Cybersecurity white papers, data sheets, webinars, videos and more

August 5, 2023

Cybersecurity and Executive (dis)Orders: Cognitive and Systemic Risk in the Boardroom

This Board Risk Report focuses on what boards of directors can do to understand the nature of cognitive and systemic risk, their impact at the board level, better understand the unique dimensions of cyber risk, and understand emerging principles for modern cybersecurity governance

July 17, 2023

A Technical Analysis Of The Quasar Forked Rat Called Void Rat

VoidRAT is based on the open-source RAT called Quasar. The malware steals information from web browsers and applications such as FileZilla and WinSCP. It also implements a keylogger functionality that saves and exfiltrates the pressed keys.

June 21, 2023

Android Malware on the Rise – A case study of AhMyth RAT

The malicious application is based on the open-source Android RAT called AhMyth. The following commands are implemented: taking pictures, exfiltrating phone call logs and phone contacts, stealing files and SMS messages from the phone, tracking the device’s location, recording audio, and sending SMS messages. The network communication with the C2 server is done by switching from HTTP to WebSocket via the Socket.IO library.

June 12, 2023

Close Encounters in the Insurance Sector

Learn more in this resource.

Cyber Insurance

May 25, 2023

Close Encounters in the Healthcare Sector

Learn more in this resource.

Healthcare

May 25, 2023

Close Encounters in the Public Sector

SecurityScorecard and the Cyentia Institute recently teamed up to analyze data collected on over 230,000 organizations for clues about the underlying conditions exacerbating third- and fourth-party risk. We measured the extent of digital supply chains, investigated the prevalence of security incidents among third- and fourth-party vendors, and explored the effects of that exposure to gain insights on better managing risk.\r\n\r\nThis document summarizes key findings from that research using a subset of the data focusing on 7,347 public sector organizations.

Public Sector

May 25, 2023

Close Encounters in the Finance Sector

It’s often said that cyber defenses are only as strong as\r\nthe weakest link, which applies equally to individual\r\norganizations and their supply chains. Headlines of\r\nbreaches stemming from third (and fourth) parties\r\nroutinely testify to the truth behind the adage. As a result,\r\nmost finance firms know the risks imposed by these\r\n“close encounters” with third and fourth parties. But what\r\ncan be done about those risks?\r\nSecurityScorecard and the Cyentia Institute recently\r\nteamed up to analyze data collected on over 230,000\r\norganizations for clues about the underlying conditions\r\nexacerbating third- and fourth-party risk. We measured\r\nthe extent of digital supply chains, investigated the\r\nprevalence of security incidents among third- and fourthparty vendors, and explored the effects of that exposure\r\nto gain insights on better managing risk.

May 22, 2023

A Deep Dive Into Medusa Ransomware

Medusa ransomware appeared in June 2021, and it became more active this year by launchingthe “Medusa Blog” containing data leaked from victims that didn’t pay the ransom. The malwarestops a list of services and processes decrypted at runtime and deletes the Volume ShadowCopies.

May 3, 2023

How To Analyze Java Malware – A Case Study Of Strrat

STRRAT is a Java-based malware that executes multiple commands transmitted by the C2\r\nserver. The JAR file was obfuscated using the Allatori obfuscator. It establishes persistence on\r\nthe host by copying to the Startup folder and creating a scheduled task and a Run registry entry.

April 3, 2023

[レポート] 重要インフラにおける 信頼性低下への対応

Learn more in this resource.

March 29, 2023

Revisiting Heavens Gate With Lumma Stealer

Learn more in this resource.

March 22, 2023

Managing Third-Party Risk In The Era Of Zero Trust

Given such a large expansion of attack surface, it is no surprise that 91%of respondents had experienced a security incident during the past 12months that tied back to one of those third parties. That ubiquitous threat is likely why respondents by and large expressed some level of concern with experiencing another breach or falling out of compliance due to a partner vulnerable to attacks

Attack Surface Management

Cyber Threat Intelligence

Supply Chain Cyber Risk

March 21, 2023

Reduce Cyber Risk with the Predictive Power of Security Ratings

The Marsh McLennan Global Cyber Risk Analytics Center and SecurityScorecard have come together to study how cybersecurity ratings correlate with reduced cyber insurance risk.

Cyber Insurance

March 7, 2023

ESXi Ransomware A Case Study Of Royal Ransomware

Learn more in this resource.

February 28, 2023

Expand Your Vendor Intelligence To Identify Active Threats

Research by Ponemon Institute reports that 59% of survey respondents haveconfirmed that their organization has experienced a data breach caused byone of their third parties, with 54% of the incidents occurring in the past12 months. What is more alarming is that only 34% of organizations areconfident their suppliers would notify them of a breach that couldput their business at risk. As the global attack surface continuesto expand, it’s more important than ever to tighten and matureThird- Party Risk Management (TPRM) programs, alsoreferred to as Vendor Risk Management. Staying ahead ofweaponized vulnerabilities and threat actors targetingyour vendors’ assets decreases the chances of acyber disruption to your organization.

Attack Surface Management

Cyber Threat Intelligence

Enterprise Cyber Risk

February 19, 2023

A Deep Dive Into A Posh C2 Implant

PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can generate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a Python3 implant.

February 9, 2023

ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability

Executive Summary On February 3, European hosting providers and computer emergency response teams (CERTs) began warning of a widespread ransomware campaign exploiting CVE-2021-21974, a VMWare ESXi vulnerability for which a patch has been available since February 2021. Shortly after the warnings’ publication, SecurityScorecard developed an emergency informational… Read More

Cyber Threat Intelligence

February 9, 2023

Ransomware Attack Against U.S. Public Housing Authority Linked to Previous Attacks

Executive Summary On January 3, local media reported that a major U.S. city’s housing authority had suffered a ransomware attack. The LockBit ransomware group, which has made false claims in the past, took responsibility for the incident. As of this publication, the housing authority has announced a disruption, but… Read More

Cyber Threat Intelligence

Public Sector

February 6, 2023

A Detailed Analysis Of A New Stealer Called Stealerium

Learn more in this resource.

February 1, 2023

Cyentia Institute and SecurityScorecard Research Report: Close Encounters of the Third (and Fourth) Party Kind

Learn more in this resource.

January 25, 2023

Close Encounters Of The Third And Fourth Party Kind

Learn more in this resource.