Cyber Hub

Your place for the latest CyberProof updates
Linkedin Linkedin Follow Us
  • Feb 25
    #Hackers are known to keep their eye on the virtual door of video #conferencing - looking for flaws to sneak into confidential meetings. Threatpost reports on what Zoom is doing to continue #changingthewaypeoplework and create an online room for people to #meethappy and confidently: https://hubs.ly/H0mZrdv0
  • Feb 20
    Starting tomorrow and throughout the next two days, we'll be in Bangalore CISO Platform Summit - one of India’s largest #securityevents where #CISOs will gather to share knowledge and empower themselves to make better security buying decisions. Visit us there at booth CP1230: https://hubs.ly/H0m_jJ20
  • Feb 19
    The #cybersecurity arena is facing a new era of threats, trends, and solutions. We conducted a survey across the company here at CyberProof exploring the question of what we can expect to see and uncovered some interesting predictions. Check them out on our latest blog >> https://hubs.ly/H0n1X940 #cybersecuritytrends #threatpredictions
  • Feb 17
    #ArtificialIntelligence can help #SOCs improve efficiency and reduce response times, but how can #AI and #Automation be put into practice on the ground - and in the cloud? This #securityebook provides a detailed guide for SOCs ready to take their #securityoperations into the future. https://hubs.ly/H0mSMzG0
  • Feb 16
    On Feb 21-22 we’ll be joining CISOs from around the world in Bangalore at the CISO Platform Summit, India’s largest #ITsecurity conference of the year. Visit us at booth CP1230 to learn how we’re using #AI and #automation to build a smarter #SOC >> https://hubs.ly/H0m_yWx0
  • Feb 13
    We’re excited to be Diamond Partners in this year’s CISO Platform Summit, India’s largest #ITsecurity conference - focusing on peer learning, security buying decisions and how we, as #threatintelligence leaders, can make a difference to the world of security. https://hubs.ly/H0m_qRQ0
  • Feb 12
    Here's what The Update Box is bringing to #RSAC2020 ✔️ Real-time vendor and press announcements ✔️ The latest info on upcoming speeches ✔️ A chance to win big at the event
    Enter the #RSAC Giveaway Basket raffle here: https://hubs.ly/H0mHYGf0
  • Feb 10
    Join part 2 of our upcoming #securitywebinar series on Feb 20th, to learn about the fundamentals of building an #intruderhunting program as part of your integrated #cybersecurity and risk management architecture. Sign up today >> https://hubs.ly/H0mNmJc0
  • Feb 05
    Our team had a great time at hashtaghc0n2020 sharing, learning, and networking with cyber tech professionals and ethical hackers at the biggest hacking community event in Spain this past weekend. hashtaghackerconference hashtagethicalhackers hashtaghc0n2020
  • Feb 04
    #Malware has been discovered in this device's very own setup app with little to no hope of removing it - and if that's not bad enough - there are TWO of them. SC Media has the details >> https://hubs.ly/H0mHYDY0 #BuyersBeware
  • Feb 03
    Curious what to expect at #RSAC2020? Stay up to date on the latest at this year's RSA Conference with The Update Box, sponsored by yours truly! https://hubs.ly/H0mJ3pD0
  • Feb 02
    Our team had a great time at Hackplayers #hc0n2020 sharing, learning, and networking with cyber tech professionals and #ethicalhackers at the biggest hacking community event in Spain this past weekend.
  • Jan 29
    We're proud to announce that Orel Pery, our CTI Team Leader will be presenting at one of the biggest #cybersecurity knowledge-exchange events of the year - #hc0n2020. Check out her upcoming participation at Hackplayers #hackingconferencehttps://hubs.ly/H0mMXLC0
  • Jan 27
    As we enter the next decade with #digitalization full steam ahead, where are intelligence expert focusing their efforts to stop #cybercriminals in their tracks? Help Net Security reports on #2020cybertrends and where attackers are expected to be heading: https://hubs.ly/H0mJ0D00
  • Jan 15
    The tables have turned on ring camera doorbells. SC Media shares the details on how hackers are gaining control of them and why the need for IoT security should be taken very seriously as we venture further into digitalisation. https://hubs.ly/H0mpr5M0 digitalisation IoT IoTsecurity hackers
  • Jan 10
    What will 2020 bring to the world of cyber security as IoT continues to evolve? Privacy protection is on the top of the list as the public domain as the demand for manufacturers to produce low-cost, integrated devices grows. https://hubs.ly/H0mpr5Y0   cybersecurity privacyprotection publicdomain
  • Jan 08
    Congrats to Yair Bar Touv, Joo Khuan Quek CISSP, CISM 郭裕宽 and team on the completion of the new branding in our Singapore Center of Excellence. The SOC team supports our regional and global customers for hashtagmdr and hashtagmssp services. hashtagcybersecurity hashtagsoc hashtagcyberproof
  • Dec 25
    Happy Holidays from everyone CyberProof. May your holidays will be filled with joy, laughter, and security through the New Year ahead! #HappyHolidays #SeasonsGreetings #HappyNewYear
  • Dec 23
    As we look ahead at the future of AI and cyber security, we must find a way to use AI to reduce and aid the work of the overloaded intelligence analysts - here's how cyber professionals can make that happen. hubs.ly/H0m22Q60 #AI #cybersecurity #ML #SOC #SOCefficiency #SecurityTeams
Twitter Twitter Follow Us
  • Feb 25
    En el #CyberSecuritySummit2020, organizado por Esade y @cyberproofinc @USTGlobal_ES, pudimos asistir a interesantes… t.co/cihaK3SRH9
  • Feb 19
    RT @cyberproofinc: Check out our #CyberHub - your place for the latest #cybersecurity news & updates: t.co/iEYTwShTX8
  • Feb 18
    RT @USTGlobal_ES: Comenzamos el evento #CyberSecuritySummit2020 en @ESADELawSchool Lo inauguran @xribas , co-director del Máster IT+IP d…
  • Feb 18
    RT @USTGlobal_ES: Comenzamos el evento #CyberSecuritySummit2020 en @ESADELawSchool Lo inauguran @xribas , co-director del Máster IT+IP d…
  • Feb 18
    RT @USTGlobal_ES: Comenzamos el evento #CyberSecuritySummit2020 en @ESADELawSchool Lo inauguran @xribas , co-director del Máster IT+IP d…
  • Feb 18
    RT @USTGlobal_ES: Comenzamos el evento #CyberSecuritySummit2020 en @ESADELawSchool Lo inauguran @xribas , co-director del Máster IT+IP d…
  • Feb 18
    Comenzamos el evento #CyberSecuritySummit2020 en @ESADELawSchool Lo inauguran @xribas , co-director del Máster I… t.co/NdaT8koQns
  • Feb 16
    RT @cyberproofinc: On Feb 21-22 we’ll be joining #CISOs from around the world in Bangalore @CISOPlatform Summit, India’s largest #ITsecurit…
  • Feb 16
    RT @cyberproofinc: On Feb 21-22 we’ll be joining #CISOs from around the world in Bangalore @CISOPlatform Summit, India’s largest #ITsecurit…
  • Feb 16
    RT @cyberproofinc: On Feb 21-22 we’ll be joining #CISOs from around the world in Bangalore @CISOPlatform Summit, India’s largest #ITsecurit…
  • Feb 14
    RT @cyberproofinc: Here’s a glimpse at our last #securitymeetup - an evening of networking, peer sharing, and learning. Want to stay up to…
  • Feb 14
    RT @cyberproofinc: Here’s a glimpse at our last #securitymeetup - an evening of networking, peer sharing, and learning. Want to stay up to…
  • Feb 13
    RT @cyberproofinc: We’re excited to be Diamond Partners in this year’s @CISOPlatform Summit, India’s largest #ITsecurity conference - focus…
Facebook Facebook Follow Us
  • Feb 25
    Our #cyberdefense center is a prime example of how #HUMINT and #AI can work together to create a fully integrated #cybersecurity ecosystem for each customer. Find out how on our blog: https://hubs.ly/H0mRMXJ0
  • Feb 21
    We're heading to Bangalore to join CISOs from around the world for two days of peer learning and networking, with a focus on how to make the world a safer place by making better security buying decisions. Meet us at the CISO Platform Summit >> https://hubs.ly/H0m_sSH0
  • Feb 19
    With concerns rising over online #dataprofiling #IoTdevices #facialrecognition software and more… data and digital #privacylaws are at the center of core issues for governments to address. @ITSecGuruNews provides an overview of the #dataprivacy landscape and what's coming for 2020 >> https://hubs.ly/H0mZrdk0
  • Feb 18
    Ready to build an effective Intruder Hunting Program? Join us today for part 2 of our webinar series our VP and Global Head of Customer Success, Bruce A. Roton will explore the following: ☑️ How to identify what you are looking for ☑️ How to select and use the tools at your disposal ☑️ How to build an Intrusion Sensor Array ☑️ The fundamentals of data collection and analysis for use in intruder detection ☑️ Creating an integrated security and risk management architecture
    Sign up for part 2 of this expert security series today to join the conversation >> https://hubs.ly/H0n2zFQ0 Missed part 1? Get it on demand here >> https://hubs.ly/H0n2zl60 #intruderhunting #intruderdetection #securitywebinar #proactivecybersecurity #cybersecurity
  • Feb 17
    We already know not to believe everything we read online, but what about what we see? The lines of reality are being blurred more than ever as #cybercriminals continue to break the truth-barrier with #deepfake videos being created #IRT. https://hubs.ly/H0mZrcp0
  • Feb 14
    Here’s a glimpse at our last #securitymeetup - an evening of networking, peer sharing, and learning. Want to stay up to date on the next one? Check out our #CyberHub for the latest updates on events, meetups, webinars, and more. https://hubs.ly/H0m_jLs0
  • Feb 13
    If you already have a technical background in #cybersecurity and are looking to delve deeper into the processes of developing an effective #intruderhunting program, this #securitywebinar is for you! Join CyberProof's VP and Global Head of Customer Success, Bruce A. Roton on Feb 20th and gain expert insights into intruder detection, eviction, and remediation >> https://hubs.ly/H0mNCvB0
  • Feb 11
    #Cybersecurity today needs to go beyond playing the defensive to stay ahead of the game. See how CyberProof is bringing #securityservices to the next level with a combination of #automation and #HUMINThttps://hubs.ly/H0mNwwx0
  • Feb 06
    Download our #securityebook to learn about the issues facing today’s #SOC – and how #AI and automation can help organizations stay safe and resilient. https://hubs.ly/H0mSWk50
  • Feb 05
    When it comes to #cyberattacks, the question is not IF but rather WHEN? In part 1 of our intruder hunting #securitywebinar series, we discussed why proactive #intruderhunting is vital to your #cybersecurity strategy. In our upcoming webinar, we'll delve deeper into the processes of building an effective intruder detection program. https://hubs.ly/H0mNHyz0
  • Feb 03
    Huge shout out to our Threat Intelligence Team Leader, Orel Pery, who inspired hundreds of cyber tech leaders at Hackplayers #hc0n2020 with her presentation on getting inside a hackers mindset from the perspective of an analyst - and the connection between the two.
  • Jan 30
    At CyberProof #cybersecurity and #threatintelligence are much more than a day job, it's part of our DNA. Take a couple of minutes (2:17 to be exact) to meet the experts behind CyberProof and see how we transform #securityoperations >> https://hubs.ly/H0mNHFv0
  • Jan 24
    #usecasefactory in your #cybersecuritystrategy is vital for mitigating risks and minimizing damage to an organization. Part 2 of this blog series takes a closer look at the process of identification, validation, development, and operation of a use case: https://hubs.ly/H0mzl9h0 #riskassessment #proactivedefense
  • Jan 23
    We're excited to take part in making this year's #RSAC the best yet, with the launch of The Update Box. A platform that offers RSA attendees the opportunity to optimize their #RSAC2020 experience with real-time info on the best talks, vendor announcements, and press. Check it out here: https://hubs.ly/H0mHYFV0
  • Jan 15
    The tables have turned on ring camera doorbells. @SCMag shares the details on how #hackers are gaining control of them and why the need for #IoT #security should be taken very seriously as we venture further into #digitalisation. hubs.ly/H0mpsNP0
  • Jan 14
    In part 1 of this blog series, we discussed how building a #usecase package requires specific skills – now we're delving deeper into the development process for a #usecasefactory. Let's take a closer look >> hubs.ly/H0mzjYk0 << #cybersecurity #proactivecybersecurity
  • Jan 10
    What will 2020 bring to the world of #cybersecurity as #IoT continues to evolve? #Privacyprotection is on the top of the list as the #publicdomain as the demand for manufacturers to produce low-cost, integrated devices grows. hubs.ly/H0mpqVt0
  • Jan 06
    #ThreatHunting is an art form of sorts. It requires actively looking for signs of malicious activity within enterprise networks, but without prior knowledge of those signs - and for that, the key to success is the expertise of your #securityteam. hubs.ly/H0mg1Gj0
  • Jan 03
    Join part 1 of our upcoming #securitywebinar series on Jan 14th, to learn about the resources and functional components required for effective #IntruderHunting. Then, keep an eye out for Part 2 where we'll delve deeper into the issues and processes of #intruderdetection, from first response through intruder eviction and remediation.
Latest Reports
  • 24-Feb-2020

    Emotet is Launching SMiShing Campaign to Collect Credentials and Drop Malware

    Label: Threat Advisory
    Threat Level: High

    The notorious Emotet group was recently linked to a new SMiShing campaign in which phishing domains for banks are being used to harvest credentials and drop malware on the victim’s machine. Researchers also suspect that some payloads in this campaign are linked to TrickBot.

    Read More >
  • 24-Feb-2020

    Iranian APT Campaign ‘Fox Kitten’ Malware Campaign Exploits 1-day VPN Vulnerabilities

    Label: Threat Advisory
    Threat Level: High

    A group of researchers uncovered an APT campaign backed by Iran that exploited vulnerabilities found on different VPNs. Purportedly the campaign has been ongoing for the last three years and was aimed against dozens of companies and organizations in several countries like Israel, U.S., Saudi Arabia, Australia and others. As part of the campaign, dubbed ‘Fox Kitten’ by the researchers, the hackers targeted companies from the IT, telecommunication, oil and gas, aviation, government, and security sectorsThe researchers believe that the goal of the attacks is to breach networks, move laterally once they have access to the internal systems and plant backdoors to be exploited when necessary. An interesting aspect of this campaign, according to the research, is that known Iran-backed APTs seem to have collaborated in order to carry it out: APT33-Elfin, APT34-OilRig and potentially APT 39-Chafer. 

  • 24-Feb-2020

    Recent Phishing Campaigns Targeting Organizations Around The World

    Label: Threat Advisory
    Threat Level: High

    Over the past couple of weeksseveral phishing campaigns were observed being launched by threat actors against organizations and end-users around the world. The campaigns are linked to different threat actors and target various countries using different social engineering techniques. A new phishing campaign that uses Google Forms was detected, as well as continuous use of the concern of the Coronavirus and another campaign that uses Microsoft Excel files. 

  • 27-Jan-2020

    Increase in Emotet Malware Attacks 

    Label: Threat Analysis
    Threat Level: Normal

    CyberProof CTI team continuously monitors changes to Emotet malware campaign, currently one of the most prolific malware families.  Over the past week, we have seen an increase in Emotet targeted attacks, as well as malware modification.  Emotet  Emotet is a banking trojan written to perpetrate fraud. It is usually distributed through large-scale spam campaigns with links to malicious word documents containing a PowerShell downloader script and attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. If successful, an attacker could use an Emotet infection to obtain sensitive information. Emotet is known to be bundled alongside Zeus Panda (Panda Banker), Trickbot, and IceID.

  • 27-Jan-2020

    New POCs for Vulnerabilities in RD Gateway were Published Recently 

    Label: Threat Analysis
    Threat Level: Normal

    A proof of concept exploit for a denial of service vulnerabilities (CVE-2020-0609 and CVE-2020-0610) in the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices was published recently. The two vulnerabilities are dubbed BlueGate and were patched by Microsoft as part of January Patch Tuesday. RD Gateway is used to fence off Remote Desktop servers on internal networks from Internet connections and to only allow the ones that successfully authenticate on the gateway to reach the server. RDG supports three different protocols: HTTP, HTTPS, and UDP. The updated function in the recent update made by Microsoft prior to the discovery of the flaws is responsible for handling the UDP protocol. The RDG UDP protocol allows for large messages to be split across multiple separate UDP packets. Due to the property that UDP is connectionless, packets can arrive out of order. The job of this function is to re-assemble messages, ensuring each part is in the correct place. Once exploited, the vulnerabilities can allow an unauthenticated attacker that connects to the target system using RDP, executing arbitrary code. According to Microsoft, these vulnerabilities are pre-authentication and requires no user interaction. In addition, the vulnerability only affects UDP transport, which by default runs on UDP port 3391.

  • 27-Jan-2020

    Cyber-Criminals Behind Ransomware Attacks Resort to Exfiltrate and Leak Data to Ensure Payment of Ransom  

    Label: Threat Analysis
    Threat Level: Normal

    During the last month we have witnessed several large-scale ransomware attacks, the most prominent of them being the Sodinokibi attack on the currency exchange company Travelex, whose website is still unavailable at the time of writing this piece. However, we have identified a trend with these threat actors who, in order to increase the likelihood of the victims effectively paying the ransom, are stealing and threatening to leak the victim’s data. Companies may be more apt to pay a ransom if it costs less than the possible fines, data breach notification costs, loss of trade and business secrets, tarnishing of brand image, and potential lawsuits for the disclosing of personal data.

  • 20-Jan-2020

    Emotet Banking Trojan Restarts its Phishing Campaigns After The Holiday Break 

    Label: Threat Analysis
    Threat Level: Normal

    After a break of several weeks, the infamous Emotet trojan has restarted its activity, running spear-phishing campaigns in more than 80 countries around the world. The group behind Emotet, TA542, is focusing on phishing emails, pretending to be proof-of-delivery documents, reports, agreements, and statements. The banking trojan that has become a powerful botnet that is also used to deliver other malware such as Trickbot and Ryuk ransomware, is known with its advanced social engineering campaigns using regular emails and reply-chain attacks made thanks to successful account takeover attacks.

    Read More >
  • 20-Jan-2020

    Critical Internet Explorer Browser Zero-Day Vulnerability Affects Windows Users and Currently Being Exploited   (CVE-2020-0674) 

    Label: Threat Analysis
    Threat Level: Normal

    On Friday, January 17, there was a high-risk memory corruption vulnerability (CVE-2020-0674) in the security update released by Microsoft. Microsoft issued a warning about this critical IE Zero Day vulnerability that actively exploited in wide and warns Windows users.  A critical remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. According to the advisory: “A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user… An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

  • 20-Jan-2020

    PoC Exploits Published for Microsoft-NSA Crypto-Vulnerability (CurveBall – CVE-2020-0601)

    Label: Threat Analysis
    Threat Level: Normal

    Following our recent CTI alert from January 14 regarding a patch for a critical vulnerability in Microsoft Windows clients and servers, our team kept a close look on any developments on the matter. 

    This week, security researchers published proof-of-concept (PoC) exploits for the recently patched vulnerability in the Windows operating system, which was published and reported to Microsoft by the NSA. It affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality.  

    The bug described as “seriously, seriously bad” by security advisors is the first one to be reported to Microsoft by the NSA.  The DHS' CISA department issued an emergency directive, giving government agencies ten days to patch systems by applying the January 2020 Microsoft Patch Tuesday updates. 

  • 04-Jan-2020

    NEW ROBOTO BOTNET TARGETING LINUX SERVERS RUNNING WEBMIN

    Label: Threat Analysis
    Threat Level: Normal

    This week, NetLab researchers found that a cybercrime group is enslaving Linux servers running vulnerable Webmin apps in a new botnet that security researchers are currently tracking under the name of Roboto.

    Roboto appeared in July of this year and is linked to the disclosure of a major security flaw in a Web app installed on more than 215,000 Linux servers - a perfect basis for building a botnet. The team behind Webmin, a web-based remote management app for Linux systems, disclosed and patched a vulnerability that allowed attackers to run malicious code with root privileges and take over older Webmin versions. Because of the security flaw's easy exploitation and the vast number of vulnerable systems, attacks against Webmin installs began days after the vulnerability was disclosed.

    Read More >
Upcoming Events
  • March 12 - 14, 2020

    Women in CyberSecurity

    WiCyS is the only non-profit membership organization with national reach that is dedicated to bringing together women in cybersecurity from academia, research and industry to share knowledge, experience, networking and mentoring.

  • May 13 - 14, 2020

    SIGS Technology Conference

    Learn about the latest cybersecurity developments in expert-led sessions, inspiring keynotes and workshops. Join some of the leading vendors in the cyber security industry and discover new solutions to help you secure your organization.

  • June 1 - 4, 2020

    Gartner Security and Risk Management Summit 2020

    Security and risk leaders gather at this conference every year to update and improve their cybersecurity and risk management strategies. Join us for the insights and information you need to deal with whatever the new decade brings your way.

  • June 2 - 4, 2020

    Infosecurity Europe 2020

    Bringing business, tech and cyber communities together to discuss and discover how best to protect companies and individuals.

Webinars
  • Streamlining Your Response to Cyber Attacks – An Analyst’s Perspective

    Learn how the CyberProof platform helps analysts streamline response time to cyber attacks Join >

  • Introduction to Pro-Active Intruder Hunting – Part 2

    Learn how to build an effective and proactive Intruder Hunting Program. Join >

  • Introduction to Pro-Active Intruder Hunting – Part 1

    Learn how to build an effective and proactive Intruder Hunting Program. Join >

  • New Approaches To DFIR That Can Radically Reduce Your Time To Respond to Attacks

    Learn about new approaches to DFIR that can radically reduce your attack response time. Join >

  • How to Reverse Cyber Security’s Staffing Shortage

    Learn how you can reverse cyber security’s staffing shortage via best hiring and security automation. Join >

  • How AI Can Increase the Efficiency of Your SOC

    Learn how AI and automation can increase the security posture of the enterprise. Join >

  • How Threat Intelligence-Driven Security Operations Leads to Reduces Cyber Incidents

    Learn how to spot and block malicious actors before they become attackers with threat intelligence-driven security operations. Join >

  • SANS SOC Survey: Best Practices for Security Operations Centers

    The 2019 SANS Security Operations Center (SOC) Survey is focused on providing objective data to security leaders who are looking to establish a SOC or optimize an existing one. This webcast will capture common and best practices, provide defendable metrics that can be used to justify SOC resources to management, and highlight the key areas that SOC managers should prioritize to increase the effectiveness and efficiency of security operations. Join >

  • Security Thought Leadership Webinar – July 2019

    Security Thought Leadership: New insights uncover ways to reduce risk Join >

Latest Resources Our Latest Resources
Report SANS 2019 SECURITY OPERATIONS CENTER (SOC) SURVEY

Common and Best Practices for
Security Operations Centers

Read the report

Stay up to date

Sign up to newsletter