In the News
2023

Healthcare industry most common victim of third-party breaches, Black Kite finds | Healthcare Dive
Feb 2, 2023
The healthcare industry was the most common victim of third-party breaches in 2022, accounting for almost 35% of all incidents — up from 33% in 2021, according to a new report.
Read more
Cyberattack Impact “Catastrophic” for Third Parties, New Study Finds MSSPs at Risk? | MSSP Alert
Feb 2, 2023
Vendors hit by a cyberattack saw nearly five of their third-party suppliers also compromised per incident in 2022, double the 2.5 entities per vendor in 2021, according to a new study by Black Kite, a cyber risk intelligence company.
Read more

Endpoint Security Explained | NinjaOne
Jan 30, 2023
Black Kite reported that 53% of organizations were hit by ransomware attacks in 2021, and that number is expected to increase to 69% in 2022. Cyberattacks show no sign of slowing, so it is critical that organizations have necessary cybersecurity precautions in place. One of the best ways to protect your IT environment is with an endpoint security process.
Read more





Cyberattackers Look to Exploit Tech Job Cuts | sdx central
Jan 27, 2023
Amid recent mass layoffs occurring across the technology industry, affected companies shouldn’t overlook the potential cybersecurity risks that could leave them vulnerable to cyberattacks, security experts warned.
Read more


2022 in cyberwar and what it means for you | IT Brew
Jan 13, 2023
State-backed hackers started living off the land, cyber insurance premiums skyrocketed, and Russia’s tech sector dropped off the map.
Read more2022


Why Credit Unions Need to Improve Their Cybersecurity | Arctic Wolf
Dec 16, 2022
Where there is money, there are cybercriminals. This is especially true for credit unions which deal with both financial information and the personal identifying information (PII) of every member and connected institution. They are a digital vault of gold coins and the hackers are all too ready to crack the safe.
Read more

What CISOs Can Do to Win the Ransomware Game | The Security Ledger
Dec 12, 2022
In this Expert Insight, Jeffrey Wheatman, a Cyber Risk Evangelist at Black Kite argues that CISOs need to shift to a more proactive approach to fend off damaging attacks by sophisticated ransomware groups.
Read more


When holiday hacks hit understaffed IT teams | IT Brew
Dec 8, 2022
Cybercriminals often encrypt when everybody’s out of office.
Read more

JADC2 Could Introduce Cyber Risks At Unprecedented Scale | National Defense Magazine
Nov 23, 2022
Technology has always played a major role in military competition, and military competition has always leaned heavily on industry. The two spheres, the military and industry, overlap so much that “military-industrial complex” is common parlance.
Read more



Cyber Risk Is Rising: Here Is How Companies Can Tackle Tomorrow’s Threats Today | Forbes
Nov 21, 2022
Breaches in cyber security can be detrimental to the health of enterprise organizations and SMBs alike. Not only are they financially devastating, but they also erode consumer trust. The advent of widespread distributed teams in 2020 added an additional layer of risk and cyber criminals took notice.
Read more



The 13 most promising early-stage artificial intelligence startups of 2022, according to VCs investing in companies building technical infrastructure and developing tools | Business Insider
Nov 17, 2022
Even amid a downturn that’s affecting tech companies, venture capitalists say they’re paying attention to certain early-stage startups.
Black Kite: An AI-driven cybersecurity platform.
Read moreUnderstanding Your Digital Supply Chain Risk | CPF Coaching
Oct 25, 2022
Understanding your digital supply chain risk is becoming one of the significant challenges many businesses face today, especially with the move to the cloud and globalization of the computing behind those services.
Read more

RAS Infotech chooses Black Kite Risk Intelligence Platform for its Middle East customers | EIN Presswire
Oct 11, 2022
RAS InfoTech, the world-class information security products distributor, announces a brand-new distribution partnership with Black Kite, the Boston-based leading third-party risk intelligence platform. RAS Infotech will deliver the Black Kite solution to hundreds of its clients and prospects throughout the Middle East and Africa.
Read more

Your vendors are likely your biggest cybersecurity risk | #malware | #ransomware | National Cyber Security News Today
Sep 5, 2022
As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage.
Read more









Your vendors are likely your biggest cybersecurity risk | Help Net Security
Sep 5, 2022
As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage. With organizations expanding their vendor base, there is a critical need for holistic third-party risk management (TPRM) and comprehensive cybersecurity measures to assess how much risk vendors pose.
Read more

A New Way to Look at Data Breach Costs | Security TV Guy
Aug 11, 2022
Episode 2698 blackkite.com with Bob Maley at Black Hat USA 2022
Read more

Analysis: Average Business Data Breach Costs $15M | Corporate Compliance Insights
Aug 10, 2022
Black Kite report finds more than 3 in 4 breached companies are still susceptible to phishing
Read more

Why cybersecurity is an issue for business leaders – and not just IT professionals | Insurance Business America
Aug 8, 2022
As cyberattacks on companies become increasingly prevalent in the past several years, more hackers are also targeting supply chains as a means of entry, creating a ripple effect within business ecosystems. As Boston-headquartered third-party cyber risk intelligence firm Black Kite describes it, “cyberattacks can now impact hundreds of companies without discrimination.”
Read more

Beware the Cost of Data Breaches | Energy Central
Aug 4, 2022
Security company Black Kite have released a report that makes sobering reading detailing the cost of data breaches. They estimate that many data breaches cost around $15 million. This is a distinct danger to organizations like utilities, which have a large number of customers, and critical information in their databases.
Read more

Costs of data breaches, ransomware examined | SC Magazine
Aug 3, 2022
Data breach costs between 2017 and 2022 averaged $15 million without outliers but rose to $75 million when outliers were considered, TechRepublic reports.
Read more

Patriotic hacktivism. Security concerns delay UK Tory vote. Malware that abuses trust. Lessons from a hybrid war’s cyber phases. | The CyberWire
Aug 3, 2022
Black Kite Finds Cost of Data Breach Averages $15.01M
Read more





Daily Roundup: Oracle Slashes U.S. Workers | SDxCentral
Aug 3, 2022
Welcome to our new and improved Daily Roundup where we quickly summarize the news you missed today.
Read more

Top Stories From Around The Jungle | IT Jungle
Aug 3, 2022
A data breach could cost organizations millions of dollars, concludes study by IBM and Black Kite.
Read more



Black Kite Research: Data Breach Costs Vary Widely | MSSP Alert
Aug 2, 2022
Most data breaches cost companies between $10,000 and $1 million, according to an analysis of 2,400 data breach incidents from 2017 to 2022 conducted by Black Kite Research. In addition, 15% of analyzed data breaches cost between $1 million and $10 million.
Read more





IBM, Black Kite Unveil Data Breach Cost, ‘Haunting Effect’ | SDxCentral
Aug 2, 2022
A data breach could cost organizations millions of dollars, IBM and Black Kite researchers found in their recent studies. Both reports showed similar conclusions that data breaches have a “haunting effect,” and lacking the use of certain security technologies could lead to higher breach costs.
Read more

Black Kite finds cost of data breach averages $15.01M | Security Info Watch
Aug 2, 2022
A leading cyber risk intelligence company releases a new report to assess the financial impact and root causes of 2,400 cyber incidents.
Read more

Black Kite: Cost of data breach averages $15 million | TechRepublic
Aug 2, 2022
With the median cost per incident coming in at $130,000, most data breaches do not cross the $1 million threshold.
Read more

72-hour deadline for cyber incident reporting proposed for credit unions | Brad Egeland
Jul 27, 2022
The U.S. agency that oversees credit unions proposed a 72-hour deadline for regulated companies to report cyberattacks on Wednesday.
Read moreTactics Shaping Ransomware Mitigation in 2022 | Brad Egeland
Jul 27, 2022
Though businesses have become more confident in preventing ransomware attacks, confronting risk is an internal commitment.
Read more

Who’s Responsible For Cyber Insurance Policy Misrepresentations? It Depends. | Forrester
Jul 14, 2022
On July 6, 2022, the Travelers Property Casualty Company of America (Travelers Insurance) filed a suit in an Illinois federal court against International Control Services, Inc. (ICS) asking for policy rescission and declaratory judgment against ICS. Travelers alleges that ICS misrepresented its use of multifactor authentication (MFA) on its policy application, which should be sufficient legal grounds to deny payment on ICS’s ransomware claim and void the policy entirely. If this reads like legalese, that’s because cyber insurance policies are legally binding agreements and application “errors or omissions” nullify contracts.
Read more

Spotlight on the Gramm-Leach-Bliley Act (GLBA) | Shared Assessments
Jul 5, 2022
Last week Bob Maley, Chief Security Officer at Black Kite and I led a Fireside Chat discussion on the current regulatory landscape regarding privacy and security. While state laws continue to advance and there is momentum for a Federal U.S. Privacy Regulation, the update by the Federal Trade Commission (FTC) on the Gramm-Leach-Bliley Act (GLBA) Security Safeguards rule is impacting specific sectors right now. I have worked with GLBA since its inception in my tenure at one of the largest service providers to financial institutions, so let me break down the components we discussed as a “Primer” on GLBA in 2022.
Read more









Black Kite FocusTags allows users to track high-profile cyber events | Help Net Security
Jul 1, 2022
Black Kite’s platform was built to provide full visibility into a vendor’s cyber position, using the same open-source intelligence tools and techniques hackers use (data collectors, crawlers, honeypots, etc.) to continuously collect information from internet-wide scanner databases, reputation sites, cyber events, hacker shares, and known vulnerability databases.
Read more

How prepared is biopharma for the cyber doomsday? | Endpoints news
Jun 28, 2022
One of the largest cyberattacks in history happened on a Friday, Eric Perakslis distinctly remembers.
Perakslis, who was head of Takeda’s R&D Data Sciences Institute and visiting faculty at Harvard Medical School at the time, had spent that morning completing a review on cybersecurity for the British Medical Journal. Moments after he turned it in, he heard back from the editor: “Have you heard what’s going on right now?”
Read more









New infosec products of the week | Help Net Security
Jun 17, 2022
Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Feroot, Incognia, Optiv, and Splunk.
Read more



Managed Security Services Provider (MSSP) Market News | MSSP Alert
Jun 16, 2022
Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
Read more

5 CYBERSECURITY TAKEAWAYS FROM RSAC 2022 | Volition Capital
Jun 15, 2022
The annual RSA conference was back to in person this year, and the excitement was palpable on the exhibition floor. With cyberattacks growing exponentially – in both number and sophistication – there’s never been a more important time to be a cybersecurity company.
Read more

New Black Kite FocusTags Provide Instant Visibility of High-Profile Cyber Events at Scale | Cision
Jun 15, 2022
Black Kite, the leader in third-party cyber risk intelligence, announces the availability of FocusTags, a fast and simple way for users to track high-profile cyber events and quickly identify which vendors have been affected within their supply chain.
Read more









Black Kite FocusTags allows users to track high-profile cyber events | Help Net Security
Jun 15, 2022
Black Kite released FocusTags, helping users to track high-profile cyber events and identify which vendors have been affected within their supply chain.
Read more

Determining Your Organization’s Risk Appetite | Protecting People
Jun 14, 2022
Most of the time, security slip-ups happen because of careless, accidental behavior. Through educating people and focusing on changing behaviors, those cyber risks can be mitigated. That’s the idea behind the importance of people-centric cybersecurity.
Read more

Why Defense contractors still have a cyber target on their backs | Federal News Network
Jun 9, 2022
The Defense Department is still figuring out how to raise the cybersecurity waterline among its vendor community as part of its Cybersecurity Maturity Model Certification program. And some new research based on privately collected cyber risk intelligence shows the problem is as urgent as ever. According to a new report from Black Kite, almost three quarters of defense contractors have had network credentials leaked in just the past 90 days.
Read more

To better manage cybersecurity risk, extend zero-trust principles to third parties | TechCrunch
Jun 4, 2022
Today’s cybersecurity landscape requires an agile and data-driven risk management strategy to deal with the ever-expanding third-party attack surface.
Read more


One-third of defense contractors vulnerable to ransomware | Security Magazine
Jun 3, 2022
Thirty-two percent of U.S. defense contractors are vulnerable to ransomware attacks, according to a new report.
Read more

Phishing attacks could impact 82% largest insurance companies | Asia Insurance Review
May 25, 2022
Nearly 20% of the top 99 insurance companies in the US have a high susceptibility to ransomware according to a new report by cyber risk intelligence company Black Kite.
Read more

Black Kite Study: 72% of Defense Contractors Experience Credential Leaks Over 90-Day Period | ExecutiveBiz
May 25, 2022
Seventy-two percent of the 100 U.S. defense companies included in a Black Kite analysis have at least one credential that has been compromised within a 90-day period, the cyber risk monitoring company said in its new report.
Read more

Insurers, You Underwrite Cyber Risk. But How Good Is Your Own Cyber Security? | Risk & Insurance
May 17, 2022
Black Kite gives roughly 26% of insurers an “A” grade for their cyber posture, but the remaining 73% are three times more likely to experience a cyber breach.
Read more

Credit Unions Face Uphill Cyber Battle | Credit Union Times
May 13, 2022
Despite credit unions’ efforts to educate members about fraud, many are falling prey to thieves.
Read more

5 Healthcare Data Security Challenges | Enterprise Networking Planet
May 10, 2022
Data loss prevention is an integral component of how a business operates and continuously improves, and this remains true for any healthcare organization. The abundance and availability of data have helped medical professionals and patients, but it’s also appealing to any cyber criminal trying to cause harm to make a profit.
Read more

Preparing for Energy Industry Cyberattacks | WSJ Pro
Apr 21, 2022
The energy industry is especially vulnerable to cyberattacks, according to political leaders and security analysts. Also, attacks on the industry, which includes utilities and the energy production and distribution sectors, can have a domino effect farbeyond the entities victimized by the breach.
Read more



Insurance sector increasingly targeted by cyberattacks | SC Media
Apr 11, 2022
TechRepublic reports that one in five of the leading 99 insurance carriers were highly vulnerable to ransomware attacks, with 82% susceptible to phishing attacks. Software supply chain attacks have also spiked by 300% over the past year, according to a report from Black Kite.
Read more

Insurance industry being ravaged by high rate of cyberattacks | Techregister
Apr 8, 2022
A new report from Black Kite shows the entire sector may be ripe for ransomware attacks.
Read more









18% of the top 99 insurance carriers have a high susceptibility to ransomware | Help Net Security
Apr 8, 2022
Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top 99 insurance carriers have a high susceptibility to ransomware.
Read more





Headcount: Firings, Hirings, and Retirings — March 2022 | SDxCentral
Apr 3, 2022
Here are some of the latest executive hirings, promotions, and staff changes that happened in February.
Read more

Blessing details defenses amid increasing health system cyber-attacks | WGEM
Mar 28, 2022
Hospitals and health systems are finding themselves in the crosshairs of cybercriminals more frequently. According to third party cybersecurity company Black Kite’s 2021 Third Party Breach report, attacks on healthcare companies accounted for nearly a third of attacks in 2021.
Read more

5 ways finance can drive cybersecurity preparedness | FM Magazine
Mar 23, 2022
Management accountants can be invaluable in addressing cybersecurity risk.
Read more











Half of Orgs Use Web Application Firewalls to Paper Over Flaws | Dark Reading
Mar 19, 2022
The ongoing struggle to update vulnerable software by finding and applying the right patches in a timely manner has led half of enterprise IT departments to use Web application firewalls (WAFs) either in lieu of patching or to offer some protection before patching can be achieved.
Read more











SecZetta Launches Complimentary Third-Party Identity Risk Maturity Assessment at HIMSS | Dark Reading
Mar 15, 2022
SecZetta, the leading provider of third-party identity risk solutions, today announced that it was launching a complimentary Third-Party Identity Risk Maturity Assessment at HiMSS22.
Read more

What CXOs can learn from Denso ransomware attack | TechCircle
Mar 15, 2022
Last week, officials at Denso Corp confirmed that the company’s Germany hub, which oversees sales, design and development of automotive parts, had sustained a ransomware attack.
Read more

It’s Time to Bake Security into Software from the Start | CyberSecurity-Magazine
Mar 11, 2022
One of the most unexpected consequences of ransomware attacks in 2021 may have been the nationwide cream cheese shortage caused by an attack on one of the nation’s largest cream cheese manufacturers.
Read more

Toyota cyberattack on supplier halts production — car makers among most vulnerable to attack | The Stack
Feb 28, 2022
Toyota is stopping all car production in Japan from March 1, due to a cyberattack on a key supplier, Kojima Industries. The automotive giant said it was suspending the operation of 28 production lines at 14 plants in Japan saying “we apologize to our relevant suppliers and customers for any inconvenience this may cause” and attributing the issue at Kojima to a “system failure.”
Read more





Biden’s sanctions face energy reality | Politico
Feb 23, 2022
President Joe Biden unveiled fresh sanctions after Russia sent troops into Ukraine, but he still has to contend with the political risks of an overheated energy market.
Read more











Big Pharma Finds Patch Management a Bitter Pill | Dark Reading
Feb 3, 2022
One-quarter of pharmaceutical manufacturers received a failing grade on patch management, which is a vital step in heading off ransomware attacks.
Read more











Energy Sector Still Needs to Shut the Barn Door | Dark Reading
Jan 29, 2022
One third of the companies studied haven’t fixed their credential management — the same issue that led to the Colonial Pipeline hack last May.
Read more

Black Kite response on Ukraine | TVEyes
Jan 26, 2022
Chief Security Officer of Black Kite Bob Maley believes Russia could launch cyber warfare at any moment, but says Lavrov’s comment isn’t necessarily an indication.
Read more









Healthcare industry most common victim of third-party breaches last year | Help Net Security
Jan 28, 2022
Black Kite released its annual Third-Party Breach Report, which examines the impact of third-party cyber breaches in 2021. Ransomware was the most common attack method behind third-party breaches in 2021, initiating more than one out of four incidents analyzed.
Read more

US offers no concessions in response to Russia on Ukraine | WJLA
Jan 26, 2022
The Biden administration and NATO told Russia on Wednesday there will be no U.S. or NATO concessions on Moscow’s main demands to resolve the crisis over Ukraine.
Read more


33% of third-party data breaches in 2021 targeted healthcare orgs | Security Magazine
Jan 24, 2022
Despite cybersecurity prioritization following the onset of the COVID-19 pandemic, the healthcare industry was the most common victim of attacks caused by third parties, accounting for 33% of incidents last year.
Read more2021


What Did We Learn About Cyber Risk Management in 2021? | Cloud Security Alliance
Dec 17, 2021
By Bob Maley, Chief Security Officer at Black Kite
“The more things change, the more they stay the same.”




Businesses face payroll, scheduling woes after ransomware attack on Kronos | The Boston Globe
Dec 14, 2021
A ransomware attack on Ultimate Kronos Group has knocked offline the payroll and scheduling systems of thousands of businesses, government agencies, and nonprofits that use the company’s software, including some major Boston-area employers.
Read more

Federal Drive with Tom Temin | PodcastOne
Dec 8, 2021
When he’s not tooling around the National Capital region on his motorcycle, Tom Temin interviews federal executives and government contractors who provide analysis and insight on the many critical issues facing the Executive branch.
Read more









Defense contractors are highly susceptible to ransomware attacks | Help Net Security
Nov 25, 2021
20% of America’s largest 100 defense contractors are highly susceptible to a ransomware attack, according to a research from Black Kite.
Read more



Defense Contractors Highly Susceptible to Ransomware | Security Boulevard
Nov 19, 2021
The top 100 federal contractors averaged a “ransomware susceptibility index” score of 0.39, but 20% scored above the critical threshold of 0.6, according to the report.
Read more





Ransomware hackers have the upper hand | The Washington Post
Nov 16, 2021
Companies hit by ransomware hackers are at a disadvantage during every phase of the attack.
Read more

Report: 20% of Defense Contractors at Risk for Ransomware Attack | Nextgov
Nov 17, 2021
A report featuring some of the United States’ top defense contractors suggests that about 20% of them are “highly susceptible” to a ransomware attack, with 42% having experienced a data breach in 2020 alone.
Read more

How cyberattacks disrupt the auto supply chain | Automotive News Europe
Oct 26, 2021
Eberspaecher, a German supplier of automotive exhaust and thermal management systems, is the latest industry victim of a cyberattack, this one hitting the company’s IT infrastructure.
Read more



Boston cybersecurity ratings startup Black Kite raises VC round | VentureBeat
Oct 13, 2021
Black Kite, a tech startup based in Boston, said Wednesday it had raised $22 million to expand its cybersecurity ratings service.
Read more

Black Kite Closes $22 mln Series B Round To Help Organizations Defend Against Cyberthreats | Grit Daily News
Oct 13, 2021
Black Kite, a cybersecurity startup based in Boston, has raised $22 million in Series B funding to meet the increasing demand for cybersecurity solutions.
Read more


Cyber risk monitoring platform Black Kite raises $22M | VentureBeat
Oct 13, 2021
Boston, Massachusetts-based Black Kite, a company developing cybersecurity-as-a-service solutions, today announced that it raised $22 million in series B funding led by Volition Capital, with participation from existing investors Moore Strategic Ventures, Glasswing Ventures, and Data Point Capital.
Read more

Quarter of Energy Sector Vulnerable to Ransomware, Report Says | RTO Insider
Oct 8, 2021
A new report from cybersecurity firm Black Kite says a significant number of U.S. energy companies are still highly vulnerable to ransomware attacks.
Read more

Cyber Risk Scores Should Be More Than Just a Number | TechWire
Oct 7, 2021
With security leaders facing an onslaught of attacks from ransomware and other cyberthreats, it can be tough to know where to focus their energy. That’s where a “cyber risk score” promises to come to the rescue.
Read more

U.S. Energy Sector Is Vulnerable To Ransomware Attacks | Oilprice.com
Oct 6, 2021
A quarter of the 150 top U.S. energy companies are highly susceptible to a ransomware attack, while a massive 77 percent of those have at least one leaked credential within the last 90 days, new research by cybersecurity firm Black Kite found.
Read more











How Should the CSO Work With the Chief Privacy Officer? | Dark Reading
Sep 18, 2021
Chris Bush, Chief Customer Officer at Black Kite: You’ll find both a Chief Security Officer and Chief Privacy Officer in heavily regulated industries like pharmaceuticals, finance, and insurance.
Read more





CSO Urges Companies to Think Like Cybercriminals | SDxCentral
Aug 17, 2021
More than one-quarter (26%) of Fortune 100 companies are highly likely to fall victim to a ransomware attack from cybercriminals in the next 12 months. And the problem is that “large companies typically don’t think the way the bad actors do,” warned Bob Maley, chief security officer at Black Kite.
Read more

Black Kite Launches Aviator Partner Program To Expand Deployment Of Trusted Cyber Risk Ratings Solutions | AiThority
Aug 16, 2021
Black Kite, the trusted cyber risk ratings company, launched the Black Kite Aviator partner program. Aviator enables IT solutions providers to bolster their portfolio of cyber risk services and help customers secure their supply chains. More than 50 companies have already signed on to the Aviator program.
Read more



Ransomware in Auto Manufacturing Threatens Industry’s Recovery | Security Boulevard
July 1, 2021
As automotive supply chains become more complex, automotive manufacturers are increasingly susceptible to a ransomware attack, according to a report from Black Kite.
Read more

Ransomware attacks could crimp industry’s recovery from pandemic, report says | Automotive News
June 29, 2021
Almost half of 100 automotive manufacturers and more than 17 percent of suppliers are at high risk for a ransomware attack, according to cybersecurity ratings provider Black Kite.
Read more



‘We desperately need a director’: Cyber advocates sound off as senator delays CISA confirmation | SC Media
June 24, 2021
Senator Rick Scott, R-Florida, blocked a unanimous consent vote on Wednesday to confirm Jen Easterly as head of the Cybersecurity and Infrastructure Security Agency until Vice President Kamala Harris visits the U.S.-Mexico border.
Read more

Microsoft: SolarWinds hackers target 150 orgs with phishing | WCTI
May 28, 2021
The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted spear-phishing assault on U.S. and foreign government agencies and think tanks this week using an email marketing account of the U.S. Agency for International Development, Microsoft says.
Read more

Report finds 10% of pharma manufacturers at high risk for ransomware | Healthcare IT News
May 19, 2021
The cyber risk platform Black Kite released a new report this week finding that one in 10 global pharmaceutical manufacturers are at a high risk of suffering a ransomware attack.
Read more

Your money or else: Some drug makers could be ‘highly’ susceptible to ransomware attacks | Stat
May 18, 2021
The latest high-profile incident of a ransomware attack caused one of the biggest gas and fuel suppliers in the U.S. to close its East Coast pipeline for several days, a worrisome reminder that each industry remains vulnerable to cyberattacks. And not surprisingly, pharmaceutical companies also are easy targets, according to a new analysis.
Read more

Brace for ransomware attacks, Midsize Pharma | The Parallax View
May 18, 2021
About 10 percent of pharmaceutical companies are highly susceptible to ransomware, a new report finds, and those with a market cap of $10 billion to $50 billion are the juiciest targets.
Read more



The Colonial Pipeline Hackers Are One Of The Savviest Criminal Startups In A $370 Million Ransomware Game | Forbes
May 12, 2021
When Colonial Pipeline took its gasoline lines down following a successful cyberattack last week, it became the most high-profile victim of a hacking group called DarkSide.
Read more

Bringing Clarity To The Messy World Of Corporate Ransomware | PYMNTS.com
May 12, 2021
In between the most high-profile cases exists a trove of nearly countless ransomware attacks targeting businesses of all types and sizes. The threat is growing so much, said Black Kite Chief Security Officer Bob Maley, that he now describes the risk as an “epidemic.
Read more


Data held for ransom: Financial institutions could be at risk from ransomware | Bank Automation News
May 11, 2021
Increasingly, instead of just locking up the data by encrypting it, attackers may modify items like account balances, authorized signers or even histories of patient allergies maintained in health care records.
Read more


Third-Party Ransomware Risk Is Real, but Black Kite’s Latest Tool Can Help | VentureBeat
May 4, 2021
A new assessment service from cybersecurity ratings provider Black Kite will let enterprise defenders know which of their third-party partners and vendors could be vulnerable to a ransomware attack.
Read more



Babuk ransomware group emerges with new claims against U.S. companies | Cybersecurity Dive
Mar 26, 2021
Researchers at Black Kite — who have been monitoring the group’s activities and seen many of the posted documents — say the group is a “legitimate threat” and confirm that Babuk has aggressively threatened to share information, including to hostile nation states.
Read more



Threat data sharing considered critical to defense amid rise in sophisticated attacks: report | Cybersecurity Dive
Mar 24, 2021
As the IT industry works with federal lawmakers to respond to a spate of sophisticated attacks against the U.S., a report from the Ponemon Institute shows nearly 80% of security professionals consider threat data essential to maintaining a strong cybersecurity posture.
Read more


Leaked employee credentials, older software could put credit unions at risk | Bank Automation News
Mar 23, 2021
As credit unions increasingly pivot to digital platforms and solutions, flaws in their cyber meshes may become an expensive point of weakness. Credit unions face risks associated with out-of-date operating systems and employee credentials leaked onto the dark web, according to a report released last week by cyber-risk rating platform Black Kite.
Read more









The financial impact of cybersecurity vulnerabilities on credit unions | Help Net Security
Mar 22, 2021
Cybersecurity vulnerabilities among credit unions and their vendors create the potential for large financial impacts to the credit union industry, according to a Black Kite report.
Read more

After Review, Cybersecurity Firm Gives CUs, Vendors a ‘B’ Grade; Says Vulnerabilities Were Found | CU Today
Mar 18, 2021
A new report from a cybersecurity firm based of a sample of credit unions and vendors offers a “B” grade for their state of security, meaning “cyber breaches would require the skills of persistent, highly experienced hackers.”
Read more

Report: Nearly half of all credit unions at increased risk of cyberattack | Credit Union Journal | American Banker
Mar 17, 2021
Roughly half of all credit unions and more than half of their vendors could have critical vulnerabilities in their technology that leave them at increased risk of cyberattacks. That’s according to a new report from Black Kite, a firm that creates cyber risk-rating profiles. The company analyzed the cybersecurity positions of 250 federally insured credit unions and 150 vendors that serve the industry.
Read more











Qualys Is the Latest Victim of Accellion Data Breach | Dark Reading
Mar 4, 2021
Security vendor confirms attackers exploited a previously disclosed vulnerability in the enterprise firewall technology to breach its network.
Read more



Qualys confirms data breach related to Accellion after documents leak | Cybersecurity Dive
Mar 4, 2021
Cloud security firm Qualys confirmed it was the subject of a data breach related to the zero-day exploit in the Accellion FTA file transfer platform, which the cybersecurity firm used for customer support, the company announced Wednesday.
Read more



Will Boston lose its competitive edge in a work-from-home world? | The Boston Globe
February 2, 2021
Executives say they’re not worried about a California-style exodus taking place here, at least not yet. Tech companies are heading for the exits in California. Wall Street tycoons are packing their bags to catch some Florida sunshine. So, a big question looms for Boston’s business community: Will we be next? The most common answer you’ll hear: So far, no.
Read more

Cyber risk ratings startup moves HQ to Boston | BostInno
January 11, 2021
The cybersecurity hub of Boston has attracted another startup to its ranks. Cyber risk ratings startup NormShield has rebranded as Black Kite and moved its headquarters from Vienna, Virginia — just outside Washington, D.C. — to The Yard, a coworking space at 120 St. James Ave. in the Back Bay.
Read more



The siege of the U.S. Capitol was a disaster for congressional cybersecurity — and experts say Congress will likely have to wipe all its computers and rebuild from scratch | Business Insider
January 7, 2021
The looting of the U.S. Capitol on Wednesday by a mob of Trump supporters has also caused a cybersecurity disaster that the federal government must address, according to experts.
Read more



The physical breach of the Capitol building opens a cybersecurity Pandora’s box | SC Media
January 7, 2021
The insurrection at the U.S. Capitol Wednesday, which saw rioters storm the building and reportedly steal devices belonging to government officials, opened what one cybersecurity expert has called a Pandora’s box of national security and data privacy issues.
Read more2020


Phishing sites promising COVID-19 cure hyped by Trump soar | Micky
April 21, 2020
Hundreds of fraudulent websites were discovered as the public took an interest in antimalarial drugs chloroquine and hydroxychloroquine hyped by public figures. A report conducted by researchers in NormShield showed that hundreds of shady coronavirus-related websites have been operating and profiting off the pandemic since January.
Read more

Fake COVID-19 medication websites on the rise, stealing money and information | WCNC
April 16, 2020
Scammers are claiming they have medication to protect against or treat coronavirus.
Read more


Coronavirus misinformation seeds ground for digital scams | Axios
April 15, 2020
Researchers at cybersecurity auditor NormShield found a massive uptick in the first three months of 2020 for new domains that make reference to chloroquine and hydroxychloroquine.
Read more



Hundreds of new, shady websites are pushing chloroquine scams: report | Business Insider
April 14, 2020
Scammers are creating hundreds of shady websites to trick people searching for information about certain drugs with shaky links to COVID-19 treatment, according to a new report.
Read more



Beware of Shady Websites Pushing Pharmaceuticals for COVID-19 | Security Boulevard
April 10, 2020
Researchers from NormShield looked for websites using the names of 10 drugs commonly discussed in recent months. The team claims to have found “a dramatic spike” in the number of sites set up to capitalize on the anxiety caused by the pandemic.
Read more









Cybercriminals capitalize on COVID-19 fears, push shady websites, pharmaceuticals | Help Net Security
April 10, 2020
NormShield researchers looked for websites using the names of 10 commonly discussed drugs over the last several months. They found a dramatic spike in the number of sites generated to get the attention of scared shoppers looking for coronavirus cures.
Read more





Election security training goes online | POLITICO
April 9, 2020
An ambitious, Google-backed election security training initiative has had to adapt its plans during the pandemic by taking it online. Internet voting is inherently unsafe, warned a group of security experts and good-governance groups. A wide assortment of advocacy groups and companies recommended policy and enforcement steps to deal with coronavirus scams, including cyber-based ones.
Read more





The Cybersecurity 202: Mail-in voting surge is already facing time crunch in run-up to November election | The Washington Post
April 9, 2020
Time’s running short for states and counties to prepare for a possible massive surge of mail-in voting in November prompted by the coronavirus pandemic.
Read more











Untangling Third-Party Risk (and Fourth, and Fifth…) | Dark Reading
March 30, 2020
Third parties bring critical products and services to your organization. They also bring risk that must be understood and managed.
Read more

The Great Fake: Scammers are luring shoppers to fake websites and sellers | WKYC
March 6, 2020
Shoppers don’t find out until after they hand over their money.
Read more











How Cybersecurity’s Metrics of Misery Fail to Describe Cybercrime Pain | Dark Reading
January 2, 2020
Dollars lost and data records exposed are valuable measurements, but the true pain of a cybersecurity incident goes far beyond that. We asked infosec pros how they put words to the pain they feel when their defenses fall apart.
Read more2019






Tehran-connected hackers again target higher ed, researchers conclude | POLITICO
September 11, 2019
Iranian government-linked hackers notorious for targeting universities have sprung another round of phishing attacks, researchers found. John Bolton’s legacy as President Donald Trump’s national security adviser is a hawkish stance in cyberspace that a successor is unlikely to undo. A House Armed Services Committee member sought clarification on DoD’s positions on encryption.
Read more





The Cybersecurity 202: How counties are war-gaming Election Day cyberattacks | The Washington Post
September 11, 2019
If Russian hackers seek to disrupt the 2020 election, it will be county election officials on the front lines. And some are diving in to war games so they can be ready for anything Moscow or another U.S. adversary can throw at them.
Read more





States still not up to snuff on election security, researchers warn | POLITICO
September 10, 2019
DState election commissions are running old software and prone to email attacks, according to a study out today. There are some positive signs, too. Two panels today will look at how federal agencies are bolstering the fundamentals of internet security, with witnesses from three departments testifying. A judge issued a major ruling on the prevailing U.S. cybercrime law, with the court favoring a narrower interpretation.
Read more





The Cybersecurity 202: How state election officials are contributing to weak security in 2020 | The Washington Post
September 10, 2019
It’s not just a question of paper ballots. The offices charged with administering elections across the country are falling short on a slew of basic cybersecurity measures that could make the 2020 contest far more vulnerable to hacking, according to a report out this morning.
Read more


Elections officials flub some basic security tasks | Axios
September 10, 2019
State elections officials struggle with some of the basics of office cybersecurity, according to a new report from cybersecurity auditor Black Kite.
Read more


Report: Growing wave of phishing attacks targets banking customers | Inside CyberSecurity
August 15, 2019
The security firm NormShield found a double-digit rise in phony “phishing” domains targeting customers of large banks, a trend the financial services industry says it is countering thorough enhanced security and education efforts.
Read more

Hackers Subvert Security Checks Like the Browser Padlock | WSJ
August 15, 2019
Recent attacks have shown that cybercriminals have co-opted techniques and tools that people commonly use to distinguish real communications and websites from fake ones, such as the padlock in a browser window. Traditional defenses have become part of an attacker’s arsenal.
Read more





Coalition presses to change surveillance law | POLITICO
August 14, 2019
Major cybercrime groups are collaborating and operating in a savvier way in response to law enforcement crackdowns, a report out today concludes. Cybercriminals also appear to be increasingly targeting customers of the world’s largest banks, according to new data.
Read more











Financial Phishing Grows in Volume and Sophistication in First Half of 2019 | Dark Reading
August 14, 2019
Criminals are using the tools intended to protect consumers to attack them through techniques that are becoming more successful with each passing month.
Read more





The Cybersecurity 202: Hackers just found serious vulnerabilities in a U.S. military fighter jet | The Washington Post
August 14, 2019
In a Cosmopolitan hotel suite 16 stories above the Def Con cybersecurity conference this weekend, a team of highly vetted hackers tried to sabotage a vital flight system for a U.S. military fighter jet. And they succeeded.
Read more











Sprint Reveals Account Breach via Samsung Website | Dark Reading
July 17, 2019
The last-June breach exposed data including names, phone numbers, and account numbers.
Read more



Get Ready For A Ransomware Tsunami | Forbes
July 3, 2019
OK, maybe you can’t say the two cities in Florida hit with ransomware a few weeks ago dodged a bullet, but at least they dodged the digital equivalent of a cruise missile … right?
Read more


Cyber firm examines supply-chain challenge in securing election ecosystem | Inside CyberSecurity
April 22, 2019
State election officials are doing a better job of securing systems but still need to pay more attention to “internet facing infrastructure” and possible weak links in their supply chains, according to a new report from Black Kite, a cybersecurity firm that develops risk scorecards for companies.
Read more











$20 Million Investment Round Shows Growth of Risk | Dark Reading
April 8, 2019
The Series B investment supports a company bringing risk assessment to businesses in business terms.
Read more