Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

Addressing the Trust Deficit in Critical Infrastructure

January 18, 2023

Addressing the Trust Deficit in Critical Infrastructure
Global Cybersecurity Risk Measurement and Transparency are Key Despite a decade or more of increased focus on cybersecurity in boardrooms, legislatures, and the media, cyber resilience is getting worse, not better. Increasing cyberattacks and highly publicized breaches have undermined the public’s trust in the resilience of our societies, prompting business… Read More
Cyber Risk Intelligence: LockBit 3.0 Ransomware Group Claims Defense Contractor Breach

January 12, 2023

Cyber Risk Intelligence: LockBit 3.0 Ransomware Group Claims Defense Contractor Breach
Executive Summary On December 2, the LockBit 3.0 ransomware group claimed to have exfiltrated data from a major defense contractor, and threatened to leak stolen files; however, as of December 13, the supposed victim no longer appears on LockBit 3.0’s data leak site. Following the claim, the SecurityScorecard… Read More
Attack Surface Management
Cyber Insurance
Cyber Threat Intelligence
How to Analyze JavaScript Malware – A Case Study of Vjw0rm

January 10, 2023

How to Analyze JavaScript Malware – A Case Study of Vjw0rm
Vjw0rm is a worm that spreads via USB drives and has RAT capabilities because it implements different commands transmitted by the C2 server. It establishes persistence on a machine by copying to the Startup folder and creating a Run registry entry. The malware drops a Java-based RAT called STRRAT, executed using the Java executable that can be found on the local computer or downloaded from a remote URL.
Iran-Attributed Exploitation of Log4Shell Vulnerability

January 6, 2023

Iran-Attributed Exploitation of Log4Shell Vulnerability
Executive Summary CISA and the FBI issued a joint advisory warning of ongoing exploitation of the Log4Shell vulnerability (CVE-2021-44228) on November 16. The advisory noted that an unspecified Iran-linked threat actor group had exploited the vulnerability during an intrusion into a Federal Civilian Executive Branch (FCEB) organization’s network earlier… Read More
Cyber Threat Intelligence
STRIKE Team
A Technical Analysis Of The Royal Ransomware

November 14, 2022

A Technical Analysis Of The Royal Ransomware
This malware encrypts files with the AES algorithm, either fully or partially. The extension of the affected files changes to “.royal”. Find out more in this technical analysis of the Royal Ransomware from SecurityScorecard’s Senior Malware Analyst, Vlad Pasca.
KillNet Operations Against U.S. Targets Persist With Attempted Airport Website Attacks

November 7, 2022

KillNet Operations Against U.S. Targets Persist With Attempted Airport Website Attacks
Executive Summary In October, BleepingComputer reported that the websites of several airports were experiencing service disruptions after KillNet announced that it would target airports throughout the U.S. Researchers leveraged NetFlow data to identify traffic that may reflect a DDoS attack by KillNet. By consulting SecurityScorecard’s internal threat intelligence… Read More
Public Sector
SecurityScorecard Investigation and Response to New and Widespread OpenSSL 3.X Vulnerability

November 1, 2022

SecurityScorecard Investigation and Response to New and Widespread OpenSSL 3.X Vulnerability
Executive Summary News surfaced of a widespread and critical vulnerability affecting OpenSSL versions 3.0 and above on October 25, with details to be made available on November 1. Prior to the vulnerability’s publication, SecurityScorecard developed an emergency informational signal to give customers visibility into products that may be affected. Read More
A Detailed Analysis Of The Gafgyt Malware Targeting IoT Devices

October 18, 2022

A Detailed Analysis Of The Gafgyt Malware Targeting IoT Devices
Learn more in this resource.
A Deep Dive Into the APT28’s stealer called CredoMap

September 27, 2022

A Deep Dive Into the APT28’s stealer called CredoMap
Executive summary: CredoMap APT28 Malware CredoMap is a stealer developed by the Russian APT28/Sofacy/Fancy Bear that was used to target users in Ukraine in the context of the ongoing war between Russia and Ukraine. The malware was initially discovered by Google and CERT-UA. The threat actor… Read More
A Detailed Analysis Of The Quantum Ransomware

September 14, 2022

A Detailed Analysis Of The Quantum Ransomware
Learn more in this resource.
Attack Surface Management
Cyber Insurance
Cyber Threat Intelligence
A Deep Dive Into Black Basta Ransomware

August 15, 2022

A Deep Dive Into Black Basta Ransomware
Executive Summary of Black Basta Ransomware Black Basta ransomware is a recent threat that compiled its first malware samples in February 2022. The ransomware deletes all Volume Shadow Copies, creates a new JPG image set as the Desktop Wallpaper and an ICO file representing the encrypted files. Unlike other ransomware… Read More
STRIKE Team
A Detailed Analysis of the RedLine Stealer

August 1, 2022

A Detailed Analysis of the RedLine Stealer
Executive Summary: What is Redline Stealer? RedLine is a stealer distributed as cracked games, applications, and services. The malware steals information from web browsers, cryptocurrency wallets, and applications such as FileZilla, Discord, Steam, Telegram, and VPN clients. The binary also gathers data about the infected machine, such as the… Read More
STRIKE Team
A Detailed Analysis Of The Red Line Stealer

August 1, 2022

A Detailed Analysis Of The Red Line Stealer
Learn more in this resource.
Cyentia Financial

July 20, 2022

Cyentia Financial
Learn more in this resource.
How To Increase The Value Of Your GRC Platform With Risk Identification And Quantification

July 12, 2022

How To Increase The Value Of Your GRC Platform With Risk Identification And Quantification
Learn more in this resource.
Attack Surface Management
Enterprise Cyber Risk
Security Ratings
Cyentia Fast and Frivolous

June 15, 2022

Cyentia Fast and Frivolous
In many ways, cybersecurity is a race. We race against the actions of malicious adversaries. We race to shore up defenses after the latest headlines of impending cyber doom. We race to fill staffing gaps, streamline processes, and keep up with the latest technologies. We race to assess an ever-growing… Read More
A Detailed Analysis Of The Last Version Of REvil Ransomware

June 13, 2022

A Detailed Analysis Of The Last Version Of REvil Ransomware
Learn more in this resource.
Cyentia Fast And Frivolous

June 6, 2022

Cyentia Fast And Frivolous
Pacing Remediation of Internet-Facing Vulnerabilities
A Deep Dive into Avos Locker Ransomware

May 5, 2022

A Deep Dive into Avos Locker Ransomware
AvosLocker is a ransomware-as-a-service (RaaS) group that appeared in 2021. The malware can run with one of the following parameters: “–help”, “–path”, “–disabledrives”, “–hide”, “–threads”, “–enablesmb”, “–brutesmb”, and “–nomutex.” The ransomware kills a list of targeted processes, deletes all Volume Shadow Copies using two commands, and clears all Windows event logs. The binary can target the logical drives as well as network shares by specifying proper arguments.
The CISO’s Playbook: Stay Ahead of Friday Breach Effects

February 1, 2022

The CISO’s Playbook: Stay Ahead of Friday Breach Effects
SecurityScorecard examined four years of data breach reports to uncover discovery trends for every day of the week. Here’s your Friday Breach Effect Report.
Proactive Security Measures for Global Maritime Shipping

December 17, 2021

Proactive Security Measures for Global Maritime Shipping
New research from SecurityScorecard analyzed the cybersecurity health of 100 global shipping container companies and found that high severity cyber vulnerabilities pose a significant risk to U.S. maritime security and major supply chain risks. Read more in the report here, including what the industry can do to combat these issues.