How BAS Killed the Pen Test

Cymulate’s Breach and Attack Simulation (BAS) as-a-Service has forever changed pen tests as we know them. From months to minutes, cloud-based BAS has revolutionized how fast organizations can get security assessment results, and how much they must pay to know how secure they are at any given point[...]

March Cyberattacks Wrap-up

March's Cyberattacks In our monthly wrap-up, we cover the latest cyberattacks highlighting the attack methods and payloads used by malicious hackers and cybercriminals. Cybercrooks were very active in March 2019 successfully attacking Asus, Toyota, Jackson County, Earl Enterprise restaurants (e.g.,[...]

4 Steps for Getting a Handle on Your Organization's Security Posture as a New CISO

You just signed on as CISO. Congratulations. Now you can expect to be deluged with security emergencies and unresolved issues from your predecessor while you're getting to know and building credibility with your team. Meanwhile, cyberattackers are still pounding at the door. All of these immediate[...]

Immediate Threat: WinRAR Path Traversal

To keep on giving our users the necessary tools to boost their cybersecurity posture, the Cymulate Research Lab is constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up-to-date. A unique (and[...]

Seeing the Unseen: Detecting and Preventing the Advanced Persistent Threat

In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as

Massive Data Hack Becomes Personal for German Politicians

  Targeting politicians with cyber-attacks is not new, cybercriminals, hacktivists and rival nations have been doing this for many years. In 2016, Russian hackers allegedly tried to interfere in the 2016 US presidential election. The British parliament was targeted in mid-2017 in an attempt to[...]

Watering Hole Attack: "Don't Drink the Water"

A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end users by infecting websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups and nation states alike and we see the amounts rising. The goal is[...]

The Most Malicious Threat Actors Using Email

Cyberattacks using the email vector has been the most widely used attack vector for the past few years, including this year. Threat actors are spreading ransomwares, trojans, malwares, and more with a simple email. In this blog, we will review the breakdown and the average penetration ratio per[...]

November Cyberattacks Wrap-up

November's Cyberattacks In our monthly wrap-up, we cover the latest cyberattacks highlighting the attack methods and payloads used by malicious hackers and cybercriminals. The month ended with Marriott disclosing that it had been the victim of a large-scale data breach. The data of around 500[...]

A Guide to Stay Cybersafe This Holiday Season

Cymulate wishes you a cybersafe Holiday Season! The holiday season is a time of joy and celebration, and as we all know, lots of shopping. With Black Friday, Cyber Monday, and Christmas shopping, the amount of shopping drastically increases, specifically online shopping. In a report released by[...]