blog_hero_02

Blog

Immediate Threat Analysis – New Dharma Ransomware Strain Found in the Wild
Cymulate Research Lab, August 12, 2019
Read More >
Originally an offshoot of CrySiS, the Dharma ransomware family has brought forth a new variant, as part of its ongoing creation of new strains. In this blog post, we analyze the latest variant found in the wild by malware researcher Jakub Kroustek. Cymulate customers can check if they are vulnerable to this threat by running an Immediate Threat Intelligence simulation of this variant, uploaded to the dashboard on 28th July 2019. (Login to the dashboard here.) Overview Dharma has been operating.
Read More >
Red Teaming on Steroids - How to Optimize Security Controls Faster
Mor Ahuvia, July 19, 2019
Read More >
In the beginning there was pen testing. Then, developers accelerated pen testing with automated pentesting tools. Next, came the realization that instead of just one pen tester, a full team of pen testers could be deployed. Instead of seeking and exploiting security gaps opportunistically, they would perform reconnaissance work ahead of time, then plan and carry out a multi-step, multi-vector attack across the cyber kill chain, mimicking today’s sophisticated cyber heists and advanced.
Read More >
Threats that made Fireworks in the Headlines
Eyal Aharoni, July 4, 2019
Read More >
The lead up to this year’s 4th of July has been chockful of cyber events, from cities getting extorted, through triple-threat ransomware, to state-sponsored APT activity. Here’s a recap of last month’s cyber threat highlights. The month started with AMCA (an American billing collections service provider) announcing on June 3 that an unauthorized user had accessed its system containing personal information that AMCA had received from various entities. The personal data of 11.9 million customers,.
Read More >
Immediate Threat: WinRAR Path Traversal
Eyal Aharoni, February 23, 2019
Read More >
To keep on giving our users the necessary tools to boost their cybersecurity posture, the Cymulate Research Lab is constantly searching for new global attacks that can compromise organizations. By adding the latest in-the-wild detected threats, we keep our BAS platform up-to-date. A unique (and highly popular) feature in our platform is the Immediate Threat assessment, which allows organizations to test themselves if they are vulnerable against the latest threats, hours after they are.
Read More >
Seeing the Unseen: Detecting and Preventing the Advanced Persistent Threat
Eyal Aharoni, January 31, 2019
Read More >
In the last few years, APT attacks conducted by individual cybercriminals, organized crime and state-sponsored groups have become prevalent and sophisticated, bypassing standard security controls such as APT, or Advanced Persistent Threat, is a sophisticated attack in which a person or group attains access to a network and remains undetected for an extended period of time.   The DarkHydrus APT Attack Let’s have a closer look at how APT threat actors operate by looking at a recent APT attack,.
Read More >
Abusing Microsoft Office Online Video
Avihai Ben-Yossef, October 25, 2018
Read More >
  **Updated Note: As of November 12th, 2018, Trend Micro has discovered an in-the-wild sample of this logical bug seen in the TROJ_EXPLOIT.AOOCAI, using it  to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).** Cymulate’s research team has discovered a way to abuse the Online Video feature on Microsoft Word to execute malicious code (Read the press release here). Attackers could use this for malicious purposes such as phishing, as the document will show the embedded online video.
Read More >
Cybercrooks are Laughing All the Way from the Bank
Eyal Aharoni, October 19, 2018
Read More >
  Financial services firms are favorite targets for cyber criminals. The firms are a treasure trove of tradeable data varying from credit card credentials, customer information, and corporate data that can be abused or sold on the dark net. Compared to other industries, the financial sector still remains extremely vulnerable. Overall, the chance of a financial institution being breached is 300 times higher than that of other organizations. While US companies in general are attacked around 4.
Read More >
Cybercriminals are Industrious When Hacking Industries
Eyal Aharoni, October 10, 2018
Read More >
  In recent years, cyber-attacks on industrial control systems and critical infrastructure all together have been on the rise. A recent study by Bitkom shows that cyber-attacks cost the German industry almost $50 billion. Those attacks are not limited to Europe’s strong economy. Hackers are known to have manipulated critical industrial safety systems to cause physical damage. This poses a major question: Which sectors are the most critical and at risk? The United States Home Land Security (HLS).
Read More >
Cybercriminals Have an Unhealthy Appetite for Medical Data
Eyal Aharoni, September 26, 2018
Read More >
  Cybercriminals just love targeting healthcare organizations and have been doing it quite often for many years. As can be seen on the table below, during the past couple of months cybercriminals have been working hard on these types of targets. where they hit with ransomware attacks or breach to exfiltrate medical records which they can monetize. These medical records are a treasure trove of information that is easy to sell on the dark web. In contrast to e.g., financial institutions,.
Read More >
Academia Up for Grabs
Eyal Aharoni, September 4, 2018
Read More >
Academia is Still a Preferred Target for Cyberattacks. In our blog post of June 6 last year, we wrote that although the attacks in the academic sector had received much less media attention than those in other sectors, academic institutions have been favorite targets of cybercriminals for over 3 decades. We also mentioned that those attacks are not likely to go away. Sadly enough, this has proved to be true. Date Target Attack Result March 2018 140 American research universities.
Read More >
Show

Subscribe to Our Blog

Stay up to date with the latest cybersecurity news and tips

By Tag