Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Bitsight identifies nearly 100,000 exposed industrial control systems
Bitsight identifies nearly 100,000 exposed industrial control systems
Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) owned by organizations around the world, potentially allowing an attacker to access and control physical infrastructure such as power grids, traffic light systems, security and water systems, and more.
Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure.
Bitsight dissects SmokeLoader's plugins received by an infected computer from the botnet "0020". We explore their inner workings, capabilities, and threat vectors.
Discover the methodology, at a technical level, the Bitsight Security Research team used to evaluate the three critical vulnerabilities affecting MOVEit Transfer.
Read Bitsight breach research by looking at the evolution of reported incidents over the past years to identify trends and global patterns.
CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.
The other week, Bitsight released a piece of high-profile research alerting the public to a high-severity vulnerability. Here’s a summary of what happened and why it matters.
Enterprises tend to take their time with remediation efforts, despite software vulnerabilities being a top threat to organizations’ cybersecurity performance. The key to quicker fixes? Timely briefings.
Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP).
We have made several adjustment to continue to provide Bitsight users with the best external indicator of the performance of cybersecurity controls.
Bitsight has recently observed a 15-year-old modular spambot called Tofsee being distributed by PrivateLoader (ruzki), a notorious malware distribution service we also closely monitor.
Bitsight published research identifying exposed webcams. In light of that, Orgs must develop an understanding of how to handle the expanding attack surface.
Bitsight has identified thousands of organizations around the world using Internet-facing webcams and similar devices, finding many video and audio feeds susceptible to eavesdropping.
Mylobot is a malware that targets Windows systems, it first appeared in 2017. In this article, we'll focus on its main capability, which is transforming the infected system into a proxy.
Bitsight has discovered two previously undocumented malware families named Cova and Nosu. They have different purposes and capabilities, although we found some similarities during our research.
New Bitsight research finds that many organizations are still affected by the OpenSSL vulnerabilities, tracked as CVE-2022-3786 and CVE-2022-3602. This blog identifies the most affected sectors and nations around the world.
Get the Weekly Cybersecurity Newsletter
Subscribe to get security news and industry ratings updates in your inbox.