Avihai Ben-Yossef

Cymulate blog articles by Avihai Ben-Yossef.

Recent Posts

Simulating Cyber Attacks vs. Cyber Attack Techniques Methods
Avihai Ben-Yossef, December 23, 2019
Read More >
One common misconception I hear from IT security teams is that simulating a specific threat, say the Dridex Trojan, is more ‘real’ than simulating a proprietary (dubbed “Dummy”) version of the Trojan that mimics the underlying attack method that is so critical to that very Trojan’s success. Simulating Cyber Attacks Case in point, one strain of the Dridex Trojan was found to hide its code in a Microsoft spreadsheet. To protect against that specific strain of Dridex, simulating the attack’s.
Read More >
Abusing Microsoft Office Online Video
Avihai Ben-Yossef, October 25, 2018
Read More >
  **Updated Note: As of November 12th, 2018, Trend Micro has discovered an in-the-wild sample of this logical bug seen in the TROJ_EXPLOIT.AOOCAI, using it  to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).** Cymulate’s research team has discovered a way to abuse the Online Video feature on Microsoft Word to execute malicious code (Read the press release here). Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video.
Read More >
Web Applications Vulnerability Is Everyone’s Responsibility
Avihai Ben-Yossef, August 2, 2017
Read More >
When organizations worry about their cyber security, they focus on ransomware attacks, employees opening (spear) phishing emails or clicking on malicious banners and links on websites. But there is another danger that is often underestimated - the web applications of your own organization could harbor vulnerabilities and security issues. This happens more often than you think - “bad” coding is still a major concern as the HP Security Research’s Cyber Risk Report 2015 indicates: .
Read More >

Subscribe to Our Blog

Stay up to date with the latest cybersecurity news and tips

By Tag