Read the latest blog posts published weekly.
Blog
Forrester Includes SecurityScorecard in Cybersecurity Risk Ratings (CRR) Landscape Report
March 12, 2024
To help sift through the ever-growing field of cybersecurity ratings, Forrester recently published The Cybersecurity Risk Ratings Platforms Landscape, Q1 2024. SecurityScorecard is proud to be included in this landscape, in the company of other notable vendors in the field. Once a misunderstood technology, Cybersecurity Risk Ratings platforms (CRRs) have earned their place in the spotlight in the last several years.
Bennett Morrison, Vice President of Product & Strategy
Blog
Infosys McCamish Systems Third-Party Breach: Possible Attack Vectors and Infrastructure
March 12, 2024
In response to the identification of Infosys McCamish Systems (IMS) as the point of origin for a third-party data breach claimed by the LockBit ransomware group, SecurityScorecard researchers reviewed findings on the security hygiene of IMS.
Rob Ames and Paul Prudhomme, Threat Research and Intelligence, SecurityScorecard
Blog, Learning Center
Defender for Endpoint: Transforming Endpoint Security with Advanced Threat Protection
March 8, 2024
Explore how Microsoft's Sentinel transforms cybersecurity with AI, offering advanced threat detection and automated responses.
Blog
New Malware Attributed to Russian Hacking Group APT28
March 6, 2024
Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting Ukrainian state organizations attributed to the Kremlin-backed nation-state group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP,” detailed in this whitepaper.
Blog, Learning Center
SMB Port Numbers: A Guide to Optimizing and Securing Your Network
March 6, 2024
Explore SMB port security and optimization for your network, including risks and best practices for safeguarding your digital infrastructure.
Blog, Learning Center
What is Sentinel? Harnessing the Power of Cloud-Native SIEM for Modern Cybersecurity Challenges
March 6, 2024
Explore how Microsoft's Sentinel SIEM solution transforms cybersecurity with AI, offering advanced threat detection and automated responses.
Blog, Learning Center
Proactive Strategies to Prevent Ransomware Attacks
March 4, 2024
Essential strategies to protect your organization from ransomware attacks, including defense mechanisms, regular updates, & employee training.
Blog
SecurityScorecard 2024 Global Third-Party Cybersecurity Breach Report: Software supply chain is top target for ransomware groups
February 28, 2024
The SecurityScorecard Global Third-Party Breach Report uses the world's largest proprietary risk and threat dataset to provide unique insights into the intricate web of supply chain vulnerabilities exploited by ransomware groups.
Paul Prudhomme, STRIKE Threat Intelligence Analyst
Blog
Beating LockBit at its Own Game: Law enforcement’s takedown of a prolific ransomware group
February 22, 2024
After a years-long investigation, this week the FBI and law enforcement agencies in the UK and Europe took over the main website of the cybercrime group known as LockBit
Rob Ames, Senior Staff Threat Researcher; James Niven, Senior Staff Threat Researcher
Blog
3 2 1… Impact! Early Results under the SEC’s Cybersecurity Governance Rule
February 22, 2024
The early results under the SEC's cybersecurity governance rule are in: companies need better preparedness and processes for compliance.
Owen Denby, General Counsel, SecurityScorecard & Justin Daniels, Shareholder, Baker Donelson
Blog, Learning Center
Top 10 Cybersecurity Questions to Ask Your Vendors: A step-by-step guide to reduce supply chain risk
February 22, 2024
Ask these ten key questions to make sure your organization’s vendor questionnaire doesn't become just a “check-the-box” exercise.
Blog
Chinese Hacking Group Targets US Critical Infrastructure
February 20, 2024
The FBI and CISA are warning that “Volt Typhoon” has been lurking in US critical infrastructure systems for at least five years.