Resources

Blog
Cybersecurity Risk is a Business Risk: Upcoming SEC Regulations Make Security Transparency Mandatory
June 22, 2023
During an interview on Nasdaq Trade Talks, SecurityScorecard CEO, Aleksandr Yampolskiy, discussed the impact of upcoming regulations by the SEC.
More Details
Services
Research
Android Malware on the Rise – A case study of AhMyth RAT
June 21, 2023
The malicious application is based on the open-source Android RAT called AhMyth. The following commands are implemented: taking pictures, exfiltrating phone call logs and phone contacts, stealing files and SMS messages from the phone, tracking the device’s location, recording audio, and sending SMS messages. The network communication with the C2 server is done by switching from HTTP to WebSocket via the Socket.IO library.
More Details
Vlad Pasca
Blog
SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation
June 20, 2023
SecurityScorecard shares its findings into a widespread MOVEit exploit which affected a number of high profile organizations.
More Details
Cyber Threat Intelligence
Webinar
Uniting Against the MOVEit Exploit Campaign
June 15, 2023More Details
Research
Close Encounters in the Insurance Sector
June 12, 2023More Details
Cyber Insurance
Blog
Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit: SecurityScorecard’s investigation into Zellis reach uncovers 2,500 exposed MOVEit servers across 790 organizations
June 7, 2023
Learn about SecurityScorecard's investigation into the Zellis breach, which uncovered over 2.500 vulnerable servers across 790 organizations.
More Details
Cyber Threat Intelligence
Webinar
Metrics That Matter: Measuring And Communicating Progress In Cyber In 2023
May 25, 2023More Details
Webinar
Using Artificial Intelligence to Manage Cyber Risk
May 25, 2023More Details
Data Sheet
SecurityScorecard Capabilities Statement
May 25, 2023More Details
Public Sector
Research
Close Encounters in the Healthcare Sector
May 25, 2023More Details
Healthcare
Research
Close Encounters in the Public Sector
May 25, 2023
SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourth-party vendors, and explored the effects of that exposure to gain insights on better managing risk. This document summarizes key findings from that research using a subset of the data focusing on 7,347 public sector organizations.
More Details
Public Sector
Research
Close Encounters in the Finance Sector
May 25, 2023
It’s often said that cyber defenses are only as strong as the weakest link, which applies equally to individual organizations and their supply chains. Headlines of breaches stemming from third (and fourth) parties routinely testify to the truth behind the adage. As a result, most finance firms know the risks imposed by these “close encounters” with third and fourth parties. But what can be done about those risks? SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourthparty vendors, and explored the effects of that exposure to gain insights on better managing risk.
More Details