IT and Security – A Love Story
Batya Steinherz | Blog

10 Tips to Get Security and IT on the Same Page  The Montagues and the Capulets. The Sharks and the Jets. Security and IT….

CVE-2023-23397 – Outlook vulnerability
Zur Ulianitzky & David Azria & Bill Ben Haim | Blog

On March 14, Microsoft released the regular Patch tuesday. During this patch Tuesday, Microsoft released 74 new patches addressing CVEs within Microsoft products. Exploiting…

CVE 2023-21716- Microsoft Word RCE
Zur Ulianitzky & David Azria & Bill Ben Haim | Blog

Overview On March 5, a security researcher named Joshua J.Drake shared details about CVE-2023-21716, a Microsoft Word vulnerability that was patched during February 2023…

Identity-based Exposures – 4 Ways to Prevent Them
Karin Feldman | Blog

Weak credentials and overly permissive privileges get leveraged in attacks all the time. Here’s what to do about it. Today, one of the most…

Continuous Compliance:

Where Security’s Rubber Meets Compliance’s Road

Shimon Becker | Blog

How compliance can strengthen security and security can strengthen compliance Compliance and security, though not at all the same, are actually two sides of…

How Financial Services Institutions Are Tackling Continuous Exposure Management
Ian Gallagher | Blog

Leading Financial Services institutions are proactively identifying their most high-risk exposures with an Exposure Management platform. This post recounts 4 times they uncovered attack…

From Our Experts: 14 Tips to Reduce Your Exposure to Ransomware
Batya Steinherz | Blog

At XM Cyber, we’re all about reducing your cyber exposures to protect your attack surface. There are quite obviously loads of methods attackers leverage…

Attack Surface Reduction: 7 Expert Tips to Defend Your Organization
Batya Steinherz | Blog

Back in the day, networks used to be likened to castles – with strong, impenetrable walls and entrance strictly limited to authorized users through…

Extracting Encrypted Credentials from Common Tools
Zur Ulianitzky and David Azria | Blog

Overview During our day to day research, we face the question of what can be extracted from a  compromised machine in order to move…

CVE-2022-42475 – Critical RCE Fortinet Vulnerability 
David Azria & Zur Ulianitzky | Blog

On December 12th, Fortinet, one of the foremost players in the firewall, AV, intrusion prevention systems, and endpoint security ecosystem, announced the discovery of…

2023: Time to Secure Active Directory and Azure AD
Menachem Shafran | Blog

Four key action items to harden AD and Azure AD in 2023 First introduced in 1999 as Microsoft Active Directory Domain Services for Windows…

10 Cybersecurity Influencers to Follow – and Learn a Thing or Two From!
Menachem Shafran | Blog

The world of cybersecurity changes more frequently than most of us change our socks – and definitely more often than any of us change…

1 2 3 20

Stop chasing vulnerabilities,
Start unraveling your exposures

See what attackers see, so you can stop them from doing what attackers do.