News
Vendors

Cyolo launches security research team, presents critical vulnerability findings on emerging threats

August 08, 2023
Cyolo launches security research team, presents critical vulnerability findings on emerging threats

Cyolo announced Tuesday the launch of its recently formed security research team and the details surrounding its upcoming technical session at BSides Las Vegas 2023. The team empowers enterprises with proactive insights into emerging threats introducing recently uncovered critical vulnerabilities presenting security risks and compliance issues.

As the threat landscape continues to evolve, staying ahead of potential vulnerabilities is paramount. Cyolo’s recently launched security research team continuously monitors and analyzes the latest security trends, tactics, and techniques to proactively identify and mitigate potential access vulnerabilities. 

Tel Aviv, Israel-based Cyolo helps organizations in the IT and OT (operational technology) spaces to stay both secure and productive in an era of distributed workforces and unprecedented cyberthreats. Its next-generation zero-trust access solution enables users, including employees, third parties as well as remote and on-site workers, to connect to their working environments seamlessly and securely using modern identity-based access.

The new team, led by top researcher and Cyolo’s head of security research, Dor Dali, closely studies the latest attack vectors and methods to develop countermeasures and defenses that are tailored to protect customers from high-risk access breaches that could cause enormous damage.  

Remote access and high-risk access are the pillars of every organization. By joining Cyolo and researching this area, I feel that I can really make an impact and benefit the entire cybersecurity ecosystem,” Dor Dali said in a media statement. “Security research across known and emerging threats is the next step for us, we aim to contribute as much as we can to the cyber security ecosystem and help bridge the gaps in the identity and network world.”  

On the heels of Dor’s recent disclosure of a new Remote Desktop Gateway vulnerability (CVE-2023-35332) focused on the usage of an outdated and deprecated protocol, he will unveil the latest findings from the Cyolo security research team—including new critical- and high-severity vulnerabilities—in a session. 

In this technical presentation, Dor will discuss the somewhat unconventional techniques and methodologies used to uncover vulnerabilities, introduce the remote desktop protocol (RDP) and show how even one of the most used protocols in the field of RDP can be broken and exploited, and delve into how protocol specifications, open-source implementations, and other publicly accessible resources can be used to reveal hidden risks. He will also provide an overview of the vulnerabilities discovered and an in-depth analysis of the most significant ones. 

Cyolo continues to provide leaders in IT and OT security with the tools and research needed to prevent their current access nightmares, ensuring they strike the right balance between securing and enabling the business.

In February, Cyolo announced the next-generation of its partner program aimed at maximizing an organization’s cybersecurity potential for securing their applications and sensitive systems. The program will provide partners with a high profit margin through a simplified reseller structure and richer tools, including access to MSSP (managed security service provider) products to help grow and expand their business, while safeguarding their customers’ operations against any potential access breaches.

Industrial Cyber News Desk
Industrial Cyber News Desk

Related

Forescout analyzes 90,000 unknown vulnerabilities, risk blind spots that live in the wild
Forescout analyzes 90,000 unknown vulnerabilities, risk blind spots that live in the wild
Two new MITRE programs central to strengthening cyber defense work on building global cyber capacity
MITRE Federal AI Sandbox to assist with AI experimentation and prototyping capability for US government agencies
Dragos integrates with CrowdStrike Falcon next-gen SIEM for threat detection in OT networks
Dragos integrates with CrowdStrike Falcon next-gen SIEM for threat detection in OT networks
Claroty details ‘blind spot’ in traditional vulnerability management for CPS assets, debuts new solution
Claroty details ‘blind spot’ in traditional vulnerability management for CPS assets, debuts new solution
eurotech
Eurotech unveils ReliaCOR 40-13, its ignition ready industrial PC for SCADA solutions
TXOne Networks grabs $70 million in Series B funding as global demand soars for protecting enterprise operations
TXOne Networks raises $51 million in total in Series B extension round funding
NetRise now part of DHS Continuous Diagnostics and Mitigation approved products list
NetRise boosts supply chain transparency and security with Vulnerability Exploitability eXchange (VEX)
US administration rolls out international cyberspace and digital policy strategy focused on digital solidarity
US administration rolls out international cyberspace and digital policy strategy focused on digital solidarity
DHS, CISA announce changes to Cyber Safety Review Board membership 
DHS, CISA announce changes to Cyber Safety Review Board membership 
Cybeats delivers SBOM Studio to a medical device manufacturer in a three-year contract agreement 
Cybeats debuts BCA Marketplace for simplified SBOM solutions