Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Research
A Technical Analysis Of The Quasar Forked Rat Called Void Rat
VoidRAT is based on the open-source RAT called Quasar. The malware steals information from web browsers and applications such as FileZilla and WinSCP. It also implements a keylogger functionality that saves and exfiltrates the pressed keys.
Case Studies
Avangrid
There’s a trust factor between my organization and Scorecard.
Blog
What is Cyber Threat Hunting?
Master cyber threat hunting with expert techniques and tools to find hidden threats before they cause data breaches.
Cyber Threat Intelligence
Tech Center
Blog
What is Threat Intelligence in Cybersecurity?
Threat intelligence helps you understand, prevent, and mitigate cyber threats. Learn how threat intelligence can benefit your business.
Tech Center
Webinars
Threat Talk Thursday E01
Learn more in this resource.
Case Studies
RSUI
Security ratings are critical to me as an underwriter because cyber landscape is continuously evolving
Cyber Insurance
Case Studies
RSUI
Security ratings are critical to me as an underwriter because cyber landscape is continuously evolving
Cyber Insurance
Blog
Fortinet Fortigate Vulnerability CVE-2023-27997: How to Surface Exposed Devices and Mitigate the Threat
Recently, a critical vulnerability tracked as CVE-2023-27997 was identified in Fortinet Fortigate appliances. This vulnerability has been exploited by the Chinese APT group Volt Typhoon, among others, targeting governments and organizations worldwide. \r\n\r\nAs a result, Fortinet has released an urgent patch for affected systems. For a more detailed understanding of this vulnerability and the corresponding patch, you can read this Fortinet blog post.\r\n
Cyber Threat Intelligence
Webinars
Building a Strong Defense: Red Team Insights for Cybersecurity
Learn more in this resource.
Webinars
Fighting Together: TSA, Critical Infrastructure, And Cyber Risk Management
Learn more in this resource.
Public Sector
Blog
Cybersecurity Risk is a Business Risk: Upcoming SEC Regulations Make Security Transparency Mandatory
During an interview on Nasdaq Trade Talks, SecurityScorecard CEO, Aleksandr Yampolskiy, discussed the impact of upcoming regulations by the SEC.
Services
Research
Android Malware on the Rise – A case study of AhMyth RAT
The malicious application is based on the open-source Android RAT called AhMyth. The following commands are implemented: taking pictures, exfiltrating phone call logs and phone contacts, stealing files and SMS messages from the phone, tracking the device’s location, recording audio, and sending SMS messages. The network communication with the C2 server is done by switching from HTTP to WebSocket via the Socket.IO library.
Blog
SecurityScorecard Identifies Infrastructure Linked to Widespread MOVEit Vulnerability Exploitation
SecurityScorecard shares its findings into a widespread MOVEit exploit which affected a number of high profile organizations.
Cyber Threat Intelligence
Webinars
Uniting Against the MOVEit Exploit Campaign
Learn more in this resource.
Data Sheet
Close Encounters in the Insurance Sector
Learn more in this resource.
Cyber Insurance
Data Sheet
Close Encounters in the Insurance Sector
Learn more in this resource.
Cyber Insurance
Blog
Three Steps to Prevent a Cybersecurity Breach from MOVEit Exploit: SecurityScorecard’s investigation into Zellis reach uncovers 2,500 exposed MOVEit servers across 790 organizations
Learn about SecurityScorecard’s investigation into the Zellis breach, which uncovered over 2.500 vulnerable servers across 790 organizations.
Cyber Threat Intelligence
Webinars
Metrics That Matter: Measuring And Communicating Progress In Cyber In 2023
Learn more in this resource.
Webinars
Using Artificial Intelligence to Manage Cyber Risk
Learn more in this resource.
Data Sheet
SecurityScorecard Capabilities Statement
Learn more in this resource.
Public Sector
Research
Close Encounters in the Healthcare Sector
Learn more in this resource.
Healthcare