Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Bitsight and Google collaborate to reveal global cybersecurity performance
Bitsight and Google collaborate to reveal global cybersecurity performance
This joint study between Bitsight and Google arms organizations with actionable insights, providing the current status of global cybersecurity performance by analyzing nearly 100,000 global organizations across 16 cybersecurity controls and nine industries amid heightened stakeholder demands on cybersecurity strategy.
Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP).
We have made several adjustment to continue to provide Bitsight users with the best external indicator of the performance of cybersecurity controls.
Bitsight has recently observed a 15-year-old modular spambot called Tofsee being distributed by PrivateLoader (ruzki), a notorious malware distribution service we also closely monitor.
Bitsight published research identifying exposed webcams. In light of that, Orgs must develop an understanding of how to handle the expanding attack surface.
Bitsight has identified thousands of organizations around the world using Internet-facing webcams and similar devices, finding many video and audio feeds susceptible to eavesdropping.
Mylobot is a malware that targets Windows systems, it first appeared in 2017. In this article, we'll focus on its main capability, which is transforming the infected system into a proxy.
Bitsight has discovered two previously undocumented malware families named Cova and Nosu. They have different purposes and capabilities, although we found some similarities during our research.
New Bitsight research finds that many organizations are still affected by the OpenSSL vulnerabilities, tracked as CVE-2022-3786 and CVE-2022-3602. This blog identifies the most affected sectors and nations around the world.
In this research, we present how to manually “unpack” a sample from a recent ColibriLoader malware campaign being distributed by PrivateLoader.
New research by the Marsh McLennan Cyber Risk Analytics Center (Marsh McLennan) finds 14 Bitsight analytics have statistically significant correlation with cybersecurity incidents.
Bitsight evaluated the current global state of exposure to CVE-2022-1388. Our findings indicate that many organizations remain vulnerable to this critical vulnerability, presenting risk not only to these organizations but also to their customer bases. See the findings.
In late 2021 we started registering some DGA-like domains that not only did not belong to any known domain generation algorithm (DGA), but were also being classified as different types of malware. Read the analysis.
Moody’s Investor Services published new research indicating worldwide cyber risk is rising, particularly among critical infrastructure entities.
Key risk indicators (KRIs) can help monitor and control cyber risk. But what KRIs should you focus on?
SystemBC is a malware written in C that turns infected computers into SOCKS5 proxies.