Our Latest Resources
Explore our cybersecurity white papers, data sheets, webinars, videos and more.
-
Ebook
Compliance Officer Action Plan
October 20, 2022The plan to creating an innovative security program as a Compliance Officer. How can highly regulated companies stay innovative in their security and risk programs if they need to invest significant energy toward the deluge of audits, regulator exams and control assessments?
More Details -
Ebook
Evolve from Risk Management to Risk Intelligence
Proven Strategies to Drive a Risk Intelligence Program in Your Organization
More Details -
A Deep Dive into BianLian Ransomware
December 2, 2020BianLian ransomware is a Golang malware that performed targeted attacks across multiple industries in 2022. The ransomware employed anti-analysis techniques consisting of API calls that would likely crash some sandboxes/automated analysis systems. The malware targets all drives identified on the machine and deletes itself after the encryption is complete.
More DetailsVlad Pasca
-
White Paper
DORA and Cyber Risk: A New Framework for Third-Party Risk in the European Union
DORA is an effort to build resilience within the financial service sector by requiring financial services organizations to establish and monitor networks of trust amongst themselves and their ICT vendors. However, trust requires verification through monitoring and transparency.
More DetailsVlad Pasca
Attack Surface Management, Cyber Threat Intelligence, DORA, Enterprise Cyber Risk, Security Ratings, Supply Chain Cyber Risk -
Research
SecurityScorecard Validation Assessment Summary
Online found SecurityScorecard’s footprinting to be very accurate. Over the course of testing Online evaluated SecurityScorecard’s data for a total of 13 unique, unrelated, and randomly selected domains and found SecurityScorecard’s attribution process to have an accuracy of 95%. The accuracy for positively attributing IP Addresses was found to be 94% while for DNS Records it was found to be 100%.
More DetailsVlad Pasca
-
Research
Android Malware on the Rise – A case study of AhMyth RAT
June 21, 2023The malicious application is based on the open-source Android RAT called AhMyth. The following commands are implemented: taking pictures, exfiltrating phone call logs and phone contacts, stealing files and SMS messages from the phone, tracking the device’s location, recording audio, and sending SMS messages. The network communication with the C2 server is done by switching from HTTP to WebSocket via the Socket.IO library.
More DetailsVlad Pasca
-
Blog
Threat Intelligence Research: Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days
January 11, 2024The SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has been investigating covert infrastructure linked to Volt Typhoon, a state-sponsored threat actor group believed to act on behalf of the People’s Republic of China. The group conducts multiple types of cyberattacks, but its use of compromised small office and home office (SOHO) equipment such as routers and firewalls is a recurring theme.
More DetailsCyber Threat Intelligence -
Research, White Paper
How To Increase The Value Of Your GRC Platform With Risk Identification And Quantification
July 12, 2022More DetailsAttack Surface Management, Enterprise Cyber Risk, Security Ratings, Supply Chain Cyber Risk -
Ebook
5 Tips To Know You Are Using Data You Can Trust
August 30, 2023Organizations need to trust their data and be confident that their customers, clients, and vendors can trust it as well. This means knowing that it’s accurate, reliable, and secure. How can this be accomplished?
More Details -
Data Sheet
SecurityScorecard Solutions for Cyber Insurance Portfolio Management
November 9, 2021More DetailsCyber Insurance