Introducing MAX — Take supply chain cyber risk management to the MAX

Explore MAX
Close

Research

Filter by:

Asset types

Tags

Reset Filter

    Showing 25- 36 of 97

    • Research

      Investigation into Breached Australian Organizations

      In mid-March, two Australian financial and professional services firms reported data breaches. These were followed by a series of cyber incidents affecting large Australian firms throughout 2022 and early 2023. As a result, some reporting on the incidents presented them as indications of systematic shortcomings in the country’s cyber defenses.

      More Details
      Cyber Threat Intelligence
    • Research

      Investigation into Last Month’s Royal Ransomware Attack Against a City Government

      On May 1, local media reported that a city government had suffered a disruption resulting from an attack claimed by the Royal ransomware group.

      More Details
      Cyber Threat Intelligence, Public Sector
    • Research

      LockBit Ransomware Group Claims Attack Against Prominent Taiwanese Semiconductor Firm

      On June 29, the LockBit ransomware group added an entry for a major semiconductor manufacturer to its data leak site.

      More Details
      Attack Surface Management, Cyber Insurance, Cyber Threat Intelligence, Supply Chain Cyber Risk
    • Research

      SecurityScorecard Identifies Possible Flax Typhoon Infrastructure

      On August 24, Microsoft published its analysis of espionage activity it attributes to a new threat actor group tracked as Flax Typhoon, which it assesses to act on behalf of the People’s Republic of China.

      More Details
      Cyber Threat Intelligence
    • Research

      Cyber Risk Intelligence Update: STRIKE Team Investigation Identifies Possible Flax Typhoon Links to Higher Education

      Following Microsoft’s identification of Flax Typhoon, a new threat actor group believed to conduct espionage on behalf of the People’s Republic of China (PRC), the STRIKE Team used SecurityScorecard’s data to investigate the IoCs Microsoft supplied in its report. This investigation yielded a collection of new IP addresses featuring the same TLS certificates that Microsoft linked to Flax Typhoon.

      More Details
      Cyber Threat Intelligence, Public Sector
    • Research

      Daixin Team Ransomware Group Claimed Airline Ransomware Attack

      More Details
      Cyber Threat Intelligence, Public Sector
    • Research

      Cyber Risk Intelligence: County Government Cyber Incident May Have Involved Social Engineering and Targeting of Vulnerable SSH Services

      More Details

      Dr. Rob Ames, Staff Threat Researcher

      Cyber Threat Intelligence, Public Sector
    • Research

      SecurityScorecard Investigation and Response to New and Widespread OpenSSL 3.X Vulnerability

      November 1, 2022More Details

      Rob Ames, PhD, Staff Threat Researcher; Ryan Sherstobitoff, SVP of Threat Intelligence; Tien Phan, Staff Threat Researcher; Jared M. Smith, PhD, Senior Director of Threat Research; Ondřej Janda, Staff Software Engineer

    • Research

      A Detailed Analysis of the RedLine Stealer

      August 1, 2022More Details
    • Research

      Microsoft ProxyNotShell Zero Days

      Prepared by: Rob Ames, Staff Threat Researcher, Jared M. Smith, Ph.D., Senior Director of Threat Research, Ryan Sherstobitoff, SVP of Threat Intelligence

      More Details
    • Research

      A Detailed Analysis Of A New Stealer Called Stealerium

      February 6, 2023More Details
    • Research

      Close Encounters in the Healthcare Sector

      May 25, 2023More Details