blog_hero_02

Blog

Eyal Aharoni

Cymulate blog articles by Eyal Aharoni.

Recent Posts

Immediate Threat: Remote Code Execution abusing SettingContent-ms can deliver malicious code
Eyal Aharoni, July 5, 2018
Read More >
To keep on giving our customers the tools to boost their cybersecurity posture, our Cymulate Labs are constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up to date. That’s why one of the unique (and highly popular) features in our platform is the Immediate Threat assessment, which allows organizations to test themselves their vulnerability head-on those latest threats within just few hours. .
Read More >
Demystifying MITRE’s ATT&CK™ to supercharge cyber defenses - Part III
Eyal Aharoni, July 3, 2018
Read More >
In our first blogpost about MITRE’s ATT&CK™ framework, we explained what it exactly is and how it contributes to cybersecurity. In our second blogpost, we dove deeper into the various features. In this blogpost, the third and final one in this series, we will discuss the future of MITRE’s ATT&CK™ framework as we see it. To recap: ATT&CK™ is a MITRE-developed, globally-accessible knowledge base of cyberattack strategies and techniques that have been detected and reported. This knowledge base is.
Read More >
Demystifying MITRE’s ATT&CK™ to supercharge cyber defenses - Part II
Eyal Aharoni, June 28, 2018
Read More >
In our first blog post, we explained what MITRE’s ATT&CK™ framework is and how it can assist with cyber security. In this blog post, we will have a closer look at how Cymulate’s BAS platform can utilize the ATT&CK framework to boost the security posture of organizations. In general, MITRE’s ATT&CK™ and Cymulate’s BAS platform are perfectly in sync, which is good news for organizations and bad news for cybercrooks. Cymulate covers all Tactics and Techniques of MITRE’s ATT&CK™ matrix an.
Read More >
Demystifying MITRE’s ATT&CK™ to supercharge cyber defenses - Part I
Eyal Aharoni, June 21, 2018
Read More >
Ransomware is on the rise, massive data breaches are announced with scary regularity, and APTs continue to nestle themselves in networks going completely undetected for months and sometimes even years.  Although organizations across all industries keep on increasing their cybersecurity budgets and hiring more staff, these measures are still not sufficient and effective enough. Lately, there has been a lot of noise around ATT&CK™, the Adversarial Tactics, Techniques, and Common Knowledge base.
Read More >
Unpatched vulnerabilities provide an open door for Cybercrooks
Eyal Aharoni, June 12, 2018
Read More >
Knock knock, whose there? A Cybercrook is exploiting known vulnerabilities to penetrate the organization for an easy picking. The 2018 Open Source Security and Risk Analysis report released by Black Duck Software (a developer of auditing software for open-source security) shows, that the patching of vulnerabilities still leaves much to be desired. The research found that 78% of the codebases examined contained at least one unpatched vulnerability, and an average of 64 known exploits per.
Read More >
Cymulate Named 2018 Gartner Cool Vendor
Eyal Aharoni, May 30, 2018
Read More >
If you have been following our blog, you know that we normally cover the latest trends in cybersecurity, discuss data breaches, and explain about compliance issues. This time, I wrote a blog post that is different from my usual ones. Why? Well, I want to share with you that Cymulate has been recognized by Gartner as a Cool Vendor in Application and Data Security for 2018. Needless to say, the whole Cymulate team is proud of this achievement. What is especially notable, is that Cymulate is the.
Read More >
Privacy Anyone?
Eyal Aharoni, May 28, 2018
Read More >
GDPR is here! Are you ready? Cymulate is here to help. As you know, on May 25, 2018 the General Data Protection Regulation (GDPR) came into force, impacting organizations around the globe. As with any new regulation, not all organizations comply (yet). In case of GDPR, this should not be underestimated, especially in light of the fines that can be imposed. The height of these fines depend (among other factors) on the number of people affected, the damages they suffered, and the duration of the.
Read More >
Leveraging Cyber Simulation for M&A
Eyal Aharoni, May 21, 2018
Read More >
Why Cybersecurity Is Critical for a Successful M&A In its “Cybersecurity Is Critical to the M&A Due Diligence Process” research note, Gartner points out that the M&A process is complicated by the inability to integrate and manage the cybersecurity practices of both companies. As part of the due diligence process, the acquiring company needs to examine the cybersecurity history and policies of the organization that it wants to acquire very carefully, as illustrated by the takeover of Yahoo by.
Read More >
Dark Web Shopping Center
Eyal Aharoni, May 8, 2018
Read More >
Black Mirror – Looking at the dark web marketplace for cybercrime We all know about cybercriminals, but do we also understand where they get their tools of the trade? Let’s go the dark side and have look at the black mirror reality of the cybercrime marketplace. The cybercrime world is the counterpart of our world. The same way that we use the (visible) web, they use the dark web which has its own search engines such as Onion.to. We purchase books from Amazon, items from Alibaba and fashion.
Read More >
SMBs - The Cybercrook’s Favorite Snack
Eyal Aharoni, April 30, 2018
Read More >
Cybercrooks just love going after small and medium-sized businesses since they are more vulnerable to cyberattacks than large organizations that have cybersecurity teams and top-notch security solutions in place. This makes those smaller organizations not only more vulnerable, but attacking them also does not require sophisticated tactics or tools, a simple bot botnet, RaaS toolkit (Ransomware as a Service) or phishing kits can already do the trick. Let’s have a closer look at the three main.
Read More >
Show

Subscribe to Our Blog

Stay up to date with the latest cybersecurity news and tips

By Tag