Blog

Cymulate wishes you a cybersafe holiday season! The holiday season is a time of joy and celebration, and as we all know, lots of shopping. With Black Friday, Cyber Monday, and Christmas shopping, the amount of shopping drastically increases, specifically online shopping. In a report released by Deloitte, analysts predict that in 2019, 60% of consumers will make their purchases online and over half of holiday spending is anticipated to take place online. It’s a great season for online retailers,.

If we summed up the 2019 threat landscape in one word, it would be "more." Targeting was more specific. More people are crossing over to the dark side. There were new tricks—and more ransomware than you can shake a stick at. Without further ado, here are the top six trends that we noted in 2019. More Specific Targeting Attackers became pickier about their targets. Some targeted specific systems, like AnteFrigus ransomware, which targeted specific users' USB drives to encrypt. Some had distinct.

The no. 1 barrier to better security testing A recent poll by the SANS Institute found that the top barrier cited by security practitioners to improving their security testing is a “Lack of a systematic approach to defining testing (e.g. lack of testing plan).” In fact, this echoes questions we get from security professionals we meet at conferences, as well as organizations getting started with their own automated security testing. Building a security risk assessment plan So, how do you.

‘Tis the season for budget planning. With 2019 coming to a close, you may be scrambling to put together a coherent proposal for 2020. And if you’re lucky, you may have some leftover budget that you need to spend wisely.   Focal Points for 2020 Budgets Analyst firm IDC forecasts a 10% increase in spending around security analytics and SIEM solutions, as well as more than a 10% increase in cyber threat intelligence. Automated continuous security testing, performed using breach and attack.

Continuous security testing is the practice of challenging, measuring and optimizing the effectiveness of security controls on an ongoing basis, using automated testing tools, in order to continually identify new security gaps as they emerge, so they can quickly be fixed. Also called “security effectiveness testing,” the objective of continuous security testing is to find out how effective an organization’s current security controls are, uncover new security gaps as soon as they arise, and.

Cymulate is proud to usher in a new age in the cyber security of small and midsized business (SMBs). With the launch of our new BAS for SMB bundles, it has never been simpler and more affordable to get your security posture up to par with the most security-mature enterprises. When it comes to cyber security, small and medium sized enterprises (SMEs) have it hard. Aware of their limited cyber security resources, threat actors specifically target them for their commercial accounts. According to.

Why are advanced persistent threats a concern for large and mid-size enterprises? And how can they defend against them? Formerly the concern of only mammoth-size enterprises and government bodies, advanced persistent threats (APTs) are now also a source of alarm for midsized companies targeted for their fewer cyber security resources. And while the stereotypical APT is launched for political or intelligence gains, APT groups have been confirmed to act out of financial motives, as well,.

Originally an offshoot of CrySiS, the Dharma ransomware family has brought forth a new variant, as part of its ongoing creation of new strains. In this blog post, we analyze the latest variant found in the wild by malware researcher Jakub Kroustek. Cymulate customers can check if they are vulnerable to this threat by running an Immediate Threat Intelligence simulation of this variant, uploaded to the dashboard on 28th July 2019. (Login to the dashboard here.) Overview Dharma has been operating.

In the beginning there was pen testing. Then, developers accelerated pen testing with automated pentesting tools. Next, came the realization that instead of just one pen tester, a full team of pen testers could be deployed. Instead of seeking and exploiting security gaps opportunistically, they would perform reconnaissance work ahead of time, then plan and carry out a multi-step, multi-vector attack across the cyber kill chain, mimicking today’s sophisticated cyber heists and advanced.

The lead up to this year’s 4th of July has been chockful of cyber events, from cities getting extorted, through triple-threat ransomware, to state-sponsored APT activity. Here’s a recap of last month’s cyber threat highlights. The month started with AMCA (an American billing collections service provider) announcing on June 3 that an unauthorized user had accessed its system containing personal information that AMCA had received from various entities. The personal data of 11.9 million customers,.