blog_hero_02

Blog

What is Email Gateway Attack Simulation?
Mike Talon, May 20, 2020
Read More >
A site visitor asked “What is an email gateway attack simulation? How is that different from phishing testing?” Both good questions, let’s have a look: Email Gateway Attack Simulation 101 Email gateways are software and/or appliances that sit between inbound email and your users’ mailboxes. These systems evaluate each inbound email (and often outbound email) that is processed by your company’s email systems.  Evaluations can include looking for phishing-like language, checking any links to.
Read More >
Security Must Adapt to Continuous Change
Avihai Ben-Yossef, April 23, 2020
Read More >
To paraphrase David Ben-Gurion, the first Prime Minister of Israel: "The most dangerous enemy to ... security is the intellectual inertia of those who are responsible for security." I'm reminded of that particular statement now, as we stand on the edge of a world driven sideways by the specter of disease and economic hardship. We must also face the impact these pressures have had on the overall ability to protect and defend the cybersecurity of business and government data and information.
Read More >
What is Breach and Attack Simulation (BAS)?
Mike Talon, April 11, 2020
Read More >
Cymulate 101: What is Breach and Attack Simulation?  One of our site visitors asked a pretty popular question recently: “What, exactly, is Breach and Attack Simulation (BAS)?” Let’s dive in and have a look at this form of security control testing. So, what are "security controls?” Simply put, a security control is anything that limits the ability of a threat actor to accomplish their goal, or otherwise stop even a legitimate user from doing something they shouldn’t.    Security controls can.
Read More >
Remote Working and Cybersecurity Risk
Mike Talon, March 25, 2020
Read More >
Benefits of Working Remotely As the Novel Coronavirus (COVID-19) has entire countries declaring national emergencies and recommending social distancing; more companies than ever are unexpectedly finding that they must allow employees to work remotely in order to limit the speed of the virus spreading throughout our communities.  Remote work has a great number of benefits - especially during a crisis of this nature - but also comes with significant cybersecurity drawbacks that should be.
Read More >
Security Testing Under the Shadow of the Coronavirus
Gily Netzer, March 4, 2020
Read More >
The coronavirus outbreak has caused a global panic and taken its toll on a number of major industries. We’ll examine the impact it has left on the travel industry, supply chain and manufacturing, and on the world economy. Coronavirus Creating Worldwide Panic and Business Opportunities for Hackers Amid the recent coronavirus epidemic creating pandemonium worldwide, hackers have been exploiting the deadly outbreak to their advantage – disguising information about the virus in the form of.
Read More >
How to Test for Compliance
Eli Kugel, February 27, 2020
Read More >
Compliance, Time to Catch Up Laws are great. Wearing a seatbelt, for instance, is a great law. It ensures you don't get killed. So why was it only introduced decades after the world got on the road? That's because it takes time for the government to catch up with  evolving situations (like the dangers involved in automobile collisions); and boy is the Cybercriminal market  evolving at an alarming pace - with US cities paying as much as $600,000 for a single ransomware payout in 2019. That said,.
Read More >
Ransomware Attack Takes Control Over U.S. Pipeline Companies
Mike Talon, February 19, 2020
Read More >
Ransomware Attacks Disrupting United States Pipeline Operations The United States Cybersecurity and Infrastructure Security Agency (CISA) recently released a bulletin describing a ransomware attack on a US natural gas pipeline operator; highlighting how even well-regulated and normally well-secured industries can fall victim to cyber attack if security controls are not regularly tested and refined both individually and while working in tandem.  While a ransomware attack of this nature isn’t.
Read More >
Automated Pen Testing vs Breach and Attack Simulation
Moshe Elias, January 30, 2020
Read More >
Not All Security Automation is Born Equal With the growth in complexity of business environments and the dynamic nature of the threat landscape security teams are turning to automated security testing in order for their testing to be more frequent, thorough and simpler to perform. But automation is not a synonym for simplicity. When the autopilot was introduced in modern airplanes pilots weren’t exempt from getting trained on the functions the autopilot controlled. The same for pen testing..
Read More >
Harden Email Gateway Configurations with BAS
Dor Sarig, January 22, 2020
Read More >
If anything is certain in cybersecurity, it's the fact that email is still the #1 advanced threat vector and more than 90% of targeted attacks start with email[1]. Someone, somewhere in your organization is going to click on something malicious. Here's how to prevent that kind of event from leading to a full-blown breach. Reduce the Email Attack Surface Configuring email gateways and other email protection solutions correctly is the first step toward reducing the email attack surface. Settings.
Read More >
Simulating Cyber Attacks vs. Cyber Attack Techniques Methods
Avihai Ben-Yossef, December 23, 2019
Read More >
One common misconception I hear from IT security teams is that simulating a specific threat, say the Dridex Trojan, is more ‘real’ than simulating a proprietary (dubbed “Dummy”) version of the Trojan that mimics the underlying attack method that is so critical to that very Trojan’s success. Simulating Cyber Attacks Case in point, one strain of the Dridex Trojan was found to hide its code in a Microsoft spreadsheet. To protect against that specific strain of Dridex, simulating the attack’s.
Read More >
Show

Subscribe to Our Blog

Stay up to date with the latest cybersecurity news and tips

By Tag