple critical-severity WordPress vulnerabilities, including pre-auth SQL injection and local file inclusion, were discovered by security researchers in the “LearnPress” plugin for WordPress online courses. The Critical Vulnerabilities CVE-2022-45808 (CVSS 3.1: 9.9, Critical) – An SQL Injection vulnerability, might allow a malicious actor to directly interact with…
-
Threat Intelligence
Google Patches Chrome Vulnerabilities, 2 Critical RCEs
January 25, 2023 Google Patches Chrome Vulnerabilities, 2 Critical RCEs Google has released Chrome version 109.0.5414.119/120 for Mac and Linux and Windows, patching 2 RCE vulnerabilities. Successful exploitation might lead to remote code execution (RCE). The RCE Vulnerabilities CVE-2023-0471, High-Severity – Use after free vulnerability in WebTransport. CVE-2023-0472, High-Severity – Use after free vulnerability in…
-
Threat Intelligence
VMWare Patches 2 Critical VMware vRealize Vulnerabilities
January 25, 2023 VMWare Patches 2 Critical VMware vRealize Vulnerabilities VMWare has patched two critical vulnerabilities in vRealize Log Insight that might allow a malicious actor to inject files into the operating systems of vulnerable appliances in order to gain remote code execution. In addition to these critical vulnerabilities, VMware patched additional vulnerabilities that might…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
December 4, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 108.0.5359.94/.95 for Windows, Mac, and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
November 27, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 107.0.5304.121/.122 for Windows, Mac and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…
-
Case Studies
Ransomware Attack Prevented: CYREBRO Incident Response Case Study
A global manufacturing company was established well over a century ago, with over 5,000 employees today and an annual revenue of over 1 billion USD
-
Case Studies
Hedge Fund Case Study
The company is one of the top US hedge funds in the alternative investment space and invests in various public equity markets including financial, telecom, healthcare, and industrial companies, on a global scale
-
Guides & E-books
2022 Fraud and Email Compromise Analysis Report
This report details analysis that CYREBRO performed to understand the leading causes of a fraud attack, and what your organization can do to protect itself from fraud and email compromise.
-
Guides & E-books
Incident Response Analysis Report
After analyzing numerous internal incident response (IR) reports, CYREBRO discovered a shocking statistic: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility. Given that a single, minor blind spot can put your business at risk, ensuring that you achieve 100% visibility is critical.
-
Guides & E-books
How to Build a SOC: A Complete Guide
Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.
-
Guides & E-books
2022 Attack Vector Landscape Analysis
This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.
-
Guides & E-books
The 6 Critical Capabilities of a Complete SOC Solution
A SOC solution is an ideal way for businesses to maintain proper protection and response against cyberattacks, especially before they occur.
-
Guides & E-books
7 Steps to Effective Incident Response
This guide is meant to help you take the first steps to creating an effective incident response plan. Every organization is different, so use this guide as a framework to create an incident response plan (IRP) that is uniquely tailored to your organization.
-
Podcast & Webinars
Dark Reading Panel: Next Gen SOC with CYREBRO CEO Nadav Arbel
Learn about the new tools and practices that are being added to today’s SOCs such as threat hunting capabilities, tools such as XDR and orchestration, and more.
-
Podcast & Webinars
CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security
How do CISOs digest the latest cybersecurity trends of 2022? What struggles do companies deal with surrounding cloud migrations and how can they overcome them?
-
Podcast & Webinars
Maximize Your Existing Systems to Harden Your Security Posture
To combat the ever-growing threat of cyber-attacks from actors who are becoming more and more sophisticated, organizations are investing in DevSecOps to embed security deep into the development process. This also means that it’s also critical to stay on top of the quickly evolving DevSecOps tools and tactics.
-
Threat Intelligence
Jenkins patches 9 high-severity Vulnerabilities in 22 Plugins
January 25, 2023 Jenkins patches 9 high-severity Vulnerabilities in 22 Plugins The Jenkins security team has reported 38 vulnerabilities (29 of them rated high-severity) affecting 22 Jenkins plugins. Successful exploitation of the vulnerabilities may lead to Sandbox bypass, gain administrator access to Jenkins and more. The Vulnerabilities & Affected Plugins A full list of the vulnerabilities…
-
Threat Intelligence
Critical WordPress ”LearnPress” Plugin Vulnerabilities
January 25, 2023 Critical WordPress ”LearnPress” Plugin Vulnerabilities Multiple critical-severity WordPress vulnerabilities, including pre-auth SQL injection and local file inclusion, were discovered by security researchers in the “LearnPress” plugin for WordPress online courses. The Critical Vulnerabilities CVE-2022-45808 (CVSS 3.1: 9.9, Critical) – An SQL Injection vulnerability, might allow a malicious actor to directly interact with…
-
Threat Intelligence
Google Patches Chrome Vulnerabilities, 2 Critical RCEs
January 25, 2023 Google Patches Chrome Vulnerabilities, 2 Critical RCEs Google has released Chrome version 109.0.5414.119/120 for Mac and Linux and Windows, patching 2 RCE vulnerabilities. Successful exploitation might lead to remote code execution (RCE). The RCE Vulnerabilities CVE-2023-0471, High-Severity – Use after free vulnerability in WebTransport. CVE-2023-0472, High-Severity – Use after free vulnerability in…
-
Threat Intelligence
VMWare Patches 2 Critical VMware vRealize Vulnerabilities
January 25, 2023 VMWare Patches 2 Critical VMware vRealize Vulnerabilities VMWare has patched two critical vulnerabilities in vRealize Log Insight that might allow a malicious actor to inject files into the operating systems of vulnerable appliances in order to gain remote code execution. In addition to these critical vulnerabilities, VMware patched additional vulnerabilities that might…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
December 4, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 108.0.5359.94/.95 for Windows, Mac, and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…
-
Threat Intelligence
Google Chrome 0-Day Vulnerability Exploited in the Wild
November 27, 2022 Google Chrome 0-Day Vulnerability Exploited in the Wild Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability. The updated version is 107.0.5304.121/.122 for Windows, Mac and Linux. Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually…