cyber risk
Today, the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, to drive urgent and prioritized remediation of vulnerabilities that are being actively exploited by adversaries.

This directive includes an update to CISA's catalog of “known exploited vulnerabilities,” part of an ongoing effort encourage organizations to reduce risk within their attack surface. BitSight is proud to partner with CISA on these critical efforts.

In the past few weeks, BitSight has conducted research on two of the vulnerabilities in the CISA list: CVE-2021-41773 and CVE-2021-42013. These vulnerabilities were introduced via a recent Apache Server update and highlight the importance of an effective software update and patch management strategy as well as the need for third-party risk management.
What Companies Using Cloud Computing Services Need To Know About Their Risk Responsibilities
Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But who is responsible for breaches in the cloud data, the service provider or the organization using their services?
Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs
Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against the threat, including reverse engineering, malware analysis, modules updates, infection telemetry and command and control updates and forensic analysis.  This week, an action took place to disrupt all Necurs botnets, followed by mitigation and eradication actions. 
Third-Party Insight into Triada & Related Families
A few weeks ago Google confirmed that there was malware pre-installed on a number of Android devices due to a supply-chain attack. The latest installment was discovered by security researchers from Dr.Web who have been investigating this situation for several years as it was already theorized by security researchers back in July 2017 that these infections originated as part of a supply-chain attack. In this instance, these devices were pre-installed with Triada, a form of Android malware that has been studied and reported on by Kaspersky and most recently Google in its attempt to surface this critical information to users and the wider community.
Data Insights on the BlueKeep Vulnerability
On May 14th, Microsoft issued a warning about the BlueKeep vulnerability (CVE-2019-0708) affecting Remote Desktop Services Protocol (RDP), a component common in most versions of Microsoft Windows that allows remote access to its graphical interface. This vulnerability, if exploited by an external attacker, will lead to full system compromise, without requiring any form of authentication or user interaction.