Follow CyberArk on their other social channels!
About Us
Company Size:
501-1000 employees
Company Type:
60 Wells Avenue Newton, MA 02459 United States
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against c ...
Read more
Promoted Content
An Attacker's Point of View: The Allure of Privileged Credentials Used by Applications
New Wave of Ransomware Could Put Utilities at Risk
The stakes for protecting against ransomware are about to get higher as malicious tools evolve to target Industrial Control Systems (ICS) and threaten critical infrastructure. Researchers have demonstrated proof-of-concept ransomware attacks against programmable logic controllers (PLC) used in many operational environments, including utilities. Unlike attacks against corporate networks, which can result in expenses and revenue loss, ICS attacks could shut down critical operational systems, damag ...
7 Practices that Make Your Organization Vulnerable to Cyber Attacks
Today I read “How you can be the smartest cybersecurity expert in the room” on The author notes, “many CIOs and senior IT leaders are almost clueless about where to focus and how to start building next-gen security functions.” He references 20 CIS Critical Security Controls presented by the SANS Institute that organizations can implement to dramatically reduce risk. He acknowledges that list is too much for most busy IT teams, so he directs readers to focus on th ...
Your Greatest Threat Might Already Be Inside Your Network
Insider activity—both malicious and simple error—accounts for a growing share of data breaches. Statistics are difficult to come by because requirements for reporting security incidents are not consistent across sectors. But some studies show they account for more than half of those breaches analyzed. According to the Protenus Breach Barometer for February, a monthly analysis of reported breaches in the healthcare industry, 58 percent were related to insiders. This was divided about ...
Lateral movement exploits related to gaps in Credential Guard
Important research from CyberArk Labs recently demonstrated that while Credential Guard in Microsoft Windows 10 limits certain types of credential theft, it has gaps that still allow attackers to achieve lateral movement, privilege escalation and – ultimately – full domain compromise. This blog outlines step-by-step how attackers can steal and re-use domain-level service credentials, despite Credential Guard being enabled.  
Securing Assets and Applications in the Cloud
In our recent blog, Cloud Security: Who is Responsible for What?, we focused on the idea of shared responsibility in cloud environments; with IaaS/PaaS, the customer is responsible for everything above the hypervisor, while the cloud vendor takes responsibility for the infrastructure itself. We also addressed how the public cloud vendors’ management consoles are a key weak point and consequently an attractive target for an attacker, often via a phishing attempt. As such, it’s importa ...
SWIFT Security Concerns Resurface
The Bangladesh Bank heist has resurfaced as reports around a potential perpetrator make headlines. The recent focus may be on who and why, but lessons should be learned from what happened – it’s important to recognize common attack patterns and understand the role of privileged accounts. As a recap: last year, cyber criminals embezzled money from the Bangladesh Central Bank. Using stolen privileged credentials, they moved laterally throughout the environment until they reached SWIFT, ...
Hunting Privileged Account Vulnerabilities with CyberArk Discovery & Audit (DNA)
It’s widely understood that cyber intruders and internal threat actors seek and exploit privileged accounts to help them achieve their goals. Security experts advise organizations to know what’s on their networks and know it better than any potential adversary. But discovering and locking down all of the privileged accounts within your enterprise is easier said than done—especially when you consider there are typically 3-4x more privileged accounts than people in the average or ...
Six Ways Attackers Try to Steal Privileged Credentials
By now, most understand that privileged accounts play a leading role in the cyber attack lifecycle and also in advanced cyber attacks. Privileged accounts can access the most sensitive data in an organization, modify or completely disable security mechanisms, and stop, start, or modify the processes, systems, and apps that the business runs on. Yet despite this knowledge, many organizations still share credentials directly with users, contractors, or third-party vendors.  They also store pa ...
The Yahoo Breach: Privileged Account Compromise Revealed
According to an article in Ars Technica, in an interview last evening, the FBI implied that the attackers who infiltrated Yahoo – including two alleged Russian FSB agents – followed a common pattern seen in many high profile cyber attacks including SWIFT and the Bangladesh Bank, the Ukraine power outage, the DNC, U.S. Office of Personnel Management (OPM) and many more. This pattern often begins with a targeted phishing attack to steal the employee’s credentials, compromise an e ...
The Top 5 Reasons to Prioritize Privilege Account Security Explained - Mar 14 2pm ET
To Improve Health IT Security, Recognize the Importance of Privilege
The increased use of electronic medical records and rapid advances in healthcare technology have made hospitals target-rich environments for hackers. Unfortunately, the maturity of hospitals’ cyber security programs often are years behind that of other technology-dependent sectors, such as financial services. It’s no surprise that cyber security was a prominent topic at this year’s HIMSS conference. In our conversations with industry professionals, we hear a widespread concern ...
Don't miss our webinar tomorrow - Securing Privilege on the Endpoint. Please join us 11am EST, copy this link to your browser:

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar
Cybrary works best if you switch to our Android-friendly app

We recommend always using caution when following any link

Are you sure you want to continue?