Bitsight TRACE | Bitsight

Bitsight TRACE: New Security Research

A Global View of the CISA KEV Catalog: Prevalence and Remediation

Bitsight TRACE: New Security Research

A Global View of the CISA KEV Catalog: Prevalence and Remediation

Bitsight TRACE research analyzing trends and insights of the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities (KEV) Catalog. In this comprehensive report, Ben explores:

Prevalence of KEVs across organizations, geographies, and verticals
Average KEV remediation times and compliance with CISA deadlines
Differences in KEVs known to be part of ransomware vs other CVEs

Download the Report

Featured Research

Bitsight Security Research

Evaluating dependence on NVD

Learn about what the latest reduction in capacity in the NVD means for the state of vulnerabilities.

Bitsight Security Research

Latrodectus, are you coming back?

This article provides a technical analysis of Latrodectus, offering insights into its campaigns and victims up until Operation Endgame.

Bitsight Security Research

Slicing through CISA’s KEV Catalog

Bitsight’s global, advanced scanning and detection capabilities provide insight into many actively exploited vulnerabilities that others just can’t touch. Explore how we do it.

Featured Research

Bitsight identifies nearly 100,000 exposed industrial control systems

Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure...

Bitsight identifies nearly 100,000 exposed industrial control systems

Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure...

All Research

Bitsight Security Research

Evaluating dependence on NVD

Learn about what the latest reduction in capacity in the NVD means for the state of vulnerabilities.

Bitsight Security Research

Latrodectus, are you coming back?

This article provides a technical analysis of Latrodectus, offering insights into its campaigns and victims up until Operation Endgame.

Bitsight Security Research

Control Web Panel - Fingerprinting Open-Source Software using a Consolidation Algorithm approach

This blog post details one of these very unique cases: `CVE-2022-44877`, an unauthenticated Command Injection issue, flagged by CISA as a Known Exploited Vulnerability (CISA KEV).

A Quantitative Look at KEV Prevalence Across Europe

Bitsight Security Research

Race to KEV Remediation: Who Tops the Charts in Europe?

Discover key differences in KEV prevalence across Europe and how they impact cybersecurity strategies in this detailed blog.

Bitsight Security Research

Ivanti EPM Cloud Services Appliance - Taking advantage of a backdoor to detect a vulnerability

This blog post details how `CVE-2021-44529` was researched as well as the current method being used to detect it.

AI image of a duck on the porch of a farmhouse with a man in black lurking in the shaddows

Bitsight Security Research

The xz apocalypse that almost was*

Dive into a significant cybersecurity scare that could have led to widespread chaos, highlighting the vulnerabilities that were exposed and the swift actions taken to prevent disaster.

Bitsight Security Research

Slicing through CISA’s KEV Catalog

Bitsight’s global, advanced scanning and detection capabilities provide insight into many actively exploited vulnerabilities that others just can’t touch. Explore how we do it.

Outdated mobile apps - a ticking time bomb

Bitsight Security Research

Behind the Screen: The Peril of Neglecting Mobile Apps

Discover why millions of smartphones worldwide are at risk due to cluttered and outdated apps. Dive into our research to learn more about this critical issue.

Bitsight Security Research

Control Web Panel - Fingerprinting Open-Source Software using a Consolidation Algorithm approach

This blog post details one of these very unique cases: `CVE-2022-44877`, an unauthenticated Command Injection issue, flagged by CISA as a Known Exploited Vulnerability (CISA KEV).

Bitsight Security Research

Dental DDoS? No. Cameras and Ransomware? Oh yeah.

We’re back again with a monthly-ish blog reflecting on major goings on in the security world.

Bitsight Security Research

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Read the latest Bitsight research on PrivateLoader including important updates recently, including a new string encryption algorithm, a new alternative communication protocol and more.

Bitsight Security Research

Data Insights on AgentTesla and OriginLogger Victims

AgentTesla (also known as OriginLogger) remains a prevalent commodity stealer, being daily distributed, mainly via email attachments

Bitsight Security Research

Domain (in)security: the state of DMARC

This blog discusses the state of DMARC, the role that DMARC plays in email authentication, and why it should be a key component of your email security solution.

Bitsight Security Research

New Year, New Ivanti Vulnerability

Explore recent Ivanti Secure vulnerabilities affecting SSL VPN and Network Access Control solutions. Understand the criticality, patch delays, and ongoing exploitation.

Bitsight Security Research

SLP Denial of Service Amplification - Attacks are ongoing and rising

We build on our previous work and look into how threat actors are abusing SLP to launch reflection/amplification DDoS attacks, their evolution, and what targets are they focused on at the moment.

Bitsight Security Research

Unveiling Socks5Systemz: The Rise of a New Proxy Service via PrivateLoader and Amadey

Recently, our Threat Research team discovered a new malware sample, distributed by the PrivateLoader and Amadey loaders. Learn more.

Bitsight Security Research

SmokeLoader's Plugins

Bitsight dissects SmokeLoader's plugins received by an infected computer from the botnet "0020". We explore their inner workings, capabilities, and threat vectors.

MOVEit Transfer vulnerability-Bitsight research findings

Bitsight Security Research

MOVEit Transfer: Detecting affected servers at scale

Discover the methodology, at a technical level, the Bitsight Security Research team used to evaluate the three critical vulnerabilities affecting MOVEit Transfer.

Bitsight Security Research

New research reveals rapid remediation of MOVEit Transfer vulnerabilities

CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.

Bitsight Security Research

New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)

Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP).

Bitsight Security Research

Mylobot: Investigating a proxy botnet

Mylobot is a malware that targets Windows systems, it first appeared in 2017. In this article, we'll focus on its main capability, which is transforming the infected system into a proxy.

Bitsight Security Research

SystemBC: The Multipurpose Proxy Bot Still Breathes

SystemBC is a malware written in C that turns infected computers into SOCKS5 proxies.

Bitsight Security Research

Tracking PrivateLoader: Malware Distribution Service

PrivateLoader is a loader from a pay-per-install malware distribution service that has been utilized to distribute info stealers, banking trojans, loaders, spambots, and ransomware on Windows machines.

Malware Insights

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Read the latest Bitsight research on PrivateLoader including important updates recently, including a new string encryption algorithm, a new alternative communication protocol...

Read The Report

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Read the latest Bitsight research on PrivateLoader including important updates recently, including a new string encryption algorithm, a new alternative communication protocol...

Read The Report

Want to learn more about Bitsight Threat Research and Education (TRACE), and meet the team?

Let's Go →