#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Cynet | Breaking Cybersecurity News | The Hacker News

A New Slack channel for Cybersecurity Leaders Outside of the Fortune 2000

A New Slack channel for Cybersecurity Leaders Outside of the Fortune 2000
Apr 30, 2021
Perhaps due to the nature of the position, the InfoSec leadership roles tend to be solitary ones. CISOs, or their equivalent decision-makers in organizations without the role, have so many constant drains on their attention – keeping their knowledge fresh, building plans to secure their organizations further – that they often find themselves on an island. It's even more challenging for organizations outside the Fortune 2000 that are resource-constrained. Security leaders are expected to know everything and often don't have anyone inside their organization with whom to bounce ideas or even go to for advice. When a crisis arises, they must often go with their gut or guess at the best solution based on their own experiences. Security leaders could often use advice but don't have an outlet for it. Chris Roberts, Chief Security Strategist at Cynet Security, offers a new Slack-based community for InfoSec leaders ( register here ) as a solution. The new InfoSec Leaders Community will fea

Cybersecurity Webinar: Understanding the 2020 MITRE ATT&CK Results

Cybersecurity Webinar: Understanding the 2020 MITRE ATT&CK Results
Apr 27, 2021
The release of MITRE Engenuity's Carbanak+Fin7 ATT&CK evaluations every year is a benchmark for the cybersecurity industry. The organization's tests measure how well security vendors can detect and respond to threats and offers an independent metric for customers and security leaders to understand how well vendors perform on a variety of tasks. However, for the uninitiated, the results can be hard to decipher and contextualize properly. Unlike many benchmarks that compare participants in a competitive manner, MITRE's framework evaluates companies exclusively on how they respond to the tests. This means that customers must really know what they're looking for. A new webinar ( register here ) aims to provide some clarity on what to look for and how to interpret the results.  Cynet's new live webinar will dig a little deeper into the MITRE ATT&CK evaluation. The company's research team will break down how the evaluations work, what the results mean, an

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future
Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu

[eBook] Why Autonomous XDR Is Going to Replace NGAV/EDR

[eBook] Why Autonomous XDR Is Going to Replace NGAV/EDR
Apr 20, 2021
For most organizations today, endpoint protection is the primary security concern. This is not unreasonable – endpoints tend to be the weakest points in an environment – but it also misses the forest for the trees. As threat surfaces expand, security professionals are harder pressed to detect threats that target other parts of an environment and can easily miss a real vulnerability by focusing too hard on endpoints. This is why pairing tools such as next-generation antivirus (NGAV) and endpoint detection and response (EDR) has become a popular, if flawed, choice. Fortunately, newer technologies and security methods offer much greater prevention and detection capabilities. This is the key argument of a new eBook ( download here ) offered by XDR provider Cynet. The eBook, titled  Why Autonomous XDR is Going to Replace NGAV/EDR,  starts with a look at how NGAV and EDR tools can defend an organization with the "assume breach" mentality – expecting a breach to occur and protecting endpoi

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business
Apr 09, 2021
For organizations that deal with the defense infrastructure – cybersecurity is more than just a buzzword. Recently the US Department of Defense (DoD) created a new certification process – the Cybersecurity Maturity Model Certificate (CMMC) – to ensure that all its vendors and contractors follow established best cybersecurity practices. For organizations that work along the DoD supply chain, this means adhering to a strict regulatory framework, which can be quite complex. For one, must ensure that cybersecurity processes and practices are aligned with the type and sensitivity of the information that needs to be protected. Even though the model is tiered (from "basic cybersecurity hygiene" to "advanced"), organizations will expend a significant effort to ensure they align with the compliance level appropriate for their contracts. This is why one XDR provider has created a new guide to demonstrate how it helps organizations achieve CMMC compliance ( download the whitepaper here ). T

Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What's Next

Decided to move on from your NGAV/EDR? A Guide for Small Security Teams to What's Next
Mar 31, 2021
You're fully aware of the need to stop threats at the front door and then hunt any that got through that first gate, so your company installed an EPP/ EDR solution. But like most companies, you've already come across its shortcoming – and these are amplified since you have a small security team. More than likely, you noticed that it has its share of detection blind spots and limitations for which you need to tack on more detection technologies.  Remediation requires manual effort, and in terms of operation, it's become too much of an investment on your already resource-constrained staff. Deployment took you ages, so you're somewhat wary of introducing new technology and going through that process again.  What should you do – fight for more resources, flight from the EDR/ EPP combo to other technological solutions, or freeze by accepting this painful situation and updating the board that your risk levels remain high?  When fight and freeze are typically the directio

[Webinar] Oy Vey, We Hired a Large, Hairy Hacker…

[Webinar] Oy Vey, We Hired a Large, Hairy Hacker…
Mar 17, 2021
It's not every day that one of the best-known independent cybersecurity individuals joins a cybersecurity company. The two are generally on opposite sides of the coin, with little crossover. After all, they're usually concerned with different parts of the cybersecurity puzzle – one providing platforms and tools to defend organizations, the other keeping them accountable and looking for blind spots in even the best security tools. That seems to be changing, however, with a recent appointment. Cynet, an Autonomous XDR provider that recently closed a Series C funding round worth $40 million, announced that it has hired Chris Roberts as their Chief Security Strategist. Roberts is world-renowned in counter-threat intelligence, as well as in vulnerability and threat research fields, thanks to decades of experience. As part of his efforts at Cynet, Roberts will be focusing his work on helping empower and connect security professionals from organizations outside of the Fortune 200

Cybersecurity Webinar — SolarWinds Sunburst: The Big Picture

Cybersecurity Webinar — SolarWinds Sunburst: The Big Picture
Mar 09, 2021
The SolarWinds Sunburst attack has been in the headlines since it was first discovered in December 2020.  As the so-called layers of the onion are peeled back, additional information regarding how the vulnerability was exploited, who was behind the attack, who is to blame for the attack, and the long-term ramifications of this type of supply chain vulnerabilities continue to be actively discussed.  Cybersecurity company Cynet is taking a needed step back to provide a full picture of the SolarWinds attack from start to finish in an upcoming webinar, " Lessons Learned from the SolarWinds SUNBURST Attack ." Information regarding many aspects of the attack has been coming out in pieces, but we haven't yet seen this type of comprehensive overview of the technical steps behind the full attack, as well as clear recommendations for protecting against similar future attacks. And this is precisely what's needed so security professionals can gain insights on the attack tact

Managed Service Provider? Watch This Video to Learn about Autonomous XDR

Managed Service Provider? Watch This Video to Learn about Autonomous XDR
Feb 16, 2021
As managed security service providers, you're always on the lookout for new platforms. One that can generate further business, enables you to scale easily without investing in more human resources and provides that value immediately. In the meanwhile, your clients are constantly demanding more security for a lesser cost. Cynet recently published an 8-min video detailing their platform, the Cynet 360 Autonomous XDR Platform. In their video, Cynet specifically focuses on managed service partners, showing the security and business benefits that the platform provides. The video shows the "partner view" of the system and demonstrates how the platform is used to manage multiple clients. Learn more about the Cynet 360 platform for Managed Service Providers  here . Cynet 360 natively combines several security components to reduce your operational costs. First, an XDR - Extended Detection and Response, which is a consolidated pre-integrated platform of multiple security sol

Guide: How Security Consolidation Helps Small Cybersecurity Teams

Guide: How Security Consolidation Helps Small Cybersecurity Teams
Feb 03, 2021
The dynamic nature of cybersecurity, the changes in the threat landscape, and the expansion of the attack surface lead organizations to add more security solutions—from different vendors—creating a layered security infrastructure that introduces new challenges to any team, with a much more significant impact on small ones. And yet, sophisticated attacks continue to bypass these advanced security layers while FOMO (fear of missing out) compels security teams to evaluate every new solution that comes out. A new guide, "How Security Consolidation Helps Small Security Teams" ( download here ), reviews the challenges of a layered, multi-vendor security approach for protecting your internal environment and reveals why the concept of consolidation of security solutions is becoming the go-to security approach of many CISOs with small teams. Having a single consolidated solution for protecting your internal environment can free up much of your small team's time and reduce your

LIVE Webinar: Major Lessons to be Learned from Top Cyber Attacks in 2020

LIVE Webinar: Major Lessons to be Learned from Top Cyber Attacks in 2020
Feb 01, 2021
We likely all agree that 2020 was a year we won't soon forget - for many reasons. One area particularly impacted last year was (and continues to be) cybersecurity.  While Internet access allowed many businesses to continue functioning during the COVID-19 stay at home requirements, the unprecedented number of people accessing company assets remotely introduced many new challenges for cybersecurity professionals. With a history of leveraging societal maladies to their advantage, cyber criminals leverage the confusion and unpreparedness created by the global pandemic in their cyber attacks.  In just the last two months of 2020, several high-profile organizations and government entities were successfully attacked using clever approaches that were overlooked by cybersecurity experts. Making sense of how attacks have changed and what new defensive strategies should be taken is no easy task. Cybersecurity company Cynet will help by reviewing the 2020 high profile attacks in depth and

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team

Buyer's Guide for Securing Internal Environment with a Small Cybersecurity Team
Jan 13, 2021
Ensuring the cybersecurity of your internal environment when you have a small security team is challenging. If you want to maintain the highest security level with a small team, your strategy has to be 'do more with less,' and with the right technology, you can leverage your team and protect your internal environment from breaches. The " buyer's guide for securing the internal environment with a small cybersecurity team ," includes a checklist of the most important things to consider when creating or re-evaluating the cybersecurity of your internal environment to ensure your team has it all covered.  The buyer's guide is designed to help you choose the solution that will ensure you get complete visibility, accurately detect and mitigate threats, and make the most of your existing resources and skills. There are three key aspects that stand out when looking for the best way to protect your internal environment with a small team—visibility, automation, and ea

Download: How XDR Platforms Are Changing The Game For Ransomware Protection

Download: How XDR Platforms Are Changing The Game For Ransomware Protection
Dec 08, 2020
There seems to be a new ransomware story every day - a new ransomware attack, a new ransomware technique, criminals not providing encryption keys after receiving ransom payments, private data being publicly released by ransomware attackers—it never ends. Just last month, the FBI, the Department of Health and Human Services (HHS), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a report warning of an imminent threat of ransomware attacks on US hospitals and health care providers. The list of ransomware variants is long and growing, including Maze, Ragnar Locker, Netlocker, Wastedlocker, FTCode, Tycoon, TrickBot, REvil, and many more. Ransomware uses a variety of techniques to infect systems and ultimately steal and/or encrypt a company's files. Many of the techniques are known, but new, unknown techniques can arrive at any moment. SMEs Are Particularly Vulnerable A recent whitepaper about new ways XDR platform protects from ransomware [ download here ] n

Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs

Live Webinar: Reducing Complexity by Increasing Consolidation for SMEs
Nov 13, 2020
Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises (SMEs) with limited budgets and staff are significantly impacted. On average, SMEs manage more than a dozen different security tools, making it very difficult for security teams to manage and orchestrate. SMEs are, understandably, looking to consolidate their security tools to make cybersecurity more manageable and cost-effective. The challenge for these companies is to figure out how to consolidate cybersecurity tools without losing needed protections safely. An upcoming webinar is set to help SMEs with this very issue ( sign up here ). The Cybersecurity Complexity Problem Cannot Be Overemphasized Over the past decade (at least), CISOs have continuously lobbied for increased cybersecurity

Deception Technology: No Longer Only A Fortune 2000 Solution

Deception Technology: No Longer Only A Fortune 2000 Solution
Nov 05, 2020
A cyber-attacker successfully breaks into your environment and begins sneaking around to find something valuable - intellectual property, bank account credentials, company plans, whatever. The attacker makes his way to a certain host on a network node to browse the directories, and suddenly, his connection is cut off. The stolen username and password he acquired no longer works.  Unknowingly, the attacker triggered a well-concealed trap that detected his presence, took immediate action to sever his connection, and then blocked his reconnect ability. Very cool. The concept of Deception technology is pretty cool. And it can be an extremely valuable security layer that comes into play when other security layers are successfully bypassed. The problem, however, is that only very large enterprises have been able to leverage Deception technology due to its cost and complexity to implement and maintain. Unfortunately, small to medium-sized enterprises, the so-called SMEs, just don't hav

[Webinar and eBook]: Are You're Getting The Best Value From Your EDR Solution?

[Webinar and eBook]: Are You’re Getting The Best Value From Your EDR Solution?
Oct 28, 2020
Many companies rely on Endpoint Detection and Response (EDR) solutions as their primary security tool to protect their organizations against cyber threats. EDR was introduced around eight years ago, and analysts now peg the EDR market size as $1.5 to $2.0 billion in annual revenue globally, expecting it to quadruple over the next five years. The recent introduction of Extended Detection and Response (XDR) solutions, however, will certainly cut into a significant portion of that spend. A new provocative eBook: " 5 Questions to Determine: Is Your EDR Providing the Best Bang for Your Buck?"  ( Download here ) helps security executives who currently use an EDR solution determine if they're continuing to get their "bang for the buck" from their EDR provider when compared to newer, equally-priced technologies as XDR. It's also an excellent resource for companies who are in the steps of choosing an EDR solution to deploy. A live webinar around the same topic wi

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions
Oct 14, 2020
Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security solution instances across their client base. Multitenancy allows various independent instances of a solution to be managed in a single, shared environment. Cybersecurity company Cynet just published an instructive paper on the benefits along with the key considerations MSSPs should evaluate when selecting a multitenant platform ( download here ). Eliminating Information Overload with a Single Pane of Glass Many MSSPs suffer from information whiplash - jumping between screens every time a different client environment needs attention. And, effectively monitoring and responding to the torrent of se

A Handy Guide for Choosing a Managed Detection & Response (MDR) Service

A Handy Guide for Choosing a Managed Detection & Response (MDR) Service
Oct 07, 2020
Every company needs help with cybersecurity. No CISO ever said, "I have everything I need and am fully confident that our organization is fully protected against breaches." This is especially true for small and mid-sized enterprises that don't have the luxury of enormous cybersecurity budgets and a deep bench of cybersecurity experts. To address this issue, especially for small and mid-sized enterprises, we've seen a sharp rise in Managed Detection and Response (MDR) services. MDR is essentially an outsourced cybersecurity expert service that monitors a company's environment and provides an improved ability to detect, investigate, and respond to threats. Think of it as augmenting your existing staff with a group of highly skilled cybersecurity experts. MDR Services Cynet recently published a new whitepaper that reviewed all of the services provided by their MDR team, which they refer to as "CyOps" [you can download the whitepaper here] . Interestin

New Report Explains COVID-19's Impact on Cyber Security

New Report Explains COVID-19's Impact on Cyber Security
Sep 16, 2020
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible, is taken. While many have anecdotally suggested ways in which Covid-19 related cyberattacks would unfold, we have little data supporting the actual impact of Covid-19 on cybersecurity. Several have reported that the number of malicious emails with the subject related to Covid-19 has grown several hundred percent and that the majority of Covid-19 related emails are now malicious. Beyond the anticipated increase in Covid-19 related malicious emails, videos, and an array of downloadable files, which we all anticipated, what else is going on behind the scenes? Interestingly, cybersecurity
Cybersecurity Resources