InSights Blog

The situation between Russia and Ukraine has been escalating since the start of January, when Russia stationed more than 100,000 troops along the Ukrainian Border. Although cyber security is not the primary concern in the current situation, there is a cyber security component that absolutely should not be overlooked.

We believe a war in the region would have a direct impact on the cyber threat landscape. Both Poland and Lithuania have recently raised their countries' alert level, just hours after Ukraine reported its defense ministry and two banks had been hacked. In the US, CISA has issued a recommendation for all organizations, regardless of size, to adopt a heightened posture when it comes to cybersecurity. Meanwhile, Russia launched a full scale attack on Ukraine territory, which is still developing, and its full reach still remains to be seen.

As cyber attacks evolve and your attack surface increases, learn how you can protect your digital perimeter.

What is adaptive security? Explore the benefits of this approach to cyber risk reduction and how your organization can get started.

Disrupting the flow of goods and services is a keen priority for threat actors and critical infrastructure has long been a favored target. In 2021, the Colonial Pipeline ransomware attack caused a devastating impact to the economy when Russia-based hackers halted fuel movement along the critical U.S. Gulf and East Coast pipeline.

But this and other attacks may only be the beginning of an alarming ransomware trend aimed at U.S. critical infrastructure. Ransomware-as-a-service tools make ransomware easy to execute, making it the dominant cyber threat to enterprises in 2022. Indeed, the FBI recently warned that hackers have already developed ransomware code designed to disrupt critical infrastructure or industrial processes.

From the start, it was clear that the Log4j vulnerability, also referred to as Log4Shell, would be widespread and present major challenges for organizations. But, why is addressing Log4j so challenging?

Make your vendor lifecycle more efficient and less fraught with cyber risk with these three tips for supply chain risk management.

Learn how to reduce the threat of cyber intrusion with a detection and prevention approach grounded in continuous monitoring.

BitSight has been collecting FluBot infection telemetry data since March 2021. In total, we have identified 1.3 million IPs used by infected Android devices. Of them, over half (61%) are in Germany and Spain. Additionally, we are tracking an increase in IPs over time, which likely indicates an increase in infected devices.

Learn about the top ransomware attack vectors favored by hackers and the steps you can take to protect your organization.

Learn what the disturbing ransomware trends means for your organization and third-party vendors.

As internet use continues moving toward a mobile-centric experience, it has become essential to consider mobile applications when crafting a security strategy. BitSight’s latest research demonstrates exactly why. We are excited to announce that BitSight Insights: Mobile Application Risk Report is available now.

Rapidly evolving risk and the digitization of banking is creating new threats. Here are three cybersecurity in banking trends to watch this year.

What is cyber resilience vs. cybersecurity and why in today’s digital economy you need a plan for both.

Security professionals have an ambitious goal to prevent the majority of cyber attacks. Bitsight's Control Insights lets you consistently and reliably measure the effectiveness of security controls.

Learn how to protect your organization’s “crown jewels” with these do’s and don’ts of sensitive data sharing with vendors.