Introducing MAX — Take supply chain cyber risk management to the MAX
Leverage unparalleled research to make smarter, faster business decisions
-
Research
Investigation into Last Month’s Royal Ransomware Attack Against a City Government
On May 1, local media reported that a city government had suffered a disruption resulting from an attack claimed by the Royal ransomware group.
More DetailsCyber Threat Intelligence, Public Sector -
Research
LockBit Ransomware Group Claims Attack Against Prominent Taiwanese Semiconductor Firm
On June 29, the LockBit ransomware group added an entry for a major semiconductor manufacturer to its data leak site.
More DetailsAttack Surface Management, Cyber Insurance, Cyber Threat Intelligence, Supply Chain Cyber Risk -
Research
SecurityScorecard Identifies Possible Flax Typhoon Infrastructure
On August 24, Microsoft published its analysis of espionage activity it attributes to a new threat actor group tracked as Flax Typhoon, which it assesses to act on behalf of the People’s Republic of China.
More DetailsCyber Threat Intelligence -
Research
Cyber Risk Intelligence Update: STRIKE Team Investigation Identifies Possible Flax Typhoon Links to Higher Education
Following Microsoft’s identification of Flax Typhoon, a new threat actor group believed to conduct espionage on behalf of the People’s Republic of China (PRC), the STRIKE Team used SecurityScorecard’s data to investigate the IoCs Microsoft supplied in its report. This investigation yielded a collection of new IP addresses featuring the same TLS certificates that Microsoft linked to Flax Typhoon.
More DetailsCyber Threat Intelligence, Public Sector -
Research
Daixin Team Ransomware Group Claimed Airline Ransomware Attack
More DetailsCyber Threat Intelligence, Public Sector -
Research
Cyber Risk Intelligence: County Government Cyber Incident May Have Involved Social Engineering and Targeting of Vulnerable SSH Services
More DetailsDr. Rob Ames, Staff Threat Researcher
Cyber Threat Intelligence, Public Sector -
Research
SecurityScorecard Investigation and Response to New and Widespread OpenSSL 3.X Vulnerability
November 1, 2022More DetailsRob Ames, PhD, Staff Threat Researcher; Ryan Sherstobitoff, SVP of Threat Intelligence; Tien Phan, Staff Threat Researcher; Jared M. Smith, PhD, Senior Director of Threat Research; Ondřej Janda, Staff Software Engineer
-
Research
Microsoft ProxyNotShell Zero Days
Prepared by: Rob Ames, Staff Threat Researcher, Jared M. Smith, Ph.D., Senior Director of Threat Research, Ryan Sherstobitoff, SVP of Threat Intelligence
More Details