Introducing MAX — Take supply chain cyber risk management to the MAX
Leverage unparalleled research to make smarter, faster business decisions
- Research
The CISO’s Playbook: Stay Ahead of Friday Breach Effects
February 1, 2022SecurityScorecard examined four years of data breach reports to uncover discovery trends for every day of the week. Here’s your Friday Breach Effect Report.
More Details - Research
Proactive Security Measures for Global Maritime Shipping
December 17, 2021New research from SecurityScorecard analyzed the cybersecurity health of 100 global shipping container companies and found that high severity cyber vulnerabilities pose a significant risk to U.S. maritime security and major supply chain risks. Read more in the report here, including what the industry can do to combat these issues.
More Details - Research
A Deep Dive into Avos Locker Ransomware
May 5, 2022AvosLocker is a ransomware-as-a-service (RaaS) group that appeared in 2021. The malware can run with one of the following parameters: “--help”, “--path”, “--disabledrives”, “--hide”, “--threads”, “--enablesmb”, “--brutesmb”, and “--nomutex.” The ransomware kills a list of targeted processes, deletes all Volume Shadow Copies using two commands, and clears all Windows event logs. The binary can target the logical drives as well as network shares by specifying proper arguments.
More Details - Research
Managing Third-Party Risk In The Era Of Zero Trust
March 22, 2023Given such a large expansion of attack surface, it is no surprise that 91%of respondents had experienced a security incident during the past 12months that tied back to one of those third parties. That ubiquitous threat is likely why respondents by and large expressed some level of concern with experiencing another breach or falling out of compliance due to a partner vulnerable to attacks
More DetailsAttack Surface Management, Cyber Threat Intelligence, Supply Chain Cyber Risk - Research
Cybersecurity and Executive (dis)Orders: Cognitive and Systemic Risk in the Boardroom
August 5, 2023This Board Risk Report focuses on what boards of directors can do to understand the nature of cognitive and systemic risk, their impact at the board level, better understand the unique dimensions of cyber risk, and understand emerging principles for modern cybersecurity governance
More Details - Research
Close Encounters in the Public Sector
May 25, 2023SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourth-party vendors, and explored the effects of that exposure to gain insights on better managing risk. This document summarizes key findings from that research using a subset of the data focusing on 7,347 public sector organizations.
More DetailsPublic Sector - Research
Cyber Risk Intelligence: Iran-Linked Attack on U.S. Water Treatment Facility
December 4, 2023On November 25, a U.S. municipal water authority confirmed that one of its booster stations had suffered an attack by a threat actor group known as CyberAv3ngers, which analysts believe acts in support of Iranian geopolitical interests.
More DetailsPublic Sector - Research
Cyber Risk Intelligence: Idaho National Laboratory Data Breach
December 5, 2023On November 20, a spokesperson for Idaho National Laboratory (INL) confirmed that it had suffered a data breach. The confirmation followed the SiegedSec threat actor group’s circulation of claims that it had “accessed hundreds of thousands of user, employee and citizen data” on social media and hacking forums.
More DetailsPublic Sector - Research
Japan’s Nikkei 225 Index: The State of Cybersecurity in Japan
December 12, 2023This research presents an analysis of the cybersecurity landscape of the Nikkei 225 index. Companies were ranked based on various factors, such as network security, potential malware exploits, and patching cadence.
More DetailsCyber Threat Intelligence, Security Ratings - Research
North Korean State-Sponsored Cyber Attack: Unveiling the Intricacies of Threat Actor Group Andariel
January 10, 2024This SecurityScorecard threat research sheds light on a significant cyber attack attributed to North Koreans tate-sponsored actors known as Andariel, emphasizing the critical role that South Korea plays both as a target and a source of infrastructure for these threat actors.
More DetailsCyber Threat Intelligence - Research
Energy Sector Cybersecurity Report: Navigating Third-Party Cyber Risk
December 5, 2023SecurityScorecard threat researchers have identified that 90% of the world’s largest energy companies experienced a third party breach in the past 12 months. Fueling the global economy and daily life, reliance on the energy sector elevates it as a prime target for cyberattacks.
More DetailsCyber Threat Intelligence