Cyber4Z in short

Cyber4Z started in 2015 with two specialists experienced in the cybersecurity domain. We now have a team with various capabilities in the field of strategic and tactical design of cyber security, IT, Privacy and Blockchain technology.

In addition, we are involved in technical and tactical implementations of complex security challenges that focus on the acceptance of new technologies in a pragmatic way. With our expertise and experience, we can guarantee the business objectives of our clients. These are widely determined by laws and regulations, customer requirements and rules of compliance.

  • Predict

  • Prevent

  • Detect

  • Respond

  • Remediate

Who are we?

Our team consists of certified professionals. Quality is our top priority. The technical and tactical implementations we deliver from the strategic design can be externally certified against the ISO9001, ISO27001, NEN7510 or other standards. Therewith we can have our quality tested externally as well. In addition, we provide operational knowledge when it comes to technical security assessments such as penetration tests, project management, SOC / SIEM propositions with connecting services such as log management, vulnerability and compliance management, patch management, training in the field of privacy, security and blockchain technology.

More about Cyber4Z

Our clients

Monthly Cybernote: August 2022

Eighteen zero-day leaks in the first half of 2022

In the first half of this year, eighteen zero-day vulnerabilities 1 have been used in attacks against organizations and internet users. At least half of these vulnerabilities could have been prevented if the relevant software supplier had implemented better updates and regression tests, according to Google. The tech company had the most zero days (5), followed by Apple (4), Microsoft (4), Mozilla (2), Atlassian (1), Sophos (1) and Trend Micro (1).

Zerodays are vulnerabilities for which no vendor update is available at the time of the attack. According to Google at least nine zerodays were variants of previously patched vulnerabilities. The tech company claims that half of the zero-day leaks observed in the first half of this year could have been prevented through better patches and regression testing. It also appears that four of the zero-days discovered this year are variants of zero-day leaks that were already used by attackers last year.

“When people think of zero-day exploits, they often feel that they are so technologically advanced that there is no chance of finding and preventing them. The data tells a different story. At least half of the zero days we've seen so far are closely related to previously observed bugs," said Google's Maddie Stone. She adds that many of the zero days are a result of not fully patching the root cause. This allows attackers to exploit the problem again in a different way.

According to Stone, it is important that software developers come up with comprehensive and correct fixes, so that it becomes more difficult for attackers to use zero-day leaks. To better understand the underlying issues of zero-day leaks, Google has published "root cause analyses" of multiple zero-days and is calling on other software vendors to do the same.