Book a meeting

CyberProof Acquires Interpres Security

A Gartner distinguished vendor in Continuous Threat Exposure Management (CTEM) and Automated Security Control Assessments (ASCA).

Read More
 CyberProof, a UST company, and Interpres logos on a black background, showcasing their strength in cyber security.

SecOps & Risk mitigation

Tailored threat intelligence

CyberProof uses OSINT and threat intelligence feeds for visibility into threats.

Use case management

CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.

Advanced threat hunting & security operations

Professionals manage sophisticated networks, leveraging experience to counter advanced threats.

Advanced threat hunting

Professionals manage sophisticated networks, leveraging experience to counter advanced threats.

Incident response retainer

24/7 global SOC support ensures incident response with guaranteed SLA.

Incident response retainer

24/7 global SOC support ensures incident response with guaranteed SLA.

Data security

CyberProof develops recovery plans, restoring capabilities after a cyber incident.

Asset management and classification

Classify and manage enterprise assets, understanding risks and data sensitivity.

Manual & automated penetration testing

Non-destructive tests uncover potential exploits in assets and applications.

Security awareness & training

Mitigate security issues early with CyberProof’s training and awareness programs.

Application security (AppSec)

Rigorous security assessment for on-premise and cloud applications to ensure protection.

Identity & access management (IAM)

IAM manages user access, monitors for anomalies, ensuring security.

Cloud security posture management (CSPM)

Cloud First approach ensures compliance and security within cloud environments.

Security platform management

Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.

Vulnerability management (VM)

Identify, assess, and mitigate security vulnerabilities through regular scanning.

Partners

HyperScaler Cloud Native SIEM
SIEM Platforms
EDR
VM
IT/IOT
Threat Intel
Breach & Attack
See all partners

“Today I have complete visibility into the entire environment, in real time”

Jamil Farshchi | Equifax CISO

Watch Video Testimonial

CyberProof Acquires Interpres Security

By leveraging and integrating the Interpres Security CTEM solution into its security services portfolio, CyberProof is able to continuously identify, assess, and prioritize risk while adapting defense services, like MDR, Vulnerability management and Use case management to address ever evolving threats. Take proactive steps to fortify your security today!

Schedule Assessment

Start the journey today

Book a meeting

Case Studies

Retail
Retail

Retail Company Reduces Data Costs by 85% with SIEM Transformation

The client is a leading retailer with over 1,000 stores across the United States and Canada. They offer a wide range of products and services to both consumers and businesses. To streamline their security infrastructure, the company decided to consolidate under a single, trusted cloud vendor. As an existing Microsoft 365 user, they embraced Microsoft’s comprehensive security suite, aligning their security approach with the industry’s best cloud security solutions. 
Read more
Banking
Banking

90% increase in visibility after deploying Microsoft XDR with CyberProof

CyberProof worked together with Microsoft to provision and deploy the Microsoft XDR capability and integrate it with the client’s current Managed Detection & Response (MDR) service with CyberProof. This was done by leveraging the CyberProof Defense Center (CDC) platform, which supports collaborative, real-time security operations for all stakeholders through orchestration and smart automation.
Read more
Financial Services
Financial Services

Enterprise saves millions on data ingestion & storage following cloud migration.

CyberProof’s deployment for this client includes one of the first commercial deployments of the Microsoft Sentinel cloud SIEM solution, helping dramatically reduce the cost of log ingestion and storage as the client migrated to cloud-native security operations, leveraging Azure Data Explorer (ADX) together with the CyberProof Log Collection (CLC) tool.
Read more
Insurance
Insurance

SOC unification streamlines enterprise insurance company’s security & network monitoring operations.

The client is a large insurance carrier with offices in multiple locations. The client initially turned to CyberProof after having issues with their previous service vendor, who was providing security alerts but conducting no real triage.
Read more
Healthcare: Pharmaceuticals
Healthcare: Pharmaceuticals

Global medical devices company gains visibility and meets stringent compliance standards across global geos

The client is a leading European-based, global pharmaceutical company that offers advanced tests and systems for disease diagnosis, monitoring, and treatment guidance. Operating in over 100 countries with over 40,000 employees, they serve millions of customers worldwide in numerous research and production facilities.
Read more
Healthcare: Pharmaceuticals Dental
Healthcare: Pharmaceuticals Dental

Pharmaceutical organization significantly enhances threat detection and response times

The customer decided to enhance their cybersecurity capabilities by partnering with CyberProof, focusing on comprehensive and proactive protection measures. CyberProof’s deployment for this customer included a full suite of managed cybersecurity services tailored to meet their specific needs.
Read more
All case studies

Threat Alerts

Filter by topic
No results found
All
Threat Advisory
Vulnerability
Malware
Trends
Ransomware
Threat Analysis
Filter by date
All
This week(7)
Last week(5)
This month(14)
Last month(21)
This year(14)
Date range
(663)
Explore all

Microsoft 365 Under Attack with Sophisticated AiTM Phishing Kits

20-Jan-2025
Label: Malware
Threat Level: Medium

Lately, a novel Adversary-in-the-Middle (AiTM) phishing kit named “Sneaky 2FA” emerged, targeting Microsoft 365 accounts through phishing-as-a-service (PhaaS) operations. Distributed by the “Sneaky Log” service on Telegram, this kit employs sophisticated methods to bypass multi-factor authentication (MFA), leveraging compromised infrastructure and customized phishing pages. Its rapid adoption by cybercriminals highlights the evolving threat landscape, where attackers increasingly seek advanced, cost-effective tools to conduct credential theft and Business Email Compromise (BEC) attacks.

The Sneaky 2FA phishing kit automates the harvesting of credentials and session cookies through phishing pages that mimic Microsoft login portals. Using URL parameters, these pages autofill victims’ email addresses, streamlining the attack process. Anti-bot measures like Cloudflare Turnstile and obfuscated HTML and JavaScript code ensure evasion from security scans and analysis tools.

Upon luring a victim to interact with the phishing page, the credentials and MFA details are forwarded to the attacker’s server, which authenticates with Microsoft 365 APIs directly. This process mimics legitimate user activity but introduces anomalies, such as inconsistent User-Agent strings, which can be leveraged for detection.

Operated via Telegram, Sneaky Log offers a subscription-based model, granting customers access to the phishing kit and support through automated bots. It integrates cryptocurrency-based payment systems with obfuscation techniques, complicating transaction tracking. By adopting methods from older phishing kits like W3LL OV6, Sneaky 2FA represents a blend of innovation and code reuse. Its moderate but growing adoption underscores the need for vigilant monitoring of AiTM phishing kits, as attackers exploit these tools to bypass MFA protections and compromise sensitive accounts.

A Sophisticated Campaign Targeting Management Interfaces on Fortinet, Fortigate Products

20-Jan-2025
Label: Vulnerability
Threat Level: Medium

A sophisticated cyber campaign has been detected, targeting Fortinet FortiGate firewall devices, posing a security threat. By exploiting vulnerabilities to access the firewalls’ management interfaces, the attackers were able to make unauthorized configuration changes and exfiltrate credentials, potentially leading to further intrusions and data breaches.

While the details of the vulnerability exploited in this campaign are not yet disclosed, the pattern of exploitation suggests the likelihood of an unknown zero-day vulnerability being abused.

The methodical of the campaign becomes apparent as it is separated into four phases. Initially, the attackers conducted scans for exploitable entry points, using jsconsole sessions from non-standard IP addresses to potentially leverage a zero-day vulnerability within a constricted timeframe.

Next, the attackers move on to the reconnaissance phase, modifying configurations to solidify their presence. As the campaign advanced, the attackers methodically orchestrated SSL VPN configurations, creating new pathways into the network. This is achieved through both fabricated and compromised user accounts. In addition, they established VPN tunnels from IP addresses associated with VPS hosting providers, further entrenching their access and raising the stakes of the intrusion.

Explore all

Awards

 Excellence Awards 2024 finalist banner for CyberProof, a UST company, showcasing diversity in security through Microsoft Security and the Microsoft Intelligent Security Association, with a focus on MDR and SIEM solutions.
 Forbes award
 mssp top 250 2024
 ISG Provider Lens 2024 Quadrant image showcasing Cybersecurity Solutions and Services. Managed Security Services - SOC and MDR (Midmarket). Recognized as Leader, U.S.
 ISG Provider Lens 2024 Quadrant: Cybersecurity – Solutions and Services, Strategic Security Services (Midmarket), with a focus on MSSP, Leader, U.S." proudly displayed at the top with a trophy icon in the bottom right corner.
 ISG Provider Lens 2024 Quadrant for Cybersecurity Solutions and Services highlights Technical Security Services (Midmarket), emphasizing MxDR capabilities, with a "Leader, U.S." designation and a trophy icon.
 Gold award badge for cybersecurity, highlighting "2024 Globee Awards Gold Winner" and featuring a globe design embraced by laurel branches. Celebrated in the realms of MSSP and SecOps, this accolade represents excellence in managing security operations worldwide.
 Globee Awards logo with "2024 Globee Awards Silver Winner in Cybersecurity" text below, recognizing excellence in SOC solutions.
 Microsoft Solutions Partner badge for Security, enhanced by SOC capabilities, features Cloud Security and Threat Protection.
 The Microsoft Intelligent Security Association member badge proudly displays the Microsoft Security logo along with a label certifying it as a "Microsoft Verified Managed XDR Solution," highlighting its integration with leading SIEM and MSSP technologies.
 Google Cloud Partner logo featuring a colorful cloud icon, seamlessly integrating elements of SecOps and MxDR.
 The Intertek logo, featuring a globe with a grid pattern alongside the text "ISO 27001 Certification," embodies trust and security. It integrates seamlessly with modern SecOps approaches to enhance compliance and SIEM efficiencies.
 A badge proudly displaying "SOC 2" and "A-LIGN," featuring a geometric logo above, a gradient line below, and seamlessly integrated with the latest MxDR innovations.
 AICPA SOC seal in shades of blue with text "aicpa.org/soc4so" and "SOC for Service Organizations | Service Organization," tailored for MSSP efficiency.
 Crest logo featuring icons for security, certification, and SecOps with a blue and teal color scheme.
 MSSP Alert logo with text: "The Top 250 MSPs, 2023 Edition" in red and white, celebrating excellence in the ever-evolving SecOps landscape.
 The logo for the 2023 Global InfoSec Awards winner from Cyber Defense Magazine features a circular design with text and subtly incorporates elements of SOC excellence.
 Logo of Cyper Tech Two featuring two concentric rings, symbolizing their cutting-edge SecOps solutions, with the website URL www.CyperTechTwo.com displayed below.
 Cyber Security Excellence Awards badge, labeled "Winner 2022" in the MDR category.
 Badge with text "Big Innovation 2022" surrounding a lightbulb icon, symbolizing groundbreaking ideas in fields like SecOps and MDR.
 2021 Global InfoSec Awards Winner badge from Cyber Defense Magazine for excellence in Adaptive Managed xDR.
 Cybersecurity Speakt
 Excellence Awards 2024 finalist banner for CyberProof, a UST company, showcasing diversity in security through Microsoft Security and the Microsoft Intelligent Security Association, with a focus on MDR and SIEM solutions.
 Forbes award
 mssp top 250 2024
 ISG Provider Lens 2024 Quadrant image showcasing Cybersecurity Solutions and Services. Managed Security Services - SOC and MDR (Midmarket). Recognized as Leader, U.S.
 ISG Provider Lens 2024 Quadrant: Cybersecurity – Solutions and Services, Strategic Security Services (Midmarket), with a focus on MSSP, Leader, U.S." proudly displayed at the top with a trophy icon in the bottom right corner.
 ISG Provider Lens 2024 Quadrant for Cybersecurity Solutions and Services highlights Technical Security Services (Midmarket), emphasizing MxDR capabilities, with a "Leader, U.S." designation and a trophy icon.
 Gold award badge for cybersecurity, highlighting "2024 Globee Awards Gold Winner" and featuring a globe design embraced by laurel branches. Celebrated in the realms of MSSP and SecOps, this accolade represents excellence in managing security operations worldwide.
 Globee Awards logo with "2024 Globee Awards Silver Winner in Cybersecurity" text below, recognizing excellence in SOC solutions.
 Microsoft Solutions Partner badge for Security, enhanced by SOC capabilities, features Cloud Security and Threat Protection.
 The Microsoft Intelligent Security Association member badge proudly displays the Microsoft Security logo along with a label certifying it as a "Microsoft Verified Managed XDR Solution," highlighting its integration with leading SIEM and MSSP technologies.
 Google Cloud Partner logo featuring a colorful cloud icon, seamlessly integrating elements of SecOps and MxDR.
 The Intertek logo, featuring a globe with a grid pattern alongside the text "ISO 27001 Certification," embodies trust and security. It integrates seamlessly with modern SecOps approaches to enhance compliance and SIEM efficiencies.
 A badge proudly displaying "SOC 2" and "A-LIGN," featuring a geometric logo above, a gradient line below, and seamlessly integrated with the latest MxDR innovations.
 AICPA SOC seal in shades of blue with text "aicpa.org/soc4so" and "SOC for Service Organizations | Service Organization," tailored for MSSP efficiency.
 Crest logo featuring icons for security, certification, and SecOps with a blue and teal color scheme.
 MSSP Alert logo with text: "The Top 250 MSPs, 2023 Edition" in red and white, celebrating excellence in the ever-evolving SecOps landscape.
 The logo for the 2023 Global InfoSec Awards winner from Cyber Defense Magazine features a circular design with text and subtly incorporates elements of SOC excellence.
 Logo of Cyper Tech Two featuring two concentric rings, symbolizing their cutting-edge SecOps solutions, with the website URL www.CyperTechTwo.com displayed below.
 Cyber Security Excellence Awards badge, labeled "Winner 2022" in the MDR category.
 Badge with text "Big Innovation 2022" surrounding a lightbulb icon, symbolizing groundbreaking ideas in fields like SecOps and MDR.
 2021 Global InfoSec Awards Winner badge from Cyber Defense Magazine for excellence in Adaptive Managed xDR.
 Cybersecurity Speakt
 Excellence Awards 2024 finalist banner for CyberProof, a UST company, showcasing diversity in security through Microsoft Security and the Microsoft Intelligent Security Association, with a focus on MDR and SIEM solutions.
 Forbes award
 mssp top 250 2024
 ISG Provider Lens 2024 Quadrant image showcasing Cybersecurity Solutions and Services. Managed Security Services - SOC and MDR (Midmarket). Recognized as Leader, U.S.
 ISG Provider Lens 2024 Quadrant: Cybersecurity – Solutions and Services, Strategic Security Services (Midmarket), with a focus on MSSP, Leader, U.S." proudly displayed at the top with a trophy icon in the bottom right corner.
 ISG Provider Lens 2024 Quadrant for Cybersecurity Solutions and Services highlights Technical Security Services (Midmarket), emphasizing MxDR capabilities, with a "Leader, U.S." designation and a trophy icon.
 Gold award badge for cybersecurity, highlighting "2024 Globee Awards Gold Winner" and featuring a globe design embraced by laurel branches. Celebrated in the realms of MSSP and SecOps, this accolade represents excellence in managing security operations worldwide.
 Globee Awards logo with "2024 Globee Awards Silver Winner in Cybersecurity" text below, recognizing excellence in SOC solutions.
 Microsoft Solutions Partner badge for Security, enhanced by SOC capabilities, features Cloud Security and Threat Protection.
 The Microsoft Intelligent Security Association member badge proudly displays the Microsoft Security logo along with a label certifying it as a "Microsoft Verified Managed XDR Solution," highlighting its integration with leading SIEM and MSSP technologies.
 Google Cloud Partner logo featuring a colorful cloud icon, seamlessly integrating elements of SecOps and MxDR.
 The Intertek logo, featuring a globe with a grid pattern alongside the text "ISO 27001 Certification," embodies trust and security. It integrates seamlessly with modern SecOps approaches to enhance compliance and SIEM efficiencies.
 A badge proudly displaying "SOC 2" and "A-LIGN," featuring a geometric logo above, a gradient line below, and seamlessly integrated with the latest MxDR innovations.
 AICPA SOC seal in shades of blue with text "aicpa.org/soc4so" and "SOC for Service Organizations | Service Organization," tailored for MSSP efficiency.
 Crest logo featuring icons for security, certification, and SecOps with a blue and teal color scheme.
 MSSP Alert logo with text: "The Top 250 MSPs, 2023 Edition" in red and white, celebrating excellence in the ever-evolving SecOps landscape.
 The logo for the 2023 Global InfoSec Awards winner from Cyber Defense Magazine features a circular design with text and subtly incorporates elements of SOC excellence.
 Logo of Cyper Tech Two featuring two concentric rings, symbolizing their cutting-edge SecOps solutions, with the website URL www.CyperTechTwo.com displayed below.
 Cyber Security Excellence Awards badge, labeled "Winner 2022" in the MDR category.
 Badge with text "Big Innovation 2022" surrounding a lightbulb icon, symbolizing groundbreaking ideas in fields like SecOps and MDR.
 2021 Global InfoSec Awards Winner badge from Cyber Defense Magazine for excellence in Adaptive Managed xDR.
 Cybersecurity Speakt

Resources

Explore resources

Start the journey today

Book a meeting