Stay updated with all the latest news and announcements
A side-by-side breakdown
As the greatest software rivalry of all time, emotions can run high. So we decided to create a non-partisan fact-based analysis of Android's and iOS's cybersecurity profile.read more...
Cybersecurity Trends
The recent proliferation of social media platforms have provided hackers with a treasure trove of personal data on pretty
much anyone in the world.
...
COVID-19 Update
Being secure means being prepared, so in this article we've broken down the major risks and key tips related to your cybersecurity posture under remote working conditions.
...
Executive Profile
Today we sit down with our Founder & CEO, Marc Castejon, to discuss his own professional journey, the current state of cybersecurity, and everything in between.
...
The Ponemon Institute
Every CISO faces the unique challenge of justifying a budget whose ROI is predominantly measured by what never happened.
Cybersecurity During a Global Crisis
The most vulnerable sector to cybersecurity attacks isn't Wall Street, the military, or even Silicon Valley. It's our healthcare system.
read more...
Cybersecurity Trends
The WHO has labeled COVID-19 a global pandemic, setting off a wave of sweeping measures that have impacted not
only our physical lives, but our digital lives as well.
read more...
The Ultimate Challenge
In a wave of large-scale cybersecurity breaches, many firms are looking for better strategies to manage cybersecurity risks. One highly effective exercise is the PenTest.
Cybersecurity Trends
At long last, the World Economic Forum has finally come to recognize cybersecurity as the "second most concerning risk for doing business globally over the
next 10 years," signaling a growing recognition within the business community of the importance of their CISOs and the challenges they face.
read more...
It's official
Airports are (in)famous for their lengthy physical security checks, but how do they rank in terms of cybersecurity? A team of security researchers recently set out
to find out once and for all by assessing the current state of cybersecurity at the world's 100 largest airports. Here's what they found: read more...
A Guide to Ransomware Payments
It's no secret that 2019 was in many ways the Year of Data Breaches. While many cybercriminals steal data in order to mount further attacks or to sell it on the Dark Web, ransomware
attackers are unique in that they make a simple offer: pay a ransom and everything will go back to normal.
read more...
Four Lessons from FIC 2020
The theme of FIC 2020 was Putting Humans at the Heart of Cybersecurity, so it's no surprise that social hacking
remained a hot button topic throughout the three-day conference. read more...
Cybersecurity Trends
The World Economic Forum just released their 2020 Global Risk Report, a compilation of research conducted by global risk consultants and financial analysts
defining the major business risks facing the markets in both the short and long term. read more...
Cybersecurity Trends
While encryption technologies, systems, and standards have become incredibly secure over the past decade, it has become increasingly clear that the the largest cybersecurity threat to nearly any organization is its people. ...
Cybersecurity for IoT
You know that you've done something truly wrong when your cybersecurity scandal makes this year's mega-breaches (affecting everyone from Facebook to Equifax) seem
quaint.
read more...
Happy New Year's
As 2019 winds down, we've decided to dig through the Silent Breach archives and review the numerous challenges, lessons, and solutions that this year has presented.
What we've come up with is a list of the top five cybersecurity resolutions to make 2020 a cyber-success!
...
From Caesar to Honeypots
90% of the world's data was generated in the last two years. To keep pace with this massive proliferation of data creation and transmission, cryptographers have
been working overtime to engineer increasingly complex encryption techniques.
The Cybersecurity Mindset
Myth 1: Everyone is accountable for cybersecurity.
We often hear things like "Everyone is accountable for security." This is false. While everyone is responsible
for cyber security, only a select few are ultimately accountable.
read more...
Expect the unexpected
What is a business continuity plan?
Although Business Continuity Plans should be specially tailored (in consultation with your cybersecurity partner) to your organization's needs and abilities, most IT BCPs should include the following 3 sections:
...
Are our governments prepared?
The State of Mississippi completed its first governmentwide cybersecurity audit this month. The results were less than encouraging.
read more...
Can they work together?
In the wave of large-scale cybersecurity breaches sweeping the country, there is one sector which is barely reported on, and yet represents possibly the most
pressing technological threat to human life.
...
The California Consumer Protection Act
The California Consumer Protection Act (CCPA) is designed to enhance data privacy rights and consumer protections for the
citizens of California and comes into effect on January 1, 2020. Although it's been over 2 years since the bill has been
ratified, many companies are still not sure if and how they will be affected.
3 Takeaways from the Ecuador Breach
Earlier this week, residents of Ecuador woke up to the news that much of their personal data, including banking details, employment information, and identification
numbers, had been made publicly available by a small online consulting firm.
What Facebook keeps getting wrong
Yet another 419 million Facebook accounts have been breached. Add this to the 100s of millions already compromised in the Cambridge Analytica, UpGuard, and 'View As' scandals, and the question becomes: can Facebook ever be secure?
Continuous Monitoring
Here's a fact: On average, it takes companies nearly half a year to identify a cyber security breach.
Here's another fact: Research shows that breaches that take over 30 days to contain cost an average of $1 million more than those contained within the first month.
...
Lessons from Black Hat 2019 and Def Con 27
Riddle: What do Marriott, Equifax, and Capital One all have in common?
Answer: They've each been the victim of a data breach compromising 100 million+ users each; all in the past 12 months.
read more...
What is DevSecOps and how can you benefit from it
Over the last several years, DevOps has dramatically transformed the way in which software is designed, developed, and delivered.
...
5 Important Steps to Help Your Business Respond Quickly and Safely
Unfortunately, successful cyberattacks are growing far too common. A 2018 study found that nearly 70% of SMBs have experienced a cyberattack in the past year, yet an astounding 47% of respondents said they "have no understanding" of how to protect themselves ...
A CISO Playbook for Engaging C-suite Executives
It has become somewhat cliché to say that cybersecurity is no longer exclusively an IT job, but needs to be a company-wide effort. But the reality is that CISOs are both the newest C-level executives and the least understood. According to ...
Cybersecurity Trends
According to recent reports, Managed Security Service expenditures are set to double to nearly $50 billion by 2023.
...
3 Takeaways from Tim Cook's Stanford Graduation Speech
In his now (in)famous speech, Tim Cook used the Stanford graduation ceremony last weekend to warn the young grads (and the world) about his concerns regarding the direction tech firms have been taking. While hailing the industry for its successes - from HP to the iPhone - Cook pulled no punches when discussing the chaos that they've created. Here are 3 takeaways from Cook's remarks:
...
How cybersecurity is changing the way we value financial assets
With seemingly daily reports of massive data breaches, cybersecurity remains one of the highest risks facing firms and their clients. But none of this is news. Instead, in this article I'll be taking a close-up look at some of the quantifiable effects that security breaches have had on asset market values. Here's a roundup of some of the more infamous cases in recent news:
...
Where Y Combinator Went Wrong
In 2016, a young sales intelligence firm, Apollo, emerged from Y Combinator against a backdrop of flashy PR and projected growth. Reveling in their nascent celebrity, Apollo went so far as to boast on their homepage that "no one ever drowned from revenue." But it was not revenue that they drowned in when, late last summer, Apollo's databases were hacked, releasing 212 million contact listings, con...
Cybersecurity for Web Design Agencies
By now we've all heard the news. Car rental behemoth, Hertz, is suing Accenture for $32 million for their failure to deliver "viable web and mobile applications". In fact, Hertz claims that the project needed to be "scrapped" entirely due to "serious security vulnerabilities and performance p...
What to look out for
If you've ever been in a meeting at a startup when the topic of cybersecurity came up, then you've probably seen the barely concealed eye-rolls, feigned attention, and predictable inaction. The reason for this is often simple: startups just don't see themselves as viable targets and are already under immense financial strain. Far more focused on "lean" development, marketing and financials, startu...
Get prepared
According to a recent World Economic Forum report, business executives in both North America and APAC consider cyber-attacks to be the number one risk of doing business, outranking terror attacks and asset bubbles. To prepare, here are our projected Top 5 Cyber-Attack Ve...
Top 5 tips to help you find the firm that will serve you best
With the cost of cybercrime set to top $5 trillion over the next five years, an incredible number of cybersecurity firms have been founded in the last few years. So, how do you sift through these countless listings and pick out the perf...
Interview with Bill Aulet, MIT's Director of Entrepreneurship
Bill Aulet is an entrepreneur, educator, speaker, and author of the best-selling Disciplined Entrepreneurship. Since 2009, he has served as the managing director of the Martin Trust Center for MIT Entrepreneurship as well as a senior lecturer at the MIT Sloan School of Management. ...
Silent Breach article in Silicon Luxembourg
Marc Castejon is the CEO and Founder of Silent Breach, a cybersecurity startup that specializes in network security and digital asset protection. With over 20 years of experience in the US retail market, Marc and his team have recently developed a software product to help retailers proactively protect their businesses. (Image Credit: Marc Castejon, CEO and Founder of Silent Breach / Image Credit ...
Happy new year from us to you
There is no doubt that 2018 has been a bad year for cyber security. With the massive Facebook breach resulting in the exposure of 50 million accounts, Quora's 100s of millions...
Retail Sector
Silent Breach is very honored to be part of the top 10 cyber security solutions for 2018 in the retail sector. The original article is available here: https://retail-security.retailciooutlook.com/vendors/top-retail-security-solution-providers-2018.html Solution described in this ar...
Silent Breach nominated again as best solution provider
Silent Breach is honored to be certified as "20 Best Security Solution Providers of 2018" by Industry Era Magazine The original article is available here: https://www.industry-era.com/vendor-2018-security-Continuous-Protection.php Solution described in this article: read more...
Nominated cyber security solution
Retail CIO Outlook magazine has published a great article on Silent Breach Read the full article here....
Top 5 tips from pentesters
The recent explosion of webapps has led to a dramatic rise in cyber attacks specifically targeting vulnerabilities in web applications. Three quarters of the web applications tested by Silent Breach presented high or critical vulnerabilities that could have led to a data breach, or even total compromise of the website: Fortunately, the ...
Silent Breach provides cyber security training
Silent Breach training expert Hristiyan Lazarov representing the Luxembourg House of Training in Pristina, Kosovo gave a lecture on "Cyber and Information Security Management" to the Kosovo Banking Association. This 3 day training session gave the assosiation an overview of the most common cyber security tactics used in the finance industry today, as well as an insight into trends in the security ...
Silent Breach announcement
Silent Breach releases its new solution for Continuous Monitoring & Breach Response for the Retail sector.
...
AT&T Bug Bounty Program
The Silent Breach cyber security research team has reached the top 25 AT&T bug hunters for Q2 2018:
AT&T Hall of Fame available here: https://bugbounty.att.com/hof.php, for more information on Silent Breach...
Intel vulnerability: self XSS attack
Silent Breach uncovered a vulnerability on Intel's server, which has been addressed by their internal security team. This self XSS attack allowed hackers to gather information on a user that could be used in social engineering attacks. Here's a screenshot below:
...
Expanding operations in Asia
Silent Breach is expanding its footprint in Asia-Pacific by opening an office in the SUNTEC Tower one, downtown Singapore. Press release available here....
XSS found on iTunes servers
Apple Inc. just confirmed patching their servers for a cross scripting issue (XSS) reported by Silent Breach Inc. in July 2017. Following Apple's instructions, Silent Breach has wait...
Are you ready for GDPR?
The European Parliament adopted The General Data Protection Regulation GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU ...
Happy new year 2018!
There is no doubt that 2017 has been a bad year for cyber security, with the Equifax breach, Wannacry ransomeware, Russian social media manipulation, etc... But to get you ready for 2018, here's our top 8 cyber-security recommendations to survive through this new year:
...
New vulnerability uncovered
Another breach found by our research lab, on the emby MediaServer 3.2.5 (Stored XSS)
Exploit Title : Emby MediaServer 3.2.5 -...
New vulnerability uncovered
Silent Breach finds a vulnerability with the online Wikipedia web site and in its free open source MediaWiki platform:
This vulnerability allows an attacker to gather information on the target (Wikipedia.org) and more easily narrow down potential breaches in the modules used by this web site. This kind of vulnerability is commonly referred to as Information Exposure Through Sent Data ...
Full comission positions
Silent Breach is recruiting full commission regional sales managers, in the retail, automotive and IoT industry. Please send CV/resumes to jobs@silentbreach.com for immediate consideration!...
Multiple Vulnerabilities uncovered
Another 0-day uncovered by our labs, Itech B2B Script 4.29 - Multiple Vulnerabilities
More details available here: https://vuldb.com/?id.96253....
Spread the word
For a limited amount of time, https://silentbreach.com/ is offering a $1500 referral fee for any penetration test mission or source code review mission that leads to a contract. Offer ends 2/28/17, 3 day contract minimum, spread the word!
...
New vulnerabiltiy found
Silent Breach uncovers another 0-day breach as reported by the exploitdb web site:
https://vuldb.com/?id.96256...
Silent Breach offering FREE services
Silent Breach is now offering FREE remote vulnerability scans for your domain or network, come and get some @ https://lnkd.in/gJhHsrs
...
announcement
Silent Breach in the press
Silent Breach Nominations
Silent Breach Nominations
Silent Breach in the press
© Copyright Silent Breach. All Rights Reserved.