blog_hero_02

Blog

Cyber 101: When Ransomware Kills
Mike Talon, September 22, 2020
Read More >
Editor's note: Due to the sensitive nature of the topic of this post, Cymulate will not be placing our usual advertising information inside and at the end of the post. We stand with the hospital, emergency services workers, and the family of the victim in recognizing the gravity of this issue. Contact information for Cymulate can be found at the top and bottom of every page of our site, and so we will be presenting this post as-is. Unfortunately, the time has come to answer a question I get on.
Read More >
The NIST Cyber Security Framework
Moshe Elias, September 16, 2020
Read More >
A moment of candor - at first look I didn’t get the National Institute of Standards and Technology (NIST) Cyber Security Framework. It just looked like a list of sensible things to do. Being in the Cyber industry for more years than I care to mention, I have seen it grow from its infancy. Well, I was fortunate to play around with Checkpoint Firewall-1 when it was released as a set of floppies and ran on Solaris. Alongside the amazing development of the cyber security industry I also witnessed.
Read More >
Cyber Attacks Wrap Up - August 2020
Eyal Aharoni, September 2, 2020
Read More >
August 2020 was a hot month, with cybercrime heating up as well. Ransomware attacks became more sophisticated, more incidents of cyber espionage were reported, and there were some major data breaches. The month started with the notorious ransomware group Maze stealing 10TB of data from Canon during a ransomware attack. On August 12, cybercrooks posed as Ritz employees to obtain an unknown amount of personal data of guests in London’s The Ritz, including credit card information. Around the.
Read More >
BAS 101: What is Web Gateway Assessment?
Mike Talon, August 13, 2020
Read More >
Continuing with our series of questions from readers and users of the Cymulate BAS Platform, let's take a look at this user question: "What happens during a Web Gateway Assessment?" When looking at Web Gateways, there are often a lot of "moving parts."Most people think of firewalls when thinking of a web gateway, and the firewall and its technologies are a critical component of a web gateway overall, but there are several other components to take into account when assessing the security of.
Read More >
Cyber Attacks Wrap Up - July 2020
Eyal Aharoni, August 4, 2020
Read More >
July 2020 might have been hot, and COVID-19 is still rampant, but that did not stop or slow down cybercriminals, on the contrary. Here is a rundown of their activity.  Hancitor and Emotet were used in several campaigns. Hanticor is a notorious downloader spreading through malicious attachments to download data-stealing malware such as Pony and Vawtrak. For the first time, Hanticor used a new three-pronged delivery approach: The use of the uncommon, native Windows CallWindowProc API. Piggyback.
Read More >
BAS 101: Why Even Regulated Industries Need BAS Solutions
Mike Talon, July 30, 2020
Read More >
A reader recently asked, "I'm in a regulated industry and do penetration testing once a year for compliance. Why would I also use Breach and Attack Simulation?" Let's dive into this question, as the need for Breach and Attack Simulation (BAS) solutions like Cymulate do not diminish when you are in a regulated environment. In fact, the need for BAS becomes even stronger when you perform pen-testing once a year for regulatory compliance. Here are two reasons:   1 - You only pen-test once a year. .
Read More >
The Impact of Security Intelligence (Recon) on Cybersecurity
Avihai Ben-Yossef, July 19, 2020
Read More >
In its simplest form, cyber risk is a measurement of your cyber exposure: the probability of a breach, adjusted for the potential loss and damage associated with such a breach. The probability of a successful breach is based on the combined capabilities of your people, technology, and processes; compounded by the skill, tactics, techniques, and technology of your opponent. When defining potential loss and damage, each organization has to define, for their own business, what the potential impact.
Read More >
Security Segmentation Validation in the Banking Industry
Eyal Aharoni, June 24, 2020
Read More >
Banking firms have cybersecurity needs that blend traditional financial concerns with retail concerns. This leads to unique cybersecurity issues as IT and Security teams attempt to determine how an attacker could leverage well-known infiltration points (phishing, USB devices, etc.) with industry-specific entry areas such as ATM’s.  Lateral Movement Simulation enables thorough testing of security controls and segmentation policies that are designed to prevent network propagation of a threat.
Read More >
Integration with Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)
Moshe Elias, June 9, 2020
Read More >
With the increased uptake of automated and continuous security validation, security teams are seeking further value through integrations with security controls and other security programs. By emulating an adversary and launching simulated attacks they discover security gaps and remediate them in addition to increasing the operational efficiency of both security and IT operations.   How the Integration Works Integration with Microsoft Defender ATP is available for both Endpoint Detection and.
Read More >
Comparison of Security Testing Methods
Eli Kugel, May 27, 2020
Read More >
“No Thanks." The phone is picked up, “We have a service that does that” says the 5th CISO that day. Welcome to my life. I’m an Inside Sales Representative, at Cymulate, and I speak to dozens of InfoSec Execs a week, and the first thing I hear is that some form of testing is being done, whether it’s vulnerability scanning or pen testing, with no more services required. My challenge is to convince them that it’s worth their while to learn about a new and better approach to security testing. .
Read More >
Show

Subscribe to Our Blog

Stay up to date with the latest cybersecurity news and tips

By Tag