SecurityScorecard recently joined the World Economic Forum’s Centre for Cybersecurity and UC Berkeley’s Center for Long-Term Cybersecurity (CLTC) for a private, invite-only workshop in Washington, DC alongside global leaders, CEOs, and CISOs to identify trends and insights that will most likely impact cybersecurity in the next decade of 2030 via future-focused scenarios with emerging cybersecurity challenges.

In the digital age, an organization’s cybersecurity posture is as strong as its intelligence. Open-source intelligence (OSINT) has emerged as a vital tool for businesses, non-profit organizations, and governments alike to fend off cyber threats. This guide offers a deep dive into the realm of OSINT, detailing its importance, applications, challenges, and how SecurityScorecard’s cybersecurity assessment platform empowers organizations to utilize it effectively.

CVE-2023-2868, a vulnerability in the Barracuda ESG was announced on May 23. On June 15th, a report surfaced, attributing the exploitation of this vulnerability to a threat actor group tracked as UNC4841, which analysts believe is conducting espionage on behalf of the Chinese government. SecurityScorecard’s STRIKE Team consulted its datasets to identify possibly affected organizations.

Cyber threat hunting is a proactive security strategy that involves searching for threats within a network before they can cause significant damage. Unlike traditional methods, which are reactive and wait for an alert before taking action, threat hunting seeks to actively identify and mitigate hidden threats that have evaded initial security measures. Threat hunting involves constant monitoring and data analysis to spot suspicious behavior that may indicate a cyber attack.

Threat intelligence is one of the most potent weapons we have against digital hazards. Yet, many organizations remain uncertain about what it entails, how to apply it effectively, and what threat intelligence solution to choose. This lack of understanding could be detrimental as cyber threats continue to evolve, becoming more sophisticated and disruptive. So, what is threat intelligence, and how can it help bolster an organization’s security posture?

The evolving threat landscape necessitates proactive approaches to identify, assess, and mitigate potential cyber security risks. Threat intelligence is one of the most potent weapons we have against digital hazards. Yet, many organizations remain uncertain about what it entails, how to apply it effectively, and what threat intelligence solution to choose. This lack of understanding could be detrimental as cyber threats continue to evolve, becoming more sophisticated and disruptive.

With the worldwide popularity of Android and its open-source software, hackers have an increased incentive and opportunity to orchestrate attacks. A Google search for “Android malware” brings up headlines like these, all from the past few days or weeks: SecurityScorecard recently analyzed a specific threat known as the AhMyth RAT (remote access trojan), which made headlines for infiltrating a popular screen recording app on the Google Play Store.

In cybersecurity, being well-versed in the wide range of resources available for protecting and enhancing your digital environment is crucial. One of the most significant and effective tools is the Mitre ATT&CK Framework. Read on for an in-depth exploration of this critical cybersecurity framework and how you can apply it to your own organization.

This week, SecurityScorecard is participating in the US Chamber of Commerce’s Cyber Security Trade Mission to Israel. This has been a valuable experience to not only share our cybersecurity knowledge, but to learn more about Israel’s cybersecurity efforts, and those of other countries.