Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

What is Threat Intelligence in Cybersecurity?

July 6, 2023

What is Threat Intelligence in Cybersecurity?
Threat intelligence helps you understand, prevent, and mitigate cyber threats. Learn how threat intelligence can benefit your business.
Tech Center
Fortinet Fortigate Vulnerability CVE-2023-27997: How to Surface Exposed Devices and Mitigate the Threat

June 23, 2023

Fortinet Fortigate Vulnerability CVE-2023-27997: How to Surface Exposed Devices and Mitigate the Threat
Recently, a critical vulnerability tracked as CVE-2023-27997 was identified in Fortinet Fortigate appliances. This vulnerability has been exploited by the Chinese APT group Volt Typhoon, among others, targeting governments and organizations worldwide. \r\n\r\nAs a result, Fortinet has released an urgent patch for affected systems. For a more detailed understanding of this vulnerability and the corresponding patch, you can read this Fortinet blog post.\r\n
Cyber Threat Intelligence
Cybersecurity Risk is a Business Risk: Upcoming SEC Regulations Make Security Transparency Mandatory

June 22, 2023

Cybersecurity Risk is a Business Risk: Upcoming SEC Regulations Make Security Transparency Mandatory
During an interview on Nasdaq Trade Talks, SecurityScorecard CEO, Aleksandr Yampolskiy, discussed the impact of upcoming regulations by the SEC.
Services
SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation

June 20, 2023

SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation
SecurityScorecard shares its findings into a widespread MOVEit exploit which affected a number of high profile organizations.
Cyber Threat Intelligence
Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit: SecurityScorecard’s investigation into Zellis reach uncovers 2,500 exposed MOVEit servers across 790 organizations

June 7, 2023

Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit: SecurityScorecard’s investigation into Zellis reach uncovers 2,500 exposed MOVEit servers across 790 organizations
Learn about SecurityScorecard’s investigation into the Zellis breach, which uncovered over 2.500 vulnerable servers across 790 organizations.
Cyber Threat Intelligence
SecurityScorecard’s Partnership with the TSA Helping to Secure the Nation’s Critical Infrastructure

May 16, 2023

SecurityScorecard’s Partnership with the TSA Helping to Secure the Nation’s Critical Infrastructure
As part of our continued commitment to making the world a safer place, SecurityScorecard recently partnered with the Transportation Security Administration (TSA). This partnership will enable the agency to more accurately monitor and assess the cyber health of the nation’s pipeline, rail, and aviation transportation systems.
Prepare for Zero-Day Threats: Military and Private Sector Leaders Share Their Insights

April 14, 2023

Prepare for Zero-Day Threats: Military and Private Sector Leaders Share Their Insights
Leading cybersecurity experts Major General John F. Wharton, (US Army retired); Oleg Strizhak, Shell’s Digital Supply Chain Risk Manager; and Sam Curry, the CISO of Zscaler, recently sat down with SecurityScorecard’s President of International Operations Matthew McKenna to discuss how organizations can prepare themselves and their supply chains for zero-day attacks, preventing and responding to them, as well as best practices for supply chain risk management.  
Cyber Threat Intelligence
Public Sector
7 Factors that Drive Cyber Risk: New Research from Marsh McLennan and SecurityScorecard

April 12, 2023

7 Factors that Drive Cyber Risk: New Research from Marsh McLennan and SecurityScorecard
Cyber risk is dynamic and influenced by a wide range of variables, quantifying it requires numerous, continuously updated data points.
Cyber Insurance
6 Ways To Use SecurityScorecard APIs and Integrations

April 4, 2023

6 Ways To Use SecurityScorecard APIs and Integrations
Optimize your security workflows and deliver intelligence with the largest ecosystem of integrated technology partners. Learn more.
Security Ratings
SecurityScorecard releases list of Killnet open proxy IP addresses

February 7, 2023

SecurityScorecard releases list of Killnet open proxy IP addresses
In the wake of Killnet’s latest DDoS attack on U.S. hospitals on January 30, SecurityScorecard has made its KillNet open proxy IP blocklist available to the public. This list is the product of the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team’s ongoing research into KillNet. We released this list to help organizations better defend themselves against KillNet and other groups like it by preventing traffic from exploitable assets. In this blog, we’ll explain how we developed this proxy list and our recommendations for preventing DDos attacks.
Cyber Threat Intelligence
Close Encounters of the Third- (and Fourth-) Party Kind: The Blog

February 1, 2023

Close Encounters of the Third- (and Fourth-) Party Kind: The Blog
Let’s dive deeper into some other insights that help us understand the true extent of exposure from third- and fourth-party relationships.
Supply Chain Cyber Risk
Enterprise Cybersecurity: What it is & Why it’s Important

January 20, 2023

Enterprise Cybersecurity: What it is & Why it’s Important
Having effective enterprise cybersecurity is more than having your employees create a password that isn’t their pet’s name—unless perhaps their cat’s name is at least 12 characters long, and a combination of upper- and lower-case letters and symbols. Whether it’s well-researched spearphishing attempts or bypassing MFA, threat actors have only… Read More
Tech Center
Hackers Are Using These 3 Techniques to Bypass MFA

December 7, 2022

Hackers Are Using These 3 Techniques to Bypass MFA
Multi-factor authentication (MFA) is an essential security measure, but here are some frequently-used methods cyber-attackers leverage to bypass MFA.
Tech Center
9 Steps to Mitigate Ransomware Attacks for Your Business

November 30, 2022

9 Steps to Mitigate Ransomware Attacks for Your Business
Ransomware attacks are a top concern for many businesses as the threat landscape expands. Follow these 9 steps to help mitigate the risk for your business.
Tech Center
Mobile Device Forensics: Challenges, Threats, & Solutions

November 21, 2022

Mobile Device Forensics: Challenges, Threats, & Solutions
Mobile device forensics can help you recover lost or deleted data, as well as investigate a potential mobile security breach. Learn more.
Tech Center
What Drives Cyber Risk? Cyber Insurers and SecurityScorecard Reveal Answers

October 19, 2022

What Drives Cyber Risk? Cyber Insurers and SecurityScorecard Reveal Answers
Seeking to stay ahead of hackers, many researchers have asked themselves what drives cyber risk. And many cyber insurance carriers have wondered how to accurately underwrite and price the risk. According to preliminary results from SecurityScorecard’s joint work with our cyber insurance partners, the answer is clear but multi-faceted.
Cyber Insurance
What is Cyber Risk Quantification? A Comprehensive Guide

October 6, 2022

What is Cyber Risk Quantification? A Comprehensive Guide
Cyber risk quantification is the process of quantifying cyber risk by putting a monetary value on the potential impact of each prospective threat. Learn more.
Cyber Insurance
Executive Viewpoint
Tech Center
What is Cyber Risk Quantification? A Comprehensive Guide

October 6, 2022

What is Cyber Risk Quantification? A Comprehensive Guide
Cyber risk quantification is the process of quantifying cyber risk by putting a monetary value on the potential impact of each prospective threat. Learn more.
Cyber Insurance
Executive Viewpoint
Tech Center
SecurityScorecard Partners with JCDC to Democratize Continuous Monitoring and Cybersecurity Risk Management

September 28, 2022

SecurityScorecard Partners with JCDC to Democratize Continuous Monitoring and Cybersecurity Risk Management
Cybersecurity is a team sport, and SecurityScorecard is proud to partner with the Joint Cyber Defense Collaborative (JCDC) to share cyber threat information in defense of public and private critical infrastructure.
Public Sector
TTPs Associated With a New Version of the BlackCat Ransomware

September 6, 2022

TTPs Associated With a New Version of the BlackCat Ransomware
In this post, we describe a real engagement that we recently handled by giving details about the tools, techniques, and procedures (TTPs) used by this threat actor.
Cyber Threat Intelligence
STRIKE Team
Analysis of APT35 infrastructure reveals interest in Egyptian Shipping Companies

August 31, 2022

Analysis of APT35 infrastructure reveals interest in Egyptian Shipping Companies
Executive Summary SecurityScorecard has identified domains resolving to Iran-linked Advanced Persistent Threat (APT) infrastructure, likely to be used to support phishing campaigns against Egypt-based shipping and marine services companies. In at least three instances, Iran-linked APT actors may have gained unauthorized access to the DNS configuration of legitimate domains to… Read More
STRIKE Team