Stay up to date on cybersecurity

People often wonder whether SSH uses SSL/TLS for traffic encryption. The short answer is NO, even though both protocols have much in common, under the hood SSH has its own transport protocol, independent from SSL. Both of them were created to secure and encrypt traffic between clients and servers (SSL for website traffic, SSH for […]
Tagged under: , ,
Penetration tests and red team exercises are, in many ways, two sides of the same coin. Both have similar objectives, and both share some commonalities in terms of how those objectives are achieved. However, they are not interchangeable — and organizations may find one approach better suits their needs, depending on a few variables. To illuminate the […]
If you’re a cybersecurity pro, they are the last three letters you want to hear: G-A-P. And it has nothing to do with your jeans. We’re talking about security gaps, which are an unfortunate fact of life and certain to remain so — at least until humans are entirely replaced by AI. People are fallible, which […]
Júntese a XM Cyber en nuestra presentación sobre la simulación de brechas y ataques (beach and attack simulation) para el mercado chileno de ciberseguridad, que será realizada en línea el 18 de noviembre, a las 10:00h (horario local). Con el apoyo de nuestro socio chileno, OZNet, nuestra charla intitulada Equipo Púrpura: El Futuro de los […]
What is a Cyber Supply Chain Attack? A supply chain attack, which is also called a value-chain or third-party attack, occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data. Supply Chain Connections Suppliers commonly have access to their customer’s networks to simplify the supply chain. […]
XM Cyber participó de la Tactical Edge LATAM 2020, una cumbre virtual con casi 2,000 asistentes de Latinoamérica acerca del mercado colombiano de ciberseguridad, realizada en línea del 22 al 25 de septiembre. Con el apoyo de nuestro socio colombiano, ARTSEC, nuestra presentación intitulada “Equipo Púrpura: El Futuro de los Incidentes de Ciberseguridad; la Convergencia […]
Digital Transformation: Enabling Your Defenders to See Like Their Attackers
Digital transformation is a phrase that gets bandied about often enough to almost qualify for the “buzzword” category. Yet scratch below the surface and you’ll see a weighty concept that articulates one of the most urgent challenges today’s organizations face. Namely, how to keep pace and evolve in a world that is digitalizing at breakneck […]
Tagged under: ,
Privilege Escalation and Lateral Movement on Azure
Overview XM Cyber features integrated support for Microsoft Azure. This support addresses attack techniques from on-premises environments to Azure cloud environments and vice versa. In this blog, we will show some techniques for how a red team can gain a foothold in an Azure environment. In addition, we will explore ways in which attackers escalate […]
XM Cyber welcomes you to the IT Security Insights 2020 event on October 13. Due the COVID-19 pandemic, the event’s fourth annual edition will be partly online and partly hosted in Stockholm, where participants can attend the conference in person. “Come meet us and learn more about our attack simulation platform that helps protect an organization’s […]
The modern cybersecurity battleground is delivering a new level of challenges for commercial enterprises and governmental institutions. Both entities are discovering the process of protecting and securing their most critical assets has become more difficult and complex. This translates to higher financial costs, greater risk from serious national security threats and even the specter of […]
Tagged under: