BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...

READ MORE »

Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against...

READ MORE »

Third-Party Insight into Triada & Related Families

A few weeks ago Google confirmed that there was malware pre-installed on a number of Android devices due to a supply-chain attack. The latest installment was discovered by security researchers from Dr.Web who have been investigating this...

READ MORE »

Data Insights on the BlueKeep Vulnerability

On May 14th, Microsoft issued a warning about the BlueKeep vulnerability (CVE-2019-0708) affecting Remote Desktop Services Protocol (RDP), a component common in most versions of Microsoft Windows that allows remote access to its graphical...

READ MORE »

Fraudulent Android Advertising SDK Installed In Over 15 Million Devices

Every day, BitSight monitors the global threat landscape in a constant effort to identify software that may be placing users and organizations at risk. The presence of malware — or simply potentially unwanted applications — in an...

READ MORE »

Break Out Of The Tinynuke Malware

New Tinynuke variant with a DGA in the wild

 

Summary

Tinynuke, or Nukebot malware, is a trojan able to perform man in the browser attacks against modern web browsers and equipped with the most common features needed by a bank trojan (e.g....

READ MORE »

The Value of Sinkholing: It’s In the Numbers

In 2014, BitSight acquired AnubisNetworks, a real-time data threat provider based in Portugal. The integration of AnubisNetworks extends BitSight’s position as the leading provider of cybersecurity ratings for organizations around the...

READ MORE »

Petya / NotPetya: What Security Diligence Tells Us

There are many details of yesterday’s ransomware attack are still being worked out, and its impact is still being assessed. Yet, there are many security diligence steps organizations can take to reduce exposure to these types of attacks....

READ MORE »

Assessing the Global Impact of WannaCry Ransomware

Since our initial post during the breakout of WannaCry ransomware, our Research & Development team has learned more about the spread of this malware. While the outbreak of this ransomware surprised the entire security community, the amount...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.