New disclosures regarding the widespread exploitation of CVE-2023-34362, a new vulnerability affecting the MOVEit file transfer software, and the Cl0p ransomware group’s claim of responsibility for its widespread exploitation and the resulting data theft, have continued in the weeks since the vulnerability’s original publication.
In a climate where companies largely gain attention only when something negative happens, it’s time to celebrate and recognize the companies who are best in class when it comes to cybersecurity. That’s why we applaud Forbes’ decision to produce the industry’s first list of America’s Most Cybersecure Companies. These companies illuminate how cybersecurity is being taken seriously as a core business issue.
SecurityScorecard conducted an extensive investigation into the Zellis breach. This research revealed alarming insights about the scale and persistence of the attack. The data exfiltration was carried out in several steps: Netflow data from Zellis IP ranges indicated large outbound transfers over HTTPS, which pointed towards the presence of a web shell. Additionally, SecurityScorecard researchers detected exfiltration over SSH to known malicious IP addresses.
In the ever-evolving cybersecurity landscape, staying ahead of potential threats is crucial. Attack Surface Intelligence (ASI) is vital in identifying vulnerabilities and mitigating risks. This blog post will discuss the latest data updates in ASI and the exciting developments within our threat research group.
Cyber insurance is the fastest-growing sector of the world’s insurance markets. But, a recent increase in ransomware attacks and business email compromises has led to a sharp uptick in claims, resulting in significant losses for cyber insurers and increased premiums. Cyber insurance customers need a way to increase their cyber resilience, reduce premiums, and improve their cyber postures.
Last week, SecurityScorecard was invited to participate in a fireside chat with Michael Daniel, President & CEO of the Cyber Threat Alliance (CTA). SecurityScorecard’s Chief Business Officer, Sachin Bansal, joined Daniel for a lively discussion regarding how to measure cyber health and clearly communicate progress against those metrics.
Most malware security researchers encounter in the wild is written in C or C++. These languages provide low-level system access and control, plus performance, allowing threat actors to create highly efficient and stealthy code. But that doesn’t mean cybercriminals are limited to those two languages. SecurityScorecard recently reverse-engineered the Vjw0rm worm written in JavaScript and the Java-based STRRAT remote access trojan (RAT).
The public sector is critical to national and international security. Yet, new research from SecurityScorecard and the Cyentia Institute found that 61.6% of public sector agencies have open cyber vulnerabilities, taking a median of 309 days to remediate. What’s more, 53% of public sector agencies are losing ground closing their cyber vulnerabilities, due in large part to a greater reliance on third-party vendors with less-than-optimal cybersecurity hygiene.
As part of our continued commitment to making the world a safer place, SecurityScorecard recently partnered with the Transportation Security Administration (TSA). This partnership will enable the agency to more accurately monitor and assess the cyber health of the nation’s pipeline, rail, and aviation transportation systems.
