InSights Blog

PrivateLoader is a loader from a pay-per-install malware distribution service that has been utilized to distribute info stealers, banking trojans, loaders, spambots, and ransomware on Windows machines.

Executive performance and cyber risk management are now inextricably linked. Learn how CISOs can help executives be more accountable for cyber risk.

Security ratings, or cyber security ratings, are a data-driven, objective and dynamic measurement of an organization’s security performance. Thousands of organizations around the world use BitSight Security Ratings as a tool to address a variety of critical, interconnected internal and external use cases at scale in order to enable more effective decision making throughout the global business ecosystem.

What is continuous monitoring vs. continuous security testing and why you need both to protect your organization against third-party risk.

It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?

Traditional supply chain risk management strategies are becoming increasingly unsound amid the rise of unorthodox threats. These evolving supply chain risks require organizations to not only rethink supply chain risk but to act accordingly. Every organization should form a cyber supply chain risk management strategy for the modern era.

The modern attack surface is expanding, presenting new challenges to the status quo of cyber supply chain risk management. Let’s analyze the evolving landscape, and highlight key shifts important to your organization.

Learn how to combat growing third-party cyber threats with automation and an effective vendor due diligence process.

While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making informed decisions for the long-term. A cybersecurity framework can help.

The process of removing an association with a CIDR range can be time consuming and frustrating; in light of this, BitSight has created a program to facilitate and simplify the process.

Emotet is back in business, and BitSight's Threat Research team is continuously monitoring the evolution of this dangerous malware. See our latest findings.

What is a board cybersecurity committee? Learn why it’s more critical than ever and how your organization can establish one.

Discover how BitSight’s GPS vulnerability research can help your organization and third party managers reduce IoT device cyber risk.

Data exfiltration is the unauthorized transfer of data from a host device, such as an application, database, or server. Here’s how you can prevent it.

The NCUA Board approved a proposed rule that would require a federally insured credit union (FICU) to notify the NCUA as soon as possible but no later than 72 hours after they reasonably believe that a reportable cyber incident has occurred.