Paul Kubler is currently the Head of the Red Team at CYRBI, a pen test focused cybersecurity firm utilizing only highly certified US-based talent. He has conducted a large number of red team and pen testing engagements in industries of all verticals and sizes. Formerly he was also a digital forensic and incident response expert, where he handled large breaches and dealt with advanced malware.
A frequent occurrence in the cybersecurity world is having to scramble at the end of the year, between holidays, to get the compliance required pen test done. After all, it was probably conducted at the same time last year for the same reasons. This leads to an already overburdened staff dealing with the common holiday … Read more
Ransomware continues to be a major problem for organizations and costs them a significant amount of money and time to remediate. Even if a company has the best external IT security in place, a single email attachment can lead to a breach. More and more organizations are learning from this and testing their environment by … Read more
Breach and Attack Simulation (BAS) is a new component of a proactive cybersecurity program. The simulation is designed to continuously assess your security controls based on configuration, scanning, and testing leveraging more automation than a traditional pentest. BAS, as it is known, is designed to enhance a regular vulnerability scanning program and consolidate the view … Read more
Pentesting is an ever-evolving field, just like all fields in technology. Traditional pentesting revolved around networks and endpoints, the old basis for technology infrastructure in a company. Now, as COVID-19 pushed technology to change even faster in many companies, pentesting must adapt. In the last few years, cloud, mobile, and application pentesting have begun to … Read more
The dark web has been sensationalized in the news, movies, and on television dramas. The dark web, and the less commonly discussed deep web, make up a part of the internet that is not accessible via search engines, like Google or Bing. This part of the internet dates to the 1990s when lists of sites … Read more
Native-language tools and exploits have recently started gaining momentum in the ever-growing sphere of multinational cybercrime, as hackers develop tools in their own language. It’s common knowledge that much of the malware discovered today has been written by foreign language-speaking authors. In a speech to the Australian National Press Club two years ago, Eugene Kaspersky … Read more
