blog_hero_02

Blog

How BAS Optimizes Defense Against Supply Chain Attacks
Dor Sarig, May 6, 2019
Read More >
Supply chain cyberattacks are increasing as companies outsource a growing number of services. Today, your enterprise is more likely than ever to have third parties touching sensitive data[1]. Even when your security controls are robust, an attacker can breach a weaker network—like the network of one of your suppliers, service providers, or partners—and use it as an indirect route into your network[2]. In 2018, many highly publicized breaches were the result of supply-chain attacks: Atrium.
Read More >
How BAS Killed the Pen Test
Eyal Wachsman, April 23, 2019
Read More >
Cymulate’s Breach and Attack Simulation (BAS) as-a-Service has forever changed pen tests as we know them. From months to minutes, cloud-based BAS has revolutionized how fast organizations can get security assessment results, and how much they must pay to know how secure they are at any given point in time. Predicting the Present In February 2018, Mr. Augusto Barros, Research VP at Gartner, predicted that breach and attack simulation technology (BAS), combined with vulnerability assessments,.
Read More >
March Cyberattacks Wrap-up
Eyal Aharoni, April 4, 2019
Read More >
March's Cyberattacks In our monthly wrap-up, we cover the latest cyberattacks highlighting the attack methods and payloads used by malicious hackers and cybercriminals. Cybercrooks were very active in March 2019 successfully attacking Asus, Toyota, Jackson County, Earl Enterprise restaurants (e.g., Planet Hollywood), and various other industries.   If we look at the Asus breach, attackers used the Asus’ software update system to distribute their malware to about 1 million Windows computers. It.
Read More >
4 Steps for Getting a Handle on Your Organization's Security Posture as a New CISO
Dor Sarig, March 21, 2019
Read More >
You just signed on as CISO. Congratulations. Now you can expect to be deluged with security emergencies and unresolved issues from your predecessor while you're getting to know and building credibility with your team. Meanwhile, cyberattackers are still pounding at the door. All of these immediate pressures are important, but optimizing organization-wide security is why you were hired. Here are four steps that will help you identify security priorities and appropriate remediation steps, so you.
Read More >
Immediate Threat: WinRAR Path Traversal
Eyal Aharoni, February 23, 2019
Read More >
To keep on giving our users the necessary tools to boost their cybersecurity posture, the Cymulate Research Lab is constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up-to-date. A unique (and highly popular) feature in our platform is the Immediate Threat assessment, which allows organizations to test themselves if they are vulnerable against the latest threats, hours after they are.
Read More >
Seeing the Unseen: Detecting and Preventing the Advanced Persistent Threat
Eyal Aharoni, January 31, 2019
Read More >
In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as APT, or Advanced Persistent Threat, is a sophisticated attack in which a person or group attains access to a network and remains undetected for an extended period of time.   The DarkHydrus APT Attack Let’s have a closer look at how APT threat actors operate by looking at a recent APT attack,.
Read More >
Massive Data Hack Becomes Personal for German Politicians
Eyal Aharoni, January 13, 2019
Read More >
  Targeting politicians with cyber-attacks is not new, cybercriminals, hacktivists and rival nations have been doing this for many years. In 2016, Russian hackers allegedly tried to interfere in the 2016 US presidential election. The British parliament was targeted in mid-2017 in an attempt to access the accounts of hundreds of MPs, Lords, aides and staff by the suspected Russia and North Korea. During July 2018, hackers stole 1.5 million accounts patient data in Singapore including those of.
Read More >
Watering Hole Attack: "Don't Drink the Water"
Eyal Aharoni, January 2, 2019
Read More >
A Watering Hole attack is a method in which the attacker seeks to compromise a specific group of end users by infecting websites that members of that group are known to visit. The attacks have been adopted by criminals, APT groups and nation states alike and we see the amounts rising. The goal is to infect a victim's computer and gain access to the network within the victims's place of employment. Many conclude that these attacks   are an alternative to Spear Phishing but are quite different..
Read More >
The Most Malicious Threat Actors Using Email
Eyal Aharoni, December 13, 2018
Read More >
Cyberattacks using the email vector has been the most widely used attack vector for the past few years, including this year. Threat actors are spreading ransomwares, trojans, malwares, and more with a simple email. In this blog, we will review the breakdown and the average penetration ratio per category of threats.   During 2018, 858 worldwide organizations from various sectors mainly financial ones, including banks and insurance companies, turned to Cymulate to have their “cyberdefences”.
Read More >
November Cyberattacks Wrap-up
Eyal Aharoni, December 4, 2018
Read More >
November's Cyberattacks In our monthly wrap-up, we cover the latest cyberattacks highlighting the attack methods and payloads used by malicious hackers and cybercriminals. The month ended with Marriott disclosing that it had been the victim of a large-scale data breach. The data of around 500 million customers who stayed at Starwood hotels (part of the Marriot group) for the last four years had been compromised. The breached data included some combination of name, mailing address, phone number,.
Read More >
Show

Subscribe to Our Blog

Stay up to date with the latest cybersecurity news and tips

By Tag