Blog

Ransomware is on the rise, massive data breaches are announced with scary regularity, and APTs continue to nestle themselves in networks going completely undetected for months and sometimes even years.  Although organizations across all industries keep on increasing their cybersecurity budgets and hiring more staff, these measures are still not sufficient and effective enough. Lately, there has been a lot of noise around ATT&CK™, the Adversarial Tactics, Techniques, and Common Knowledge base.

Knock knock, whose there? A Cybercrook is exploiting known vulnerabilities to penetrate the organization for an easy picking. The 2018 Open Source Security and Risk Analysis report released by Black Duck Software (a developer of auditing software for open-source security) shows, that the patching of vulnerabilities still leaves much to be desired. The research found that 78% of the codebases examined contained at least one unpatched vulnerability, and an average of 64 known exploits per.

If you have been following our blog, you know that we normally cover the latest trends in cybersecurity, discuss data breaches, and explain about compliance issues. This time, I wrote a blog post that is different from my usual ones. Why? Well, I want to share with you that Cymulate has been recognized by Gartner as a Cool Vendor in Application and Data Security for 2018. Needless to say, the whole Cymulate team is proud of this achievement. What is especially notable, is that Cymulate is the.

GDPR is here! Are you ready? Cymulate is here to help. As you know, on May 25, 2018 the General Data Protection Regulation (GDPR) came into force, impacting organizations around the globe. As with any new regulation, not all organizations comply (yet). In case of GDPR, this should not be underestimated, especially in light of the fines that can be imposed. The height of these fines depend (among other factors) on the number of people affected, the damages they suffered, and the duration of the.

Why Cybersecurity Is Critical for a Successful M&A In its “Cybersecurity Is Critical to the M&A Due Diligence Process” research note, Gartner points out that the M&A process is complicated by the inability to integrate and manage the cybersecurity practices of both companies. As part of the due diligence process, the acquiring company needs to examine the cybersecurity history and policies of the organization that it wants to acquire very carefully, as illustrated by the takeover of Yahoo by.

Black Mirror – Looking at the dark web marketplace for cybercrime We all know about cybercriminals, but do we also understand where they get their tools of the trade? Let’s go the dark side and have look at the black mirror reality of the cybercrime marketplace. The cybercrime world is the counterpart of our world. The same way that we use the (visible) web, they use the dark web which has its own search engines such as Onion.to. We purchase books from Amazon, items from Alibaba and fashion.

Cybercrooks just love going after small and medium-sized businesses since they are more vulnerable to cyberattacks than large organizations that have cybersecurity teams and top-notch security solutions in place. This makes those smaller organizations not only more vulnerable, but attacking them also does not require sophisticated tactics or tools, a simple bot botnet, RaaS toolkit (Ransomware as a Service) or phishing kits can already do the trick. Let’s have a closer look at the three main.

You might think that we have become good at identifying phishing attacks today, but that’s a dangerous assumption. The frightening truth is, that around 90% of all cyberattacks start with a phishing or spear phishing email. Yes, almost all of us can spot a dubious request from a “Nigerian prince” asking us for our bank details a mile away, but phishers have improved their game to keep on outsmarting us. With the US tax season in full gear, cybercrooks are sending phishing emails to get.

Yes, the US is under cyberattacks - constantly Being a rich superpower comes with a price, as the US found out the hard  way. Especially American healthcare and financial organizations remain popular targets, since they are rich pickings for cybercrooks. Infrastructure is another favorite, as are municipalities which have often outdated cyber defenses. Looking back, 2017 which was a peak year with 1.57B data breaches and close to 179M data records exposed (Source: Statistica). Although it’s.

Risk Score KPI Lets Your SOC Rock Your Cybersecurity In the good old days, a security operations center (SOC) was basically a room full of live camera feeds to let the organization see what’s going and to take action if necessary. It started with government agencies, defense departments, followed by financial institutions. Today, is also used for managed services. Its purpose is still the same - being a centralized hub for continuously monitoring of and managing the security status of an.