Resources

Research
Close Encounters in the Finance Sector
May 25, 2023
It’s often said that cyber defenses are only as strong as the weakest link, which applies equally to individual organizations and their supply chains. Headlines of breaches stemming from third (and fourth) parties routinely testify to the truth behind the adage. As a result, most finance firms know the risks imposed by these “close encounters” with third and fourth parties. But what can be done about those risks? SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourthparty vendors, and explored the effects of that exposure to gain insights on better managing risk.
More Details
Research
A Deep Dive Into Medusa Ransomware
May 22, 2023
Medusa ransomware appeared in June 2021, and it became more active this year by launchingthe “Medusa Blog” containing data leaked from victims that didn’t pay the ransom. The malwarestops a list of services and processes decrypted at runtime and deletes the Volume ShadowCopies.
More Details
Vlad Pasca
Press
SecurityScorecard Achieves AWS Level 1 Managed Security Service Provider Competency Status
May 16, 2023
SecurityScorecard is the First SaaS Provider to Achieve Competency in Business Continuity and Ransomware Readiness Specification Category.
More Details
AWS
Press
Transportation Security Administration Chooses SecurityScorecard to Deliver New Era of Resiliency for Critical Infrastructure
May 16, 2023
TSA partners with SecurityScorecard to enhance critical infrastructure resilience through automated cyber ratings and threat intelligence.
More Details
Webinar
Beyond the Breach: Partnering with the FBI to fight Cybercrime
May 11, 2023More Details
Public Sector
Webinar
Building a Sustainable Cyber Insurance Market
May 4, 2023More Details
Cyber Insurance
Research
How To Analyze Java Malware – A Case Study Of Strrat
May 3, 2023
STRRAT is a Java-based malware that executes multiple commands transmitted by the C2 server. The JAR file was obfuscated using the Allatori obfuscator. It establishes persistence on the host by copying to the Startup folder and creating a scheduled task and a Run registry entry.
More Details
Webinar
Being Proactive with Security: Deep Dive into Security Testing
April 26, 2023More Details
Press
SecurityScorecard Launches First and Only Security Ratings Platform with Natural Language Processing Capabilities, Providing Customers with Faster Security Insights
April 25, 2023More Details
Security Ratings
Data Sheet
SecurityScorecard
April 20, 2023More Details
Security Ratings, Third-Party Risk Management
Webinar
Reduce Cyber Threat Exposure with a 360-degree Solution
April 19, 2023More Details
Blog
Prepare for Zero-Day Threats: Military and Private Sector Leaders Share Their Insights
April 14, 2023
Leading cybersecurity experts Major General John F. Wharton, (US Army retired); Oleg Strizhak, Shell’s Digital Supply Chain Risk Manager; and Sam Curry, the CISO of Zscaler, recently sat down with SecurityScorecard’s President of International Operations Matthew McKenna to discuss how organizations can prepare themselves and their supply chains for zero-day attacks, preventing and responding to them, as well as best practices for supply chain risk management.
More Details
Cyber Threat Intelligence, Public Sector