Research
-
ResearchCyber Risk Intelligence: Idaho National Laboratory Data Breach
December 5, 2023On November 20, a spokesperson for Idaho National Laboratory (INL) confirmed that it had suffered a data breach. The confirmation followed the SiegedSec threat actor group’s circulation of claims that it had “accessed hundreds of thousands of user, employee and citizen data” on social media and hacking forums.
More DetailsPublic Sector -
ResearchEnergy Sector Cybersecurity Report: Navigating Third-Party Cyber Risk
December 5, 2023SecurityScorecard threat researchers have identified that 90% of the world’s largest energy companies experienced a third party breach in the past 12 months. Fueling the global economy and daily life, reliance on the energy sector elevates it as a prime target for cyberattacks.
More DetailsCyber Threat Intelligence -
ResearchCyber Risk Intelligence: Iran-Linked Attack on U.S. Water Treatment Facility
December 4, 2023On November 25, a U.S. municipal water authority confirmed that one of its booster stations had suffered an attack by a threat actor group known as CyberAv3ngers, which analysts believe acts in support of Iranian geopolitical interests.
More DetailsPublic Sector -
ResearchNew Deep and Dark Web Collections Regarding the Israel-Hamas War
October 20, 2023More Details -
ResearchCyber Risk Intelligence: Cyber Activity, Israeli Industrial Control Systems, and the Israel-Hamas War
October 16, 2023More DetailsCyber Threat Intelligence -
ResearchAttack Surface Intelligence Identifies Additional Cuba Ransomware-Linked Indicators of Compromise
September 28, 2023More Details -
ResearchSecurityScorecard Analysis of Traffic Involving Storm-0558 IoCs
August 16, 2023On July 11th, 2023, Microsoftdisclosed that a threat actor hadobtained a Microsoft private encryption key that allowed attackersto generate tokens enabling accessto customers’ Exchange Online andOutlook[.]com accounts.Subsequent research found that thecompromised key could have grantedaccess to a wider variety of applications including Azure Active Directory,SharePoint, Teams, and OneDrive.
More Details -
ResearchA technical analysis of the Underground ransomware deployed by Storm-0978
August 14, 2023More Details -
ResearchCybersecurity and Executive (dis)Orders: Cognitive and Systemic Risk in the Boardroom
August 5, 2023This Board Risk Report focuses on what boards of directors can do to understand the nature of cognitive and systemic risk, their impact at the board level, better understand the unique dimensions of cyber risk, and understand emerging principles for modern cybersecurity governance
More Details
