SecOps & Risk mitigation
CyberProof uses OSINT and threat intelligence feeds for visibility into threats.
CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
24/7 global SOC support ensures incident response with guaranteed SLA.
24/7 global SOC support ensures incident response with guaranteed SLA.
CyberProof develops recovery plans, restoring capabilities after a cyber incident.
Classify and manage enterprise assets, understanding risks and data sensitivity.
Non-destructive tests uncover potential exploits in assets and applications.
Mitigate security issues early with CyberProof’s training and awareness programs.
Rigorous security assessment for on-premise and cloud applications to ensure protection.
IAM manages user access, monitors for anomalies, ensuring security.
Cloud First approach ensures compliance and security within cloud environments.
Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.
Identify, assess, and mitigate security vulnerabilities through regular scanning.
Partners
See all partners“Today I have complete visibility into the entire environment, in real time”
Jamil Farshchi | Equifax CISO
Case Studies
90% increase in visibility after deploying Microsoft XDR with CyberProof
Enterprise saves millions on data ingestion & storage following cloud migration.
International logistics company sees 40% savings in security operations costs
Threat Alerts
The Rise of Phishing Attacks Using GitHub, Telegram, and QR Codes
Researchers have identified a new malware campaign exploiting GitHub to infiltrate the insurance and finance sectors. The attackers cleverly leverage legitimate, high-profile tax-related repositories to bypass standard security measures, employing the Remcos Remote Access Trojan (RAT) within phishing emails. This novel tactic utilizes the trusted nature of GitHub, avoiding conventional detection methods. The malware loader establishes persistence and can deploy further malicious payloads.
Researchers also highlight an increase in inventive phishing strategies, such as the use of ASCII- and Unicode-based QR codes, blob URLs, and the exploitation of legitimate online accommodation booking accounts for financial scams. Recent arrests suggest a highly organized criminal network, targeting vulnerable individuals for recruitment and utilizing advanced tools like the Telekopye Telegram bot for wide-reaching scam operations.
New macOS Vulnerability Potentially Leads to Unauthorized Data Access
A recent macOS vulnerability -“HM Surf”, identified as CVE-2024-44133 (CVSS Score 5.5), allows attackers to bypass the operating system’s Transparency, Consent, and Control (TCC) technology, potentially exposing users’ sensitive data. This flaw targets the protection mechanisms for accessing services like the camera, microphone, and location without the user’s consent. Exploiting this vulnerability could enable attackers to gain unauthorized access to personal data stored in the Safari browser directory, raising security risks for macOS users.
The exploit involves manipulating key configuration files within the user’s home directory to bypass TCC protections, granting unrestricted access to sensitive services. Once an attacker gains control of these files, they can modify TCC settings that dictate access permissions, allowing them to stealthily gather data, run malicious code, or perform actions such as taking snapshots, tracking location, or streaming audio and video from the device without the user’s knowledge. Attackers can further leverage the flaw by hosting malicious websites over HTTPS to gain access to TCC-protected services via JavaScript, making this vulnerability a high-priority target for exploitation, especially by malware like Adload, which has been detected in the wild exploiting similar weaknesses.