Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Guides & E-books
Prevent Cyberattacks through Effective Vulnerability Management
Cyberattacks against SMBs are increasing at an alarming pace, but your company doesn't have to become the next victim.
-
Threat Intelligence
KeePass Vulnerability Allows Obtaining Cleartext Passwords
May 22, 2023 KeePass Vulnerability Allows Obtaining Cleartext Passwords A recently discovered vulnerability in the open-source password management tool KeePass might allow the master password to be retrieved. The vulnerability has a proof-of-concept (PoC) exploit available. The Vulnerability CVE-2023-32784 – Vulnerability in “SecureTextBoxEx” in KeePass – where the master password and other passwords are entered…
-
Threat Intelligence
Trend Micro Patches Critical RCE Vulnerability in Apex One
May 22, 2023 Trend Micro Patches Critical RCE Vulnerability in Apex One Trend Micro has issued a new Critical Patch (CP) for Trend Micro Apex One and Trend Micro Apex One as a Service, which addresses a number of previously identified vulnerabilities. The Critical RCE Vulnerability CVE-2023-32557, (CVSS 3.1: 9.8, Critical) – Management Server Path…
-
Threat Intelligence
Apple Patches Three Zero-Day Vulnerabilities
May 21, 2023 Apple Patches Three Zero-Day Vulnerabilities Apple has addressed three zero-days vulnerabilities in macOS and additional products. The Zero-day Vulnerabilities CVE-2023-28204 – Sandbox Escape Vulnerability. A remote threat actor can exploit this vulnerability to break out of web content sandboxes. CVE-2023-32409, CVE-2023-32373 – Out-Of-Bounds Read Vulnerabilities. A threat actor can exploit these vulnerabilities…
-
Threat Intelligence
CISCO Patches Critical Vulnerabilities
May 18, 2023 CISCO Patches Critical Vulnerabilities Cisco has addressed four critical RCE (Remote Code Execution) vulnerabilities discovered in multiple Small Business Series Switches. Successful exploit of any of the vulnerabilities could allow a threat actor to execute arbitrary code with root privileges on compromised devices. The vulnerabilities are triggered by incorrect validation of requests…
-
Threat Intelligence
Google Patches RCE Vulnerabilities in Chrome
May 17, 2023 Google Patches RCE Vulnerabilities in Chrome Google has released Chrome version 113.0.5672.126/127 (Stable Channel), patching 12 vulnerabilities. Successful exploitation of some of these vulnerabilities could allow remote code execution (RCE) on the targeted system. The RCE Vulnerabilities CVE-2023-2721, Critical – Use after free vulnerability in Navigation which allows a remote attacker to…
-
Case Studies
Ransomware Attack Prevented: CYREBRO Incident Response Case Study
A global manufacturing company was established well over a century ago, with over 5,000 employees today and an annual revenue of over 1 billion USD
-
Case Studies
Hedge Fund Case Study
The company is one of the top US hedge funds in the alternative investment space and invests in various public equity markets including financial, telecom, healthcare, and industrial companies, on a global scale
-
Guides & E-books
Prevent Cyberattacks through Effective Vulnerability Management
Cyberattacks against SMBs are increasing at an alarming pace, but your company doesn't have to become the next victim.
-
Guides & E-books
Cyber Insurance Coverage Checklist
Previously, attaining a cyber insurance policy demanded as little as an antivirus and a computer, today it's become much more difficult.
-
Guides & E-books
2022 Fraud and Email Compromise Analysis Report
This report details analysis that CYREBRO performed to understand the leading causes of a fraud attack, and what your organization can do to protect itself from fraud and email compromise.
-
Guides & E-books
Incident Response Analysis Report
After analyzing numerous internal incident response (IR) reports, CYREBRO discovered a shocking statistic: 75% of reported security incidents were caused by inadequate investment in security solutions that caused blind spots in network visibility. Given that a single, minor blind spot can put your business at risk, ensuring that you achieve 100% visibility is critical.
-
Guides & E-books
How to Build a SOC: A Complete Guide
Building a SOC is no small feat. A company should be ready to invest extensive resources into the technology and personnel needed to get a SOC up and running, plan long-term to maintain and optimize tools and systems, and provide regular training for SOC analysts. Before you embark down this path, we recommend learning what it really takes to build and maintain a SOC.
-
Guides & E-books
2022 Attack Vector Landscape Analysis
This report details this attack vector landscape analysis and provides readers with insights that can help inform their cybersecurity strategy in 2022 and beyond.
-
Podcast & Webinars
Dark Reading Panel: Next Gen SOC with CYREBRO CEO Nadav Arbel
Learn about the new tools and practices that are being added to today’s SOCs such as threat hunting capabilities, tools such as XDR and orchestration, and more.
-
Podcast & Webinars
CISO Series Podcast Featuring CYREBRO’s CTO, Ori Arbel – What’s Next in Security
How do CISOs digest the latest cybersecurity trends of 2022? What struggles do companies deal with surrounding cloud migrations and how can they overcome them?
-
Podcast & Webinars
Maximize Your Existing Systems to Harden Your Security Posture
To combat the ever-growing threat of cyber-attacks from actors who are becoming more and more sophisticated, organizations are investing in DevSecOps to embed security deep into the development process. This also means that it’s also critical to stay on top of the quickly evolving DevSecOps tools and tactics.
-
Threat Intelligence
KeePass Vulnerability Allows Obtaining Cleartext Passwords
May 22, 2023 KeePass Vulnerability Allows Obtaining Cleartext Passwords A recently discovered vulnerability in the open-source password management tool KeePass might allow the master password to be retrieved. The vulnerability has a proof-of-concept (PoC) exploit available. The Vulnerability CVE-2023-32784 – Vulnerability in “SecureTextBoxEx” in KeePass – where the master password and other passwords are entered…
-
Threat Intelligence
Trend Micro Patches Critical RCE Vulnerability in Apex One
May 22, 2023 Trend Micro Patches Critical RCE Vulnerability in Apex One Trend Micro has issued a new Critical Patch (CP) for Trend Micro Apex One and Trend Micro Apex One as a Service, which addresses a number of previously identified vulnerabilities. The Critical RCE Vulnerability CVE-2023-32557, (CVSS 3.1: 9.8, Critical) – Management Server Path…
-
Threat Intelligence
Apple Patches Three Zero-Day Vulnerabilities
May 21, 2023 Apple Patches Three Zero-Day Vulnerabilities Apple has addressed three zero-days vulnerabilities in macOS and additional products. The Zero-day Vulnerabilities CVE-2023-28204 – Sandbox Escape Vulnerability. A remote threat actor can exploit this vulnerability to break out of web content sandboxes. CVE-2023-32409, CVE-2023-32373 – Out-Of-Bounds Read Vulnerabilities. A threat actor can exploit these vulnerabilities…
-
Threat Intelligence
CISCO Patches Critical Vulnerabilities
May 18, 2023 CISCO Patches Critical Vulnerabilities Cisco has addressed four critical RCE (Remote Code Execution) vulnerabilities discovered in multiple Small Business Series Switches. Successful exploit of any of the vulnerabilities could allow a threat actor to execute arbitrary code with root privileges on compromised devices. The vulnerabilities are triggered by incorrect validation of requests…
-
Threat Intelligence
Google Patches RCE Vulnerabilities in Chrome
May 17, 2023 Google Patches RCE Vulnerabilities in Chrome Google has released Chrome version 113.0.5672.126/127 (Stable Channel), patching 12 vulnerabilities. Successful exploitation of some of these vulnerabilities could allow remote code execution (RCE) on the targeted system. The RCE Vulnerabilities CVE-2023-2721, Critical – Use after free vulnerability in Navigation which allows a remote attacker to…
-
Threat Intelligence
Critical WordPress “Elementor” Addons Plugin Site-Takeover Vulnerability
May 14, 2023 Critical WordPress “Elementor” Addons Plugin Site-Takeover Vulnerability ‘Essential Addons for Elementor’ has released patch for a critical vulnerability. Successful exploitation can allow an unauthenticated attacker to impersonate an administrator and completely take over a website without requiring any user interaction or social engineering. The Vulnerability CVE-2023-32243 (CVSS 3.1: 9.8, Critical) – Improper Authentication vulnerability…