Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Bitsight and Google collaborate to reveal global cybersecurity performance
Bitsight and Google collaborate to reveal global cybersecurity performance
This joint study between Bitsight and Google arms organizations with actionable insights, providing the current status of global cybersecurity performance by analyzing nearly 100,000 global organizations across 16 cybersecurity controls and nine industries amid heightened stakeholder demands on cybersecurity strategy.
In today’s day and age, organizations understand that data breaches are a growing problem, but many fail to realize that a third party breach can impact them as much as a breach on their own network. Here we’ll examine several misconceptions surrounding vendor risk management (VRM), and how you can proactively create a strategy to avoid common pitfalls.
Bitsight Security Ratings are based on security events and configurations present on a company’s digital infrastructure. As we discuss these ratings with companies, we’ve found that many of them have infrastructure registered to them that they are unaware of. With the recent WannaCry ransomware attacks (and with the increased frequency of cyber incidents overall), it is becoming critical that organizations take a more thorough look at their infrastructure. This preventative measure can help identify any vulnerabilities or malicious activity on unmonitored parts of a network, as well as confirm that accuracy of registrations.
Read this Q&A with a member of Bitsight’s engineering team to learn about his role as a front-end developer in our Lisbon office, his experience, and more.
Last month, thousands of computers across the world were infected by a strain of ransomware known as WannaCry. Estimates show that this massive attack impacted over 300,000 computers across banks, hospitals, telecommunications services, train stations, and numerous other critical services. Months before this attack, Microsoft had released a patch of all Server Message Block (SMB) vulnerabilities, including EternalBlue, which researchers believe is one of the vulnerabilities that criminals exploited to carry out the attack. Despite the available patch, it appears that many companies neglected to install the critical update (MS17-010) from Microsoft prior to the attack.
While your current Vendor Risk Management (VRM) or Third-Party Risk Management (TPRM) program may have areas of strength, there is most certainly room for improvement. These programs are a significant driver of both internal and external advisor time, extremely costly, and limited in scale. How can you harness more actionable insight to scale your program and truly and continuously understand the cybersecurity of your third parties? Using Bitsight Security Ratings, you can see a positive impact on your TPRM/VRM program by getting more value out of what you are already doing.
Want to know what it’s like to be an engineer at a fast-growing start-up? Check out this Q&A with a member of Bitsight’s engineering team to learn about his role as Engineering Manager, his experience, and more.
Check out this Q&A with a member of Bitsight’s engineering team to learn about his role as a Senior Test Engineer at Bitsight, his experience, and more.
The Shadow Brokers, a hacking group known for releasing exploits and vulnerabilities allegedly used by the National Security Agency (NSA), published a cache of tools over a month ago on April 14th. This release had initially caused panic within the security industry as it was believed at the time that some of the exploits were using zero day vulnerabilities, or vulnerabilities for which the vendor had not yet made a fix available. It was later learned that Microsoft had released a patch for these vulnerabilities in a March update, MS17-010. Since these vulnerabilities were first revealed, a set of malicious actors have deployed the DOUBLEPULSAR backdoor onto affected machines to permit easier access, and another set have written a worm, known as WannaCry, to take advantage of unpatched systems and spread internally within a network. Bitsight customers have the ability to filter their portfolio of continuously monitored companies to determine those companies that are at risk because they have the DOUBLEPULSAR implant on a host.
Spend any time in web development and you will be struck by the daunting pace at which the technology landscape changes. The must-have technologies of today quickly become the legacy spaghetti code of yesterday. In some cases, adopting new technology is as simple as adding a new library. Other times, large scale architectural changes need to be made. For those looking to move from traditional server side MVC apps to newer client side single page apps, the migration path is not easy nor clear cut.
A few months ago, Anubis Bitsight Labs researchers discovered that millions of low-cost Android phones, many of them in the United States, were vulnerable to Man-in-the-Middle attacks. The backdoor could be exploited through unregistered internet domains that had been hardwired into the Ragentek firmware used in these devices. A hacker with control of the domains could have installed malware bypassing Android’s security protections.
Bitsight is thrilled to announce Bitsight Sovereign Security Ratings, the first objective measurement of national cybersecurity performance. Sovereign Security Ratings measure the security hygiene of nations by observing their IP space and collecting externally observable data on the presence of machine compromise and malware, security diligence, and user behaviors. Government agencies and Computer Emergency Response Teams (CERTs) can use Sovereign Security Ratings to measure, monitor, compare, and investigate the cybersecurity risk of their country and the companies that are critical to its infrastructure.
Fortune 1000 organizations are acknowledged for generating significant amounts of revenue. Yet beyond bringing in a considerable amount of money, these companies are also integral to the supply chains of many organizations around the world. Recognizing this, Bitsight researchers set out to understand the security strengths and weaknesses found in Fortune 1000 companies. Companies that share data and network access with these organizations should be cognizant of common cyber risks found within these organizations, and use this insight to better inform their third party risk management programs.
As we discussed in a previous blog post, Cloudflare suffered a serious bug that caused private information from any Cloudflare customer and their users to be publicly leaked onto websites that had corrupted web content. Any person with knowledge of those websites was able to scrape the sensitive information left there.
Necurs is a malware that is mainly known for sending large spam campaigns, most notably the Locky ransomware. However, Necurs is not only a spambot, it is a modular piece of malware that is composed of a main bot module, a userland rootkit and it can dynamically load additional modules.
Dridex is a banking trojan that uses an affiliate system for its botnets. We have documented the Dridex communication and P2P protocols in the past. In this post we want to shed some light about all the known botnets, their respective geographic targets, and how they are organized.