BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Fortinet Leak Demonstrates Need For Remote Access System Patching

In early September, a threat actor leaked nearly 500,000 Fortinet VPN login names and passwords that were allegedly scraped from vulnerable devices last summer. The leaked credentials could allow hackers to access an exposed network to...

READ MORE »

What You Need To Know About The Kaseya Ransomware Attack; And Why You Shouldn’t Be Surprised

It happened again - another disruptive ransomware attack. On July 2, 2021 Kaseya, a Florida-based software provider that provides Remote Management Monitoring, warned of its software being abused to deploy ransomware on end-customers'...

READ MORE »

Cybersecurity Protection in the Wake of a Rough Six Months – Industry Experts Weigh In

In the six months since the SolarWinds supply chain attack there has been increased action in the cybersecurity breach world – and the bad actors aren’t letting up. This means that cybersecurity protection is more critical than ever. 

READ MORE »

Colonial Pipeline is Not Alone: Ransomware Risk in the U.S. Oil/Energy Sector

After last week’s catastrophic cyber incident targeting Colonial Pipeline, could more U.S. Oil and Energy companies be at risk of a ransomware attack? 

READ MORE »

BitSight Observations Into HAFNIUM Attacks, Part Three: Exploitation and Vulnerability Persists

Organizations around the globe continue to address the fallout from the Microsoft Exchange Server zero-day attacks. It was recently announced that hackers may now be exploiting the vulnerabilities in Exchange to drop ransomware into...

READ MORE »

BitSight Observations Into HAFNIUM Attacks, Part Two: Unpatched Exchange Servers Remain Vulnerable

Microsoft Exchange is a critical business software used by organizations around the world for email. Sensitive data and communications are stored and transacted on the platform daily. In an unusual situation, threat actors have...

READ MORE »

BitSight Observations Into the HAFNIUM Attacks: Part One

On March 2, Microsoft announced that it has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. According to Microsoft, in the attacks observed, cybersecurity threat actors used...

READ MORE »

How To Prevent Organizational Data Leaks In 2021

It’s every security manager's worst nightmare. A member of the IT department reaches to alert that malicious software has been detected on an internal network, and the hacker potentially has access to layers of sensitive data. In the...

READ MORE »

The 2020 Verizon DBIR: If Nothing Changes, Then Nothing Changes

This week the 13th edition of the Verizon Data Breach Investigations Report (DBIR) was released, which is usually a hallmark event of the cybersecurity world. As we have been in previous years, BitSight is proud to be a data contributor...

READ MORE »
Load More

Get the Weekly Cybersecurity Newsletter.