Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Read Bitsight breach research by looking at the evolution of reported incidents over the past years to identify trends and global patterns.
CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.
Data is something that impacts so many different touch points of your business, which is why Data Ops makes life easier for everyone.
The other week, Bitsight released a piece of high-profile research alerting the public to a high-severity vulnerability. Here’s a summary of what happened and why it matters.
Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP).
We have made several adjustment to continue to provide Bitsight users with the best external indicator of the performance of cybersecurity controls.
Bitsight has recently observed a 15-year-old modular spambot called Tofsee being distributed by PrivateLoader (ruzki), a notorious malware distribution service we also closely monitor.
Bitsight published research identifying exposed webcams. In light of that, Orgs must develop an understanding of how to handle the expanding attack surface.
Bitsight has identified thousands of organizations around the world using Internet-facing webcams and similar devices, finding many video and audio feeds susceptible to eavesdropping.
Mylobot is a malware that targets Windows systems, it first appeared in 2017. In this article, we'll focus on its main capability, which is transforming the infected system into a proxy.
Bitsight found that 25% of the S&P 500 and half of the top 20 most valuable public U.S companies have had at least one SSO credential for sale on the dark web in 2022. Read the full analysis.
Bitsight has discovered two previously undocumented malware families named Cova and Nosu. They have different purposes and capabilities, although we found some similarities during our research.
New Bitsight research finds that many organizations are still affected by the OpenSSL vulnerabilities, tracked as CVE-2022-3786 and CVE-2022-3602. This blog identifies the most affected sectors and nations around the world.
In this research, we present how to manually “unpack” a sample from a recent ColibriLoader malware campaign being distributed by PrivateLoader.
New research by the Marsh McLennan Cyber Risk Analytics Center (Marsh McLennan) finds 14 Bitsight analytics have statistically significant correlation with cybersecurity incidents.