Introducing MAX — Take supply chain cyber risk management to the MAX
Leverage unparalleled research to make smarter, faster business decisions
- Research, White Paper
Expand Your Vendor Intelligence To Identify Active Threats
February 28, 2023Research by Ponemon Institute reports that 59% of survey respondents haveconfirmed that their organization has experienced a data breach caused byone of their third parties, with 54% of the incidents occurring in the past12 months. What is more alarming is that only 34% of organizations areconfident their suppliers would notify them of a breach that couldput their business at risk. As the global attack surface continuesto expand, it’s more important than ever to tighten and matureThird- Party Risk Management (TPRM) programs, alsoreferred to as Vendor Risk Management. Staying ahead ofweaponized vulnerabilities and threat actors targetingyour vendors’ assets decreases the chances of acyber disruption to your organization.
More DetailsAttack Surface Management, Cyber Threat Intelligence, Enterprise Cyber Risk, Security Ratings, Supply Chain Cyber Risk - Research
SecurityScorecard Analysis of Traffic Involving Storm-0558 IoCs
August 16, 2023On July 11th, 2023, Microsoftdisclosed that a threat actor hadobtained a Microsoft private encryption key that allowed attackersto generate tokens enabling accessto customers’ Exchange Online andOutlook[.]com accounts.Subsequent research found that thecompromised key could have grantedaccess to a wider variety of applications including Azure Active Directory,SharePoint, Teams, and OneDrive.
More Details - Research
Close Encounters in the Finance Sector
May 25, 2023It’s often said that cyber defenses are only as strong as the weakest link, which applies equally to individual organizations and their supply chains. Headlines of breaches stemming from third (and fourth) parties routinely testify to the truth behind the adage. As a result, most finance firms know the risks imposed by these “close encounters” with third and fourth parties. But what can be done about those risks? SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourthparty vendors, and explored the effects of that exposure to gain insights on better managing risk.
More Details - Research
Cyentia Fast And Frivolous
June 6, 2022Pacing Remediation of Internet-Facing Vulnerabilities
More Details - Research
How to Analyze JavaScript Malware – A Case Study of Vjw0rm
January 10, 2023Vjw0rm is a worm that spreads via USB drives and has RAT capabilities because it implements different commands transmitted by the C2 server. It establishes persistence on a machine by copying to the Startup folder and creating a Run registry entry. The malware drops a Java-based RAT called STRRAT, executed using the Java executable that can be found on the local computer or downloaded from a remote URL.
More DetailsVlad Pasca
- Research
A Technical Analysis Of The Royal Ransomware
November 14, 2022This malware encrypts files with the AES algorithm, either fully or partially. The extension of the affected files changes to “.royal”. Find out more in this technical analysis of the Royal Ransomware from SecurityScorecard’s Senior Malware Analyst, Vlad Pasca.
More DetailsVlad Pasca
- Research
A Deep Dive Into A Posh C2 Implant
February 19, 2023PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can generate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a Python3 implant.
More Details - Research
How To Analyze Java Malware – A Case Study Of Strrat
May 3, 2023STRRAT is a Java-based malware that executes multiple commands transmitted by the C2 server. The JAR file was obfuscated using the Allatori obfuscator. It establishes persistence on the host by copying to the Startup folder and creating a scheduled task and a Run registry entry.
More DetailsVlad Pasca
- Research
Reduce Cyber Risk with the Predictive Power of Security Ratings
March 21, 2023The Marsh McLennan Global Cyber Risk Analytics Center and SecurityScorecard have come together to study how cybersecurity ratings correlate with reduced cyber insurance risk.
More DetailsCyber Insurance