Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Bitsight and Google collaborate to reveal global cybersecurity performance
Bitsight and Google collaborate to reveal global cybersecurity performance
This joint study between Bitsight and Google arms organizations with actionable insights, providing the current status of global cybersecurity performance by analyzing nearly 100,000 global organizations across 16 cybersecurity controls and nine industries amid heightened stakeholder demands on cybersecurity strategy.
On the surface, the Bitsight Rating and associated Risk Vectors look self-explanatory, but there's an artistic element as well. In the case of Bitsight, that means having a thorough understanding of cybersecurity and drawing inferences from the data.
Mylobot is a malware that targets Windows systems, it first appeared in 2017. In this article, we'll focus on its main capability, which is transforming the infected system into a proxy.
A study reveals the correlation between these security flaws and the likelihood of cybersecurity incidents. Learn more.
Bitsight has discovered two previously undocumented malware families named Cova and Nosu. They have different purposes and capabilities, although we found some similarities during our research.
A data breach can have financial, operational, and reputational impact, but how much does it actually cost?
New Bitsight research finds that many organizations are still affected by the OpenSSL vulnerabilities, tracked as CVE-2022-3786 and CVE-2022-3602. This blog identifies the most affected sectors and nations around the world.
As a security professional navigating the new challenges 2020 is bringing to cybersecurity, it’s critical to understand the ways your organization’s data could be exposed. Sensitive data is critical, safeguarded information. Different information can be considered sensitive depending on the industry, but in general it can be anything your organization, your employees, your customers, or your third parties would expect to be private and protected.Below, we’ve outlined five examples of sensitive data your organization likely handles—and a few key ways to protect it from evolving cyber threats.
Bitsight evaluated the current global state of exposure to CVE-2022-1388. Our findings indicate that many organizations remain vulnerable to this critical vulnerability, presenting risk not only to these organizations but also to their customer bases. See the findings.
In late 2021 we started registering some DGA-like domains that not only did not belong to any known domain generation algorithm (DGA), but were also being classified as different types of malware. Read the analysis.
SystemBC is a malware written in C that turns infected computers into SOCKS5 proxies.
Bitsight found that 25% of the S&P 500 and half of the top 20 most valuable public U.S companies have had at least one SSO credential for sale on the dark web in 2022. Read the full analysis.
PrivateLoader is a loader from a pay-per-install malware distribution service that has been utilized to distribute info stealers, banking trojans, loaders, spambots, and ransomware on Windows machines.
Bitsight has discovered six severe vulnerabilities in a popular vehicle GPS tracker (MiCODUS MV720) potentially allowing hackers to track individuals without their knowledge, remotely disable fleets of corporate supply and emergency vehicles, abruptly stop civilian vehicles on dangerous highways, and more.
A vulnerability scanner evaluates security weaknesses and gaps in your digital infrastructure. Learn what to look for in a robust solution.
What is a botnet? A botnet is a collection of networked devices that are infected by malware and hijacked to carry out scams and data breaches.