Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Global State of Exposure BIG IP CVE 2022-1388 Blog Header](/sites/default/files/styles/4_3_small/public/2022/10/13/Global-State-of-Exposure-BIG-IP-CVE-2022-1388.jpg.webp?itok=bUQlssM8)
Bitsight evaluated the current global state of exposure to CVE-2022-1388. Our findings indicate that many organizations remain vulnerable to this critical vulnerability, presenting risk not only to these organizations but also to their customer bases. See the findings.
![Representation of expanding digital ecosystem for cyber risk reduction](/sites/default/files/styles/4_3_small/public/2022/09/29/Cyber%20Risk%20Reduction.jpg.webp?itok=o39aLaUF)
Discover five practical cyber risk reduction strategies including understanding your attack surface, continuous monitoring, keeping software updated, and more.
![The BitSight and Moody's Partnership: A New Era For Cybersecurity](/sites/default/files/styles/4_3_small/public/migration/images/facebook-moodys-image-min_2.jpg.webp?itok=Sg6_IOaw)
Moody’s Investor Services published new research indicating worldwide cyber risk is rising, particularly among critical infrastructure entities.
![SystemBC malware banner](/sites/default/files/styles/4_3_small/public/2022/09/19/SystemBC-malware-banner-min.jpg.webp?itok=duCZ_7ia)
SystemBC is a malware written in C that turns infected computers into SOCKS5 proxies.
![city with connected devices](/sites/default/files/styles/4_3_small/public/2022/08/03/city%20with%20connected%20devices_iot.jpg.webp?itok=0JabPv1J)
Discover how Bitsight’s GPS vulnerability research can help your organization and third party managers reduce IoT device cyber risk.
![Information Security In Banking & Finance Industry: 3 Critical Vendor Risks](/sites/default/files/styles/4_3_small/public/migration/images/Information%2520Security%2520In%2520Banking%2520-%2520BitSight_1.jpg.webp?itok=TVGkWjOz)
The NCUA Board approved a proposed rule that would require a federally insured credit union (FICU) to notify the NCUA as soon as possible but no later than 72 hours after they reasonably believe that a reportable cyber incident has occurred.
![BitSight Finds Critical Vulnerabilities in Popular GPS Tracker](/sites/default/files/styles/4_3_small/public/2022/07/15/BitSight%20Finds%20Critical%20Vulnerabilities%20in%20Popular%20GPS%20Tracker_New.jpg.webp?itok=AADpgFSJ)
Bitsight has discovered six severe vulnerabilities in a popular vehicle GPS tracker (MiCODUS MV720) potentially allowing hackers to track individuals without their knowledge, remotely disable fleets of corporate supply and emergency vehicles, abruptly stop civilian vehicles on dangerous highways, and more.
![vendor risk management ransomware](/sites/default/files/styles/4_3_small/public/2021/12/06/ransomware-blog.jpg.webp?itok=58waN1-I)
In 2021, ransomware attacks on government agencies globally increased by 1,885% over 2020 attacks, and the trends are continuing so far in 2022. Learn how to protect your organization from ransomware with three best practices.
![Vulnerability alert](/sites/default/files/styles/4_3_small/public/2023/04/26/Vulnerability%20alert-min.jpg.webp?itok=PREnq-Uj)
Atlassian Confluence has been impacted by vulnerability CVE-2022-26134 allowing for ransomware deployment, data theft, & more. See Bitsight's findings & analysis.
![cyber risk mitigation](/sites/default/files/styles/4_3_small/public/2021/11/16/cyberrisk%20mitigation.jpg.webp?itok=bH50Ze-R)
The federal government is using every tool possible to deter and disrupt retaliatory cyberattacks against critical national infrastructure. With the Strengthening American Cybersecurity Act, agencies are required to report cybersecurity incidents within a 72 hour period. Learn more.
![Global distribution of Emotet infected systems](/sites/default/files/styles/4_3_small/public/2022/05/19/Global%20distribution%20of%20infected%20systems-min.png.webp?itok=uiwqItNT)
In November 2021, a new version of the Emotet botnet emerged. How did this happen? What is the botnet doing today? And how can organizations avoid becoming victims? Get the answers and more.
![How Do I Know if I am at Risk for a Ransomware Attack?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1228736578_0.png.webp?itok=JY0MfgIE)
Ransomware isn’t going away; security leaders need to get inside the brain of ransomware sleuths and learn how attacks develop to better identify early indicators of ransomware in their network. Read on to learn how ransomware attacks happen.
![Keys to the Kingdom: Single Sign-On (SSO) is Under Attack](/sites/default/files/styles/4_3_small/public/2022/04/11/Keys%20to%20the%20Kingdom%2C%20%20Sized.jpg.webp?itok=lVMhnDiC)
This article contains tips for security and risk professionals to manage risk from their Single Sign-On (SSO) providers and better protect their users’ credentials.
![Cyber insurance underwriting evolution and expectations](/sites/default/files/styles/4_3_small/public/2022/04/04/Cyber%20Insurance%20Underwriting%2C%20Sized.jpg.webp?itok=sXAliu2l)
What is cyber insurance underwriting, how has it evolved, and what you can expect when you apply for cyber insurance.
![global vendor breach](/sites/default/files/styles/4_3_small/public/2022/03/23/shutterstock_639700315.jpg.webp?itok=_y4NYmtx)
Organizations remain concerned about the potential implications to their own security posture as a result of the Okta cyber attack. It's important to identify where risks are present throughout your third parties landscape.