Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
CVE-2024-4577 is a critical vulnerability in Windows-based PHP installations, affecting CGI configurations, that allow remote code execution.
What impact has the ban had on US and global usage of Kaspersky? Has it been effective? A new analysis from Bitsight contains some surprising results.
The TRACE team investigated BADBOX, which is a large-scale cybercriminal operation selling off-brand Android TV boxes, smartphones, and other Android electronics with preinstalled malware.
After a year long investigation, Bitsight TRACE follows up on Socks5Systemz research.
Brandon Smith discusses some of the challenges an Automation Engineer face, Bitsight's partnership with Schneider Electric, and what manufacturers in general are doing to tackle ICS security.
Key risk indicators (KRIs) can help monitor and control cyber risk. But what KRIs should you focus on?
Bitsight’s visibility over infostealer malware which exfiltrates over Telegram suggests that the most infected countries are the USA, Turkey, and Russia, followed by India and Germany.
Recent investigation by Bitsight TRACE has discovered multiple critical 0-day vulnerabilities across six ATG systems from five different vendors.
I’ve had a number of requests to examine the finance sector in more detail including breakdowns of exactly what kind of financial organizations are experiencing greater risk and who is remediating more quickly. Here's some answers.
Want to know about Yet Another Vulnerability Scoring System (YASS)? Ben Edwards breaks down Stakeholder Specific Vulnerability Categorization and how to make it work.
An in-depth look into Web Application Security, and Bitsight's approach to related security metrics.
Our latest research, a collaboration between Bitsight TRACE & the security researcher Gi7w0rm, has uncovered additional details & information about the 7777 Botnet.
We cover investments that Bitsight is making to greatly scale out our vulnerability coverage in record time through automation.
Much of your daily life depends on Industrial Control Systems(ICSs). We’ll cover ICSs unique characteristics and some of the challenges in applying IT security practices or technology to them.
Before Crowdstrike caused the world to melt down for a few days, the talk of the security town was a recent OpenSSH vulnerability. Let's revisit CVE-2024-6387.