<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">


Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Data Insights on the BlueKeep Vulnerability

On May 14th, Microsoft issued a warning about the BlueKeep vulnerability (CVE-2019-0708) affecting Remote Desktop Services Protocol (RDP), a component common in most versions of Microsoft Windows that allows remote access to its graphical...


Fraudulent Android Advertising SDK Installed In Over 15 Million Devices

Every day, BitSight monitors the global threat landscape in a constant effort to identify software that may be placing users and organizations at risk. The presence of malware — or simply potentially unwanted applications — in an...


Break Out Of The Tinynuke Malware

New Tinynuke variant with a DGA in the wild



Tinynuke, or Nukebot malware, is a trojan able to perform man in the browser attacks against modern web browsers and equipped with the most common features needed by a bank trojan (e.g....


The Value of Sinkholing: It’s In the Numbers

In 2014, BitSight acquired AnubisNetworks, a real-time data threat provider based in Portugal. The integration of AnubisNetworks extends BitSight’s position as the leading provider of cybersecurity ratings for organizations around the...


Petya / NotPetya: What Security Diligence Tells Us

There are many details of yesterday’s ransomware attack are still being worked out, and its impact is still being assessed. Yet, there are many security diligence steps organizations can take to reduce exposure to these types of attacks....


Assessing the Global Impact of WannaCry Ransomware

Since our initial post during the breakout of WannaCry ransomware, our Research & Development team has learned more about the spread of this malware. While the outbreak of this ransomware surprised the entire security community, the amount...


Understanding the Effects of DoublePulsar & WannaCry Across Industries

The Shadow Brokers, a hacking group known for releasing exploits and vulnerabilities allegedly used by the National Security Agency (NSA), published a cache of tools over a month ago on April 14th. This release had initially caused panic...


Inherent Risk: How Insecure Systems Pose a Threat to Network Security

A few months ago, Anubis BitSight Labs researchers discovered that millions of low-cost Android phones, many of them in the United States, were vulnerable to Man-in-the-Middle attacks. The backdoor could be exploited through unregistered...


Necurs Proxy Module With DDOS Features

Necurs is a malware that is mainly known for sending large spam campaigns, most notably the Locky ransomware. However, Necurs is not only a spambot, it is a modular piece of malware that is composed of a main bot module, a userland rootkit...

Load More

Subscribe to get security news and updates in your inbox.