Blog

Cyderes: The New Powerhouse in Managed Cybersecurity

Cyderes: The New Powerhouse in Managed Cybersecurity

Cyderes: The New Powerhouse in Managed Cybersecurity Bringing Two Industry Leaders Together  Toronto (June 6th, 2022) — Robert Herjavec, star of ABC’s Emmy award-winning show Shark Tank and former CEO of #1 ranked MSSP Herjavec Group, announces Cyderes, the newly formed rebrand of Herjavec Group and Fishtech Group. Cyderes brings together two industry-leading managed service providers and creates a new... Read More
June 6, 2022
Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

No matter how many firewalls or network controls you have in place, the risk of insider threat will always be present. So it should go without saying that enterprise security programs should be built with this in mind ! In light of the ever-evolving threat landscape, the interconnectivity driven by the Internet of Things (IoT), and rising remote work scenarios,... Read More
May 19, 2022
Cyber Playbook: Ransomware and the OT Environment

Cyber Playbook: Ransomware and the OT Environment

Contributed By: Chris Thomas, Senior Security Consultant Ransomware and the OT Environment: Am I Safe? Ransomware is everywhere. It’s all over the news. It’s discussed within the cybersecurity industry at large. Unfortunately, this constant coverage is making us numb to the need to assess what our overall risks may be. This is especially worrying regarding our critical infrastructure. Do we... Read More
April 29, 2022
Cyber Playbook: An Overview of PCI Compliance in 2022

Cyber Playbook: An Overview of PCI Compliance in 2022

Contributed By: David Mundhenk, Principal Consultant, Consulting Services There's no denying it - Payment Card Industry (PCI) Compliance has risen in significance and will only continue to do so as we move forward. Being PCI compliant is essential to properly handle sensitive data including payment card data, cardholder data, and even sensitive authentication data. As we enter the second quarter... Read More
March 24, 2022
Google Cloud Security Talks – Fireside Chat Replay

Google Cloud Security Talks – Fireside Chat Replay

Google Cloud recently hosted the latest edition of their Cloud Security Talk series featuring our CEO Robert Herjavec, and Eric Foster, President of CYDERES. During these sessions, Robert and Eric participated in a fireside chat with Google Cloud's Head of Solutions Strategy Dr. Anton Chuvakin and Head of Autonomic Security Iman Ghanizada discussion why all organizations need to pursue Autonomic... Read More
March 17, 2022
Cyber CEO: How to Build Cyber Resiliency for the Evolving Threat Landscape

Cyber CEO: How to Build Cyber Resiliency for the Evolving Threat Landscape

Welcome to 2022! In last year’s Cybersecurity Conversations Report, we discussed what the massive digital transformation resulting from 2020 meant for enterprise cybersecurity. We encouraged enterprises to prepare for the post-COVID paradigm shift by prioritizing:   “COVID” Testing Your Devices   Refreshing Emergency Preparedness Plans   Reprioritizing Scanning and Testing Programs Last year I went on record predicting 2021 to... Read More
March 7, 2022
Cyber Playbook: How to Reverse an in-the-wild Log4J Java Class

Cyber Playbook: How to Reverse an in-the-wild Log4J Java Class

Contributed by Cody Craig, Cyber Investigator, CYDERES Threat actors have been observed dropping malicious Java Class files during Log4Shell exploitation. The sample reviewed in this post showed indication that it came from an attack that exploited the Log4Shell vulnerability via Apache in VMware Horizon. A deeper look into the capabilities and use of the malicious Java Class file observed is... Read More
February 28, 2022
2022 Cybersecurity Conversations Report Release

2022 Cybersecurity Conversations Report Release

The recently merged Herjavec Group and Fishtech Group have launched their annual Cybersecurity Conversations Report. This year, the report is dedicated to the conversations we recommend having with your executive teams in order to build cyber resiliency for the evolving threat landscape. If we’ve learned anything in the past two years, it’s that waiting for things to return to normal... Read More
February 22, 2022
Threat Advisory: Highly Exploitable Vulnerabilities in Samba

Threat Advisory: Highly Exploitable Vulnerabilities in Samba

Overview On January 31st, 2022, three vulnerabilities CVE-2021-44141, CVE-2022-0336, CVE-2021-44142 in Samba were publicly disclosed. Samba is a free and open-source software (FOSS) package that provides SMB/CIFS capability for Linux/Unix devices[1]. CVE-2022-0336 is a vulnerability in Samba Active Directory which allows an attacker to bypass service principal name (SPN) checking, allowing an attacker to intercept traffic and impersonate existing services[2].... Read More
February 3, 2022
Cyber Playbook: Information Technology vs Operational Technology – How to Leverage IT to Secure Your OT Systems

Cyber Playbook: Information Technology vs Operational Technology – How to Leverage IT to Secure Your OT Systems

Contributed by Chris Thomas, Senior Security Consultant, Advisory, Professional Services Information Technology (IT) primarily refers to hardware, software, and communications technologies like networking equipment and modems that are used to store, recover, transmit, manipulate, and protect data.  Operational Technology (OT), on the other hand, was born out of the need for Industrial Control Systems (ICS) to keep up with the... Read More
January 31, 2022