SecurityScorecard Blog
Read the latest blog posts published weekly.
-
Blog
A Day in the Life of a CISO – Addressing an Urgent Security Threat
November 18, 2024A Day in the Life of a CISO - Addressing an Urgent Security Threat
More Details -
Blog
A Day in the Life of a CISO – Presenting to the Board Chairman
November 18, 2024A Day in the Life of a CISO - Presenting to the Board Chairman
More Details -
Blog
The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat
November 12, 2024Discover the resurgence of Volt Typhoon, a state-sponsored cyber-espionage group targeting the energy sector. Learn how they exploit legacy systems and outdated devices to embed themselves within critical infrastructure, posing a silent yet significant threat. Stay informed about the evolving tactics, global reach, and implications for national security.
More DetailsRyan Sherstobitoff, SVP, Threat Research & Intelligence
STRIKE Team -
Blog, Learning Center
What is the CIA Triad? Definition, Importance, & Examples
November 7, 2024More DetailsPrivate: Phoebe Fasulo
Tech Center -
Blog, Learning Center
SMB Port Numbers: A Guide to Optimizing and Securing Your Network
November 7, 2024Explore SMB port security and optimization for your network, including risks and best practices for safeguarding your digital infrastructure.
More DetailsTech Center -
Blog
The Job Offer That Wasn’t: How We Stopped an Espionage Plot
October 29, 2024Discover how SecurityScorecard thwarted a sophisticated cyber-espionage plot disguised as a job offer. Learn about the 'Contagious Interview' campaign, the tactics used by the Famous Chollima group, and essential strategies to protect your organization from targeted attacks. Don't let your next career move become a trap—stay informed and secure!
More DetailsSteve Cobb, CISO, SecurityScorecard
STRIKE Team -
Blog
Inside a North Korean Phishing Operation Targeting DevOps Employees
October 29, 2024Uncover how SecurityScorecard thwarted a sophisticated phishing attack targeting our DevOps team. This blog details a North Korean state actor's attempt to deploy a malicious backdoor through a fake job offer on social media. Learn about the evolving tactics of threat actors and how our swift response blocked potential damage. Stay informed and strengthen your defenses against these persistent cyber threats.
More DetailsRyan Sherstobitoff, SVP Threat Research & Intelligence
Nation State Actors, Phishing, STRIKE Team -
Blog, Learning Center
Healthcare IT Security and Compliance in 2024 and Beyond: A Comprehensive Guide
October 17, 2024The healthcare industry remains a prime target for cyberattacks. As the industry navigates the digital landscape, ensuring cybersecurity compliance is paramount to protecting patient privacy and maintaining operational integrity.
More DetailsHealthcare, Services, Tech Center -
Blog, Learning Center
Complete Third-Party Risk Management (TPRM) Guide for 2025
October 16, 2024Learn effective third-party risk management strategies for 2025 to protect your business from cyber threats, ensure compliance, and secure vendor networks.
More DetailsThird-Party Risk Management -
Blog
Scorecarder Spotlight: Segev Eliezer & David Mound
October 11, 2024Our series “Scorecarder Spotlight” showcases our talented employees and the incredible work they do. Meet Segev Eliezer & David Mound!
More Details -
Blog
What is Supply Chain Detection and Response?
October 7, 2024Supply chain detection and response (SCDR) is a solution for supply chain incident responders that drives critical issue identification, vendor responsiveness, and time to incident resolution. SCDR solutions provide risk intelligence, AI-driven workflows, and collaboration capabilities to improve the security posture of your organization and your suppliers.
More DetailsGian Calvesbert
SCDR -
Blog
How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks
September 30, 2024How nations can work with industry to identify meaningful metrics, standards, and KPIs to help governments improve their cybersecurity posture and build deeper supply chain resilience.
More DetailsJeff Le
Public Sector, Supply Chain Cyber Risk