Blog

Latest blog post

31.07.2025

Cyber turbulence: why airlines must take cybersecurity as seriously as air safety

The aviation industry is facing an escalating wave of cyber threats that go far beyond flight delays or data leaks. Airlines are now prime targets in modern cyber warfare—critical infrastructure vulnerable to sabotage, espionage, and geopolitical disruption. The July 2025 cyberattack on Aeroflot, which destroyed 7,000 servers and halted dozens of flights, is a stark warning of what’s to come. As digital systems control everything from aircraft operations to passenger data, this article explores why the skies are no longer safe from cyber conflict—and what the industry must do to defend itself.

Keep reading

Latest event

23.07.2025

Building confidence, not just compliance: how Axinom validated their web application security

In high-trust industries, security is more than a checkbox—it’s a competitive advantage. Learn how Axinom validated the resilience of their DRM platform with NEVERHACK’s Offensive Security team, using deep manual testing to uncover what automation misses. A case study in turning compliance into confidence.

Keep reading

21.01.2025

Cybersecurity in 2025: Challenges and Strategies

Cybersecurity has become a crucial part of business strategy, determining organizations’ ability to protect their digital assets and continue operations during crises. The economic impact of cyberattacks is estimated to reach 1.5% of the global GDP, making 2025 a year of significant challenges and the need for continuous development in defense strategies. This is especially […]

Keep reading

03.06.2024

Major milestone in cybersecurity: CYBERS integrated into NEVERHACK’s ecosystem

Press release: CYBERS joins NEVERHACK SAS, a leading European cybersecurity group, to enhance its market position, expand reach, and offer added value to its clients.

Keep reading

13.05.2024

Strategic Merger Unites CYBERS and NEVERHACK: A New Dawn in cybersecurity

CYBERS and NEVERHACK Merger: A Game-Changing Alliance in cybersecurity

Keep reading

21.03.2024

Securing the future: uniting service design and cybersecurity for digital excellence

Explore the fusion of service design and cybersecurity in our latest blog post, inspired by KüberCAST’s enlightening episode with Andres Kostiv. Learn how this integration not only enhances digital service innovation but also fortifies user trust and safety in the evolving digital landscape.

Keep reading

07.03.2024

Unveiling LockBit: The Dynamics of Cybercrime and the Takedown Saga

Dive deep into the world of cybercrime with insights from Alexander Leslie of Recorded Future, exploring the LockBit ransomware’s rise and fall, the strategies behind its operation, and the collaborative efforts leading to its takedown.

Keep reading

23.02.2024

The Era of Data Security and AI: A Strategic Approach to Digital Transformation

Delve into the complexities of data security and AI, understanding how these pivotal technologies are transforming business strategies and operational efficiencies.

Keep reading

22.01.2024

How to get started with personal cyber defense?

Discover CYBERS’ blog summary of our KüberCAST episode featuring Kaspar Jüristo, offering essential tips and strategies to enhance your personal cybersecurity

Keep reading

21.12.2023

How a SOC Analyst Saves the Day: Insights into the Cybersecurity Daily Grind

Welcome to the heart of the cybersecurity world! In the latest episode of CyberCAST, Ronnie Jaanhold and Siim Pajusaar opened the door to the everyday life of a SOC (Security Operations Center) analyst. This position is an integral part of cybersecurity, but for many, the job title raises more questions than answers. This episode dives […]

Keep reading

07.12.2023

Exploring the Data Frontier: A Dive into Elastic Technology

In a recent KüberCAST episode, we delve into intriguing topics surrounding future trends and the impact of technology on our daily lives. Big data, datalakes, Elastic and how to make sence regarding the Data Universe!

Keep reading

23.11.2023

The road of security automation. Join us!

In a recent KüberCAST episode, we had the pleasure of hosting Fredrik Ødegårdstuen from Shuffler.io, a seasoned expert in security automation and SOAR (Security Orchestration, Automation, and Response). We’ll explore the security automation, and why it’s becoming an integral part of the cybersecurity landscape.

Keep reading

08.11.2023

Will Next Generation Firewalls have feelings? Injecting AI to Firewalls – monsters or angels?

In a rapidly evolving world of technology, cybersecurity is at the forefront of innovation. On a recent episode of KüberCAST, Marko Haarala from Cisco shares insights into how the future of cybersecurity is being shaped by the integration of artificial intelligence (AI) and language interfaces.

Keep reading

24.10.2023

Roles and responsibilities in information security management – the role of a CISO

The role of a CISO is not only technical but also strategic, requiring a deep understanding of the company’s risks and business processes.

Keep reading

11.10.2023

Blaming the victim is easy to occur, but the culprits are the criminals, not the victim.

Explore the critical issue of victim-blaming in cybersecurity as Jürgen Erm, CEO of Cybers, sheds light on the prevalence of cyber incidents in Estonia and the need for more open discussion. Discover why it’s essential to hold criminals accountable, not their victims. Read more in the blog post

Keep reading

09.10.2023

Navigating the Invisible Peril: Understanding and Managing Cyber Risks

Cyber risk is a paradoxical menace, lurking in the digital shadows. It lacks the tangible qualities that make other risks easily identifiable. You can’t touch it, taste it, smell it, or even see it coming until it’s too late. It thrives in the vast and intricate web of digital systems, where it can remain hidden until a breach occurs. But despite its elusive nature, it’s a risk that no business can afford to ignore.

Keep reading

26.09.2023

A Mysterious Broadcast Podcast– UVB-76

In this edition of KüberCAST, Ronnie Jaanhold and Siim Pajusaar, along with guest Andrus Aaslaid, delve deeper into this phenomenon. Tune in to the podcast and discover what lies beneath the seemingly ordinary radio station frequencies.

Keep reading

31.05.2023

We are officially ISO 27001 compliant!

In today’s world, it is not enough to claim that we know and do everything safely. Customers and business partners want proof of this statement, and now we can confirm it – we are certified according to the ISO 27001 standard.

Keep reading

02.05.2023

CYBERS & NATO CYBER DEFENSE EXCERCISE LOCKED SHIELDS

Locked Shields is the world’s largest cyber defense exercise of its kind, organized by the NATO Cooperative Cyber Defence Center of Excellence (CCDCOE). The event was held from 18 to 21 April in Tallinn and had nearly 3,000 participants. Participants included NATO member states and NATO-friendly countries (last year Georgia, this year Ukraine). The main […]

Keep reading

27.02.2023

How to quantify risk  ?

Can you smell, taste or touch risk? Most probably not. Therefore, IT Risk Expert Bo Thygesen from ACI and KüberCast hosts Siim Pajusaar and Ronnie Jaanhold will discuss how to quantify and measure risk and how to make decisions based on them. During OpSec minutes you will find out that Android TV box with preinstalled malware can be purchased on Amazon and AliExpress. During OpSec minutes you will find out why CISOs should pay more attention to brand impersonations where attacker is impersonating various elements an organization.

Keep reading

13.02.2023

Cyber threat intelligence – your headlights on the internet 

What does threat intelligence mean and is it the weather forecast for internet? What is a cyber threat intelligence (CTI)? Adrian Porcescu from Recorded Future (Director of Product Management, Threat Intelligence) will explain everything with KüberCAST hosts Ronnie Jaanhold and Siim Pajusaar.
During OpSec minutes you will find out why CISOs should pay more attention to brand impersonations where attacker is impersonating various elements an organization.

Keep reading

13.10.2022

Keys that Threaten Your Enterprise Kingdom – Microsoft Windows Domain Takeover

Red-team assessment is recommended, as this type of assessment would show the current company security posture. CYBERS provides expertise and solutions on protecting your environment against these kinds of attacks, so do not hesitate to reach us out!

Keep reading

03.03.2022

Cybersecurity as part of defense measures against modern war fighting capabilities

CYBERS in cooperation with Recorded Future will share insights on the ongoing cyber crisis which started several months before the military invasion. This article provides an overview of the current situation, as well as the recommended emergency actions that should be taken by organizations to withstand this cyber conflict.

Keep reading

20.01.2022

Testing and identifying the value of your next cybersecurity solution

The security world is changing rapidly and we are slowly reaching another huge milestone. Not a very happy one though: manual security operations are no longer sufficient. This is a little bit painful to admit but the fact remains: if you rely on the manual labour of CTOs, CISOs and their teams to react to an incident, then you are in for a very rude awakening.

Keep reading

27.12.2021

Are you at risk from the security vulnerability found in the Java-based Apache Log4j logging feature?

A security hole was discovered in the Java-based Log4j logging feature, affecting millions of businesses, government agencies, and cloud services using this popular Apache library. Are you at risk?

Keep reading

29.10.2021

What are Vulnerability Assessment, Penetration Testing and Red Teaming?

People do not understand the difference between a Red Team Assessment, a Penetration Testing, and a Vulnerability Assessment. You need to understand what are Your goals and then choose the best suitable assessment. What are differences? Let’s find out!

Keep reading

12.10.2021

API Enumeration with Kite Runner

Heavy portion of interaction with modern web applications is done through APIs. And while there existed numerous tools for conventional web application enumeration, none were designed to target APIs specifically, until Assetnote release KiteRunner.

Keep reading

05.10.2021

CYBERS brings IoT security to RigaComm IoT conference

Conclusion about Nordic-Baltic Security Summit 2021 – The No 1 cyber security event and meeting of minds for the Nordic-Baltic region.

Keep reading

04.10.2021

Conference Summary: Nordic-Baltic Security Summit 2021

Conclusion about Nordic-Baltic Security Summit 2021 – The No 1 cyber security event and meeting of minds for the Nordic-Baltic region.

Keep reading

30.09.2021

New kids on the block: Meet e-CSIRT!

eCSIRT – Emergency Computer Security Incident Response Team is a group of specialists who work on solving these types of problems. They will join forces with your organization and bring skills, knowledge, tools, and experience to the table to solve the incident.

Keep reading

12.07.2021

Server-side Request Forgery – Open door to Your internal services

Server-side request forgery aka SSRF, is a vulnerability that enables an attacker to use a vulnerable server as a proxy to make HTTP requests on behalf of the attacker. SSRF are regularly used to target internal services that are behind firewall and not exposed to the public directly.

Keep reading

07.07.2021

CYBERS partners with CrowdStrike to improve security automation

Keep reading

21.05.2021

Move great people around the Planet while keeping their data safe

It was a great pleasure to have Ronald Hindriks, Co-founder and Ops leader of Jobbatical, join me for a fireside chat about security and start-up challenges.

Keep reading

21.05.2021

Basic Log Management service – what and why?

There is a wide range of offerings in the field of SIEM’s. Most of them do not come cheap and intrest is filled with horror stories of SIEM projects started off on the wrong foot. The topic itself can be overwhelming. Which solution to choose and what to log?

Keep reading

26.02.2021

InfonetDC: Quality and compliance strategy for colocation

As the information security risks are becoming more apparent to companies, many have started dedicating more time to fighting these. But no amount of money spent on firewalls, anti-virus, cloud security etc can demonstrate this dedication to your customers.

Keep reading

22.02.2021

Our website got hacked!

We got hacked – is a sentence that a cyber security provider should not ever say to stay in business… but here is our story!

Keep reading

09.02.2021

10 Cybersecurity myths lurking in our heads

Cybersecurity-related scary stories bring out all the myths and beliefs you, as a manager, have about IT and security. We would like to address some common ones and try to dispel them for good.

Keep reading

04.01.2021

If you are using ZyXEL, better patch and pray…

If you remember Edward Snowden, then you probably may remember him revealing that Cisco and a few others were regularly putting backdoors into their routers and firewalls. Well, there is yet another firewall and infrastructure device vendor, which was discovered to do the same recently. Zyxel.

Keep reading

28.12.2020

Äripäev DDoS attack – our initial comments and tips

Earlier today, one of Estonia’s leading media portals Äripäev/Деловые ведомости (Part of Bonnier Group) got hit by a malicious DDoS (Distributed Denial of Service) attack. We have asked our colleague, Vladimir Jelov to share some insights and tips in not-so-technical terms. As of the time of writing, Cybers comments are based on publicly available information.

Keep reading

25.11.2020

MCF Group improves the data centre team’s security awareness with a dedicated cybersecurity hygiene training

The elephant in the room being Schrem’s II ruling, which effectively invalidated Privacy shield between EU and USA. That in return led to a situation where US-based companies forced to provide access to customer data even by authorities are in breach European General Data Protection Regulation (GDPR).

Keep reading

13.10.2020

Periodic password change – an extra layer of security or just a burden to your employees?

For a long time, a good password policy has had 3 key factors: strong passwords, periodic change of passwords, and activation of Multifactor Authentication. Nowadays the value of periodic password change is questionable and many organizations, like NIST and Microsoft, find this obsolete and worthless.

Keep reading

01.10.2020

10 fresh tips from Security Summit: Your Cybersecurity 2021

Following this year’s cybersecurity summit we’ve run a small poll with our speakers to squeeze a few more drops of wisdom out them. We were half-expecting everyone to be saying the same things but to our surprise, there was a huge variety of thoughts.

Keep reading

16.09.2020

How to organize a security conference in COVID times

Planning an international conference with tens of speakers and hundreds of guests is difficult. Planning one in a World with a deadly pandemic ranging outside makes it even more… challenging. Here is how it went for us and some tips along the way.

Keep reading

26.08.2020

Quick dive into the technology behind your SOC

Security Operations Centre is a great concept but also, notoriously difficult to implement. In this article we begin unwrapping the complexity of SOC, starting with technology. Spoiler: Technology is an easy step.

Keep reading

13.08.2020

10 Reasons For Taking Part In The Security Summit

It’s official: there is less than a month left until 2020 Security Summit. If you still haven’t secured your ticket – here are 10 reasons why you should. There are, of course, more than 10 but we wanted to keep the list short. Also, a gift of cyber security conference attendance is great for karma.

Keep reading

04.08.2020

How to cure your cyber security pain with a SOC?

Before we get into the nitty-gritty of considering running Security Operations Center (SOC) or sourcing one (SOCaaS) it’s important to understand why organizations may need one and why – now. Also, your CFO or whoever controls the money will raise that question before anything else.

Keep reading

09.04.2020

Cybersecurity hygiene and COVID19 consequences for your business

During the last weeks of emergency situation due to a COVID19, Estonia as well as all other counties are experiencing a significant impact on their population’s daily lifestyle, schedule, and routines.

Keep reading

Security operations

Offensive security

Security solutions

Blog

Latest blog post

Cyber turbulence: why airlines must take cybersecurity as seriously as air safety

Latest event

Building confidence, not just compliance: how Axinom validated their web application security

Cybersecurity in 2025: Challenges and Strategies

Major milestone in cybersecurity: CYBERS integrated into NEVERHACK’s ecosystem

Strategic Merger Unites CYBERS and NEVERHACK: A New Dawn in cybersecurity

Securing the future: uniting service design and cybersecurity for digital excellence

Unveiling LockBit: The Dynamics of Cybercrime and the Takedown Saga

The Era of Data Security and AI: A Strategic Approach to Digital Transformation

How to get started with personal cyber defense?

How a SOC Analyst Saves the Day: Insights into the Cybersecurity Daily Grind

Exploring the Data Frontier: A Dive into Elastic Technology

The road of security automation. Join us!

Will Next Generation Firewalls have feelings? Injecting AI to Firewalls – monsters or angels?

Roles and responsibilities in information security management – the role of a CISO

Blaming the victim is easy to occur, but the culprits are the criminals, not the victim.

Navigating the Invisible Peril: Understanding and Managing Cyber Risks

A Mysterious Broadcast Podcast– UVB-76

We are officially ISO 27001 compliant!

CYBERS & NATO CYBER DEFENSE EXCERCISE LOCKED SHIELDS

How to quantify risk ?

Cyber threat intelligence – your headlights on the internet

Keys that Threaten Your Enterprise Kingdom – Microsoft Windows Domain Takeover

Cybersecurity as part of defense measures against modern war fighting capabilities

Testing and identifying the value of your next cybersecurity solution

Are you at risk from the security vulnerability found in the Java-based Apache Log4j logging feature?

What are Vulnerability Assessment, Penetration Testing and Red Teaming?

API Enumeration with Kite Runner

CYBERS brings IoT security to RigaComm IoT conference

Conference Summary: Nordic-Baltic Security Summit 2021

New kids on the block: Meet e-CSIRT!

Server-side Request Forgery – Open door to Your internal services

CYBERS partners with CrowdStrike to improve security automation

Move great people around the Planet while keeping their data safe

Basic Log Management service – what and why?

InfonetDC: Quality and compliance strategy for colocation

Our website got hacked!

10 Cybersecurity myths lurking in our heads

If you are using ZyXEL, better patch and pray…

Äripäev DDoS attack – our initial comments and tips

MCF Group improves the data centre team’s security awareness with a dedicated cybersecurity hygiene training

Periodic password change – an extra layer of security or just a burden to your employees?

10 fresh tips from Security Summit: Your Cybersecurity 2021

How to organize a security conference in COVID times

Quick dive into the technology behind your SOC

10 Reasons For Taking Part In The Security Summit

How to cure your cyber security pain with a SOC?

Cybersecurity hygiene and COVID19 consequences for your business

Security operations

Offensive security

Security solutions

How to quantify risk  ?

Cyber threat intelligence – your headlights on the internet 