Loading...
Black Kite Blog
blog
Ransomware Is Easy, and That's the Problem
Ransomware is booming as low-barrier RaaS fuels chaotic attacks and targets SMBs. Discover the new threat landscape and how to stay ahead in TPRM.
Nov 18, 2025
blog
What’s Next in Ransomware: How Threat Actors Will Weaponize Ai
Discover the three ways AI will accelerate supply chain attacks, from real-time mapping to self-evolving malware.
Nov 17, 2025
blog
Focus Friday: TPRM Insights on Sharepoint, Mssql, Kibana, Django, and Open Webui
TPRM Insights on SharePoint, MSSQL, Kibana, Django, and Open WebUI Vulnerabilities from the Week of November 14, 2025.
Nov 14, 2025
blog
Is Your Vendors’ Ai Putting You at Risk?
Your vendors are using AI, creating new risks faster than traditional TPRM can manage. Learn to adapt your vendor oversight with a new framework.
Nov 13, 2025
blog
Why Ransomware Groups Are Zeroing in on Smbs
Ransomware attacks now target SMBs for maximum supply chain disruption. Learn new tactics and how to secure your organization from third-party risks.
Nov 11, 2025
blog
Focus Friday: TPRM Insights on Moveit, Redis, Control Web Panel, Dnn Software, and Xwiki Vulnerabilities
TPRM Insights on MOVEit, Redis, Control Web Panel, DNN Software, and XWiki vulnerabilities from the week of November 3, 2025.
Nov 7, 2025blog
Your Ransomware Fatigue Is Leaving the Back Door Open
Ransomware fatigue is real – but risky. Discover how third-party risks are leaving your organization exposed and what CISOs can do now.
Nov 6, 2025blog
Focus Friday: Critical Third-party Risks in Mikrotik Routeros, Apache Tomcat, Hashicorp Vault, and LiteSpeed Plugin
Discover how Mikrotik RouterOS, Apache Tomcat, HashiCorp Vault, and LiteSpeed Plugin vulnerabilities impact third-party risk.
Oct 31, 2025blog
Resource Roundup: Stop Drowning in Cves & Prioritize Your Supply Chain Vulnerabilities
Discover the ultimate roundup of free resources on prioritizing third-party vulnerabilities. Stop drowning in CVEs and learn where to focus.
Oct 27, 2025blog
Focus Friday: Third-party Risks in Samba Server, Atlassian Jira, Tp-link Omada, Minio, Squid Proxy, and Sauter Ey-modulo Vulnerabilities
Discover how F5 BIG-IP APT Risk Microsoft Exchange Server SharePoint Gladinet CentreStack TrioFox and Flowise Vulnerabilities: TPRM Insights vulnerabilities imp...
Oct 24, 2025blog
How to Avoid Ransomware: a Ciso’s Guide to Outsmarting Attackers
Ransomware attacks through vendor supply chains are rising. Learn 6 agile, attacker-focused tactics CISOs must use to prioritize risk and outsmart threats.
Oct 20, 2025blog
Focus Friday: TPRM Insights on F5 Big-ip Apt Risk, Exchange Server, Sharepoint, Gladinet, and Flowise Vulnerabilities
Discover how F5 BIG-IP APT Risk Microsoft Exchange Server SharePoint Gladinet CentreStack TrioFox and Flowise Vulnerabilities.
Oct 17, 2025blog
Nightmare on F5 Street: Deconstructing the F5 Breach and Its Systemic Supply Chain Risk
The F5 source code breach is a massive supply chain risk. See the full TPRM analysis and immediate steps to protect your vendor ecosystem.
Oct 16, 2025blog
Focus Friday: TPRM Insights on Oracle Ebs, Jenkins, Redis, Draytek Vigor, Zimbra, Elastic, Django, Grafana, Sillytavern, and Wp Yoast Seo
Discover how ORACLE EBS JENKINS REDIS DRAYTEK VIGOR ZIMBRA ELASTIC DJANGO GRAFANA SILLYTAVERN and WP YOAST SEO Vulnerabilities: TPRM Insights vulnerabilities im...
Oct 10, 2025blog
Focus Friday: TPRM Insights on Cisco Asa, Ftd & Ios, Vmware Vcenter, Wd My Cloud, and Formbricks Vulnerabilities
Welcome to the October 3rd edition of Focus Friday, where we explore recent high-profile vulnerabilities through the lens of Third-Party Risk Management (TPRM)....
Oct 3, 2025blog
When the Shai-hulud Worm Awakens: Tinycolor’s Fall and the New Era of Supply Chain Risk
In September 2025, the popular npm package @ctrl/tinycolor became the epicenter of a self-propagating supply chain attack, now known as the Shai-Hulud campaign.
Sep 30, 2025
blog
Focus Friday: TPRM Insights on Goanywhere Mft, Solarwinds Web Help Desk, Cisco Snmp, and Dnn Software Vulnerabilities
Welcome to the September 26th edition of Focus Friday, where we analyze some of the most pressing cybersecurity incidents from a Third-Party Risk Management (TP...
Sep 26, 2025
blog
Focus Friday: TPRM Insights on Jetty, Jenkins, and Cups Vulnerabilities
Discover how Jetty - MadeYouReset, Jenkins, and CUPS Vulnerabilities: TPRM Insights vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help priori...
Sep 19, 2025blog
Focus Friday: TPRM Insights on Sharepoint, Mssql, and Sap Netweaver Critical Vulnerabilities
Discover how Microsoft SharePoint MSSQL SAP NetWeaver Vulnerabilities: TPRM Insights vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prior...
Sep 12, 2025blog
How to Tackle Third-party Vulnerabilities Without Breaking the Bank
Tackle third-party vulnerabilities without breaking the bank. Discover how to prioritize the risks that actually matter and save millions in remediation costs.
Sep 8, 2025blog
Focus Friday: TPRM Actions for Django, Freepbx, and Hashicorp Vault Vulnerabilities
TPRM Insights vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prioritize exposure and streamline TPRM response.
Sep 5, 2025blog
What the Salesloft Drift Incident Means for TPRM
Salesloft incident highlights the domino effect of third-party breaches. Learn what happened, how to protect your ecosystem from supply chain attacks.
Sep 4, 2025
blog
Focus Friday: TPRM Actions for Critical Citrix Netscaler and Salesforce Tableau Vulnerabilities
Discover how CitrixDeelb Citrix NetScaler Salesforce Tableau Vulnerabilities: TPRM Insights vulnerabilities impact third-party risk. Black Kite’s FocusTags™ hel...
Aug 29, 2025blog
Citrixdeelb: What the Latest Citrix Vulnerabilities Mean for TPRM
Citrix vulnerabilities in NetScaler ADC/Gateway are under active exploitation. What happened, what to patch now, and how to manage third-party risk.
Aug 27, 2025
blog
Focus Friday: TPRM Actions for Madeyoureset, Ivanti Connect Secure, Postgresql & Plesk Obsidian
Discover how MadeYouReset Ivanti Connect Secure PostgreSQL Plesk Obsidian Vulnerabilities: TPRM Insights vulnerabilities impact third-party risk. Black Kite’s F...
Aug 22, 2025blog
Blacksuit (royal) Seized Under Operation Checkmate: No Arrests Mean a Comeback Is Imminent
Despite Operation Checkmate’s takedown of BlackSuit (Royal) infrastructure, the absence of arrests means the ransomware threat is far from over.
Aug 19, 2025blog
Focus Friday: TPRM Insights on Exchange Server, Mssql, N-able N-central Rmm, and Squid Proxy Vulnerabilities
Discover how Exchange Server MSSQL N-Able N-Central RMM and Squid Proxy vulnerabilities impact third-party risk.
Aug 15, 2025
blog
Infographic and Video: Key Takeaways From the 2025 Ransomware Report (what 6,000 Attacks Tell Us)
Uncover key takeaways from the 2025 Ransomware Report. Learn how threats are evolving, moving downmarket, and how RSI can give you advanced warning.
Aug 13, 2025blog
Black Kite Unveils Adversary Susceptibility Index to Operationalize Threat Actor Intelligence in Third-party Risk Management
Discover Black Kite’s Adversary Susceptibility Index — operationalizing threat actor intelligence for smarter third-party risk management.
Aug 6, 2025blog
Focus Friday: TPRM Insights on Sonicwall, Sophos, and Salesforce Tableau Vulnerabilities
How SonicWall SSL VPN Gen7, Sophos Firewall, Salesforce Tableau vulnerabilities impact third-party risk.
Aug 1, 2025
blog
Why Black Kite’s Ai Isn’t Just Marketing, It’s a Movement
AI enhances Third-Party Risk Management, but it's not the full solution. Discover how to build a robust TPRM program with strong foundations.
Jul 29, 2025
blog
Focus Friday: Third-party Risks in Sharepoint Toolshell and Grafana Vulnerabilities
Discover how Microsoft SharePoint ToolShell, Grafana vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prioritize exposure.
Jul 25, 2025blog
Black Kite Welcomes Jack Jones, Originator of Fair™, as Strategic Advisor to Deliver on Its Strategic Vision to Improve the Health and Safety of the World’s Cyber Ecosystem
Black Kite welcomes Jack Jones, FAIR’s originator, as strategic advisor — advancing its vision to strengthen global cyber health and safety.
Jul 24, 2025blog
Microsoft Sharepoint Under Siege: Cve-2025-53770 Exploited Via Toolshell Rce Chain
Protect your data now from the critical SharePoint RCE vulnerability CVE-2025-53770 (ToolShell) exploitation.
Jul 22, 2025blog
Ai Won’t Fix Your TPRM Mess (but Here’s What Might)
AI enhances Third-Party Risk Management, but it's not the full solution. Discover how to build a robust TPRM program with strong foundations.
Jul 16, 2025
blog
Focus Friday: TPRM Perspectives on Mssql, Redis, and Zimbra Vulnerabilities with Black Kite’s Focustags™
How MSSQL, Redis, and Zimbra vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prioritize exposure and streamline TPRM response.
Jul 11, 2025
blog
Black Kite Releases 2025 State of Financial Services: Hidden Dangers in the Vendor Ecosystem, Uncovering Critical Weaknesses That Pose Considerable Risks to Financial Institutions
Explore Black Kites 2025 report on hidden vendor risks in financial services, uncover critical weaknesses threatening financial institutions’ security
Jul 10, 2025
blog
Focus Friday: TPRM Insights on Critical Citrix Bleed 2 and Wing Ftp Server Vulnerabilities
Explore the Citrix Bleed 2 RCE and Wing FTP Server vulnerabilities from a TPRM perspective—guiding vendor assessments and targeted remediation.
Jul 3, 2025blog
Focus Friday: TPRM Insights Into Mattermost Arbitrary File Write and Mongodb Denial-of-service Vulnerabilities
Dig into a critical arbitrary file write vulnerability in Mattermost and two DoS vulnerabilities in MongoDB Server from a TPRM perspective.
Jun 27, 2025blog
The Bedrock of Effective TPRM? Quality Data
What distinguishes quality data in risk management, how to implement data quality control, and why Black Kite provides the most trustworthy data.
Jun 26, 2025blog
Ai in Ransomware: How Threat Actors Are (and Aren’t) Using Ai
How ransomware groups are leveraging AI to carry out attacks today, what to expect next, and how to prepare your cyber ecosystem for these threats.
Jun 25, 2025blog
Focus Friday: Grafana Vulnerability and Cisco Clamav Risks From a TPRM Perspective
Unpack the high-severity vulnerability in Grafana and multiple security flaws in Cisco’s ClamAV antivirus engine from a TPRM perspective.
Jun 20, 2025blog
New-generation Ransomware Groups Are a Growing Threat
Emerging ransomware groups are using new, evolved tactics, including legitimate software, to bypass defenses. Learn how to protect your organization.
Jun 18, 2025blog
Focus Friday: TPRM Insights Into Tridium Niagara and Elastic Kibana Vulnerabilities
Dive into critical Tridium Niagara and Elastic Kibana vulnerabilities from a TPRM perspective. Learn to assess vendor risk and mitigate proactively.
Jun 13, 2025blog
Focus Friday: Strategic TPRM Insights Into Screenconnect and Roundcube Vulnerabilities
Dive into critical ScreenConnect and Roundcube vulnerabilities from a TPRM perspective. Learn to assess vendor risk and mitigate proactively.
Jun 6, 2025blog
Now’s the Time for Agile, Data-driven TPRM (and Our Latest Research Proves It)
Traditional TPRM fails against modern threats. New research reveals how to build an agile third-party risk management program for supply chain resilience.
Jun 4, 2025blog
Built with Now: Black Kite Announces Integration with Servicenow to Boost Supply Chain Cyber Resiliency
Discover how Black Kite’s integration with ServiceNow elevates third-party risk management and strengthens supply chain cyber resilience.
Jun 4, 2025blog
Focus Friday: TPRM Insights Into Zimbra, Draytek Vigor, Atlassian Jira Data Center, Tornado, and Mdaemon Vulnerabilities
Timely TPRM insights into critical vulnerabilities affecting Zimbra, Draytek Vigor, Atlassian Jira Data Center, Tornado, and MDaemon and next steps
May 23, 2025blog
How to Implement Vulnerability Management in TPRM
Learn to operationalize vulnerability intelligence in TPRM. How to prioritize and act on the critical third-party vulnerabilities with insights.
May 22, 2025blog
Black Kite and Cgs Cyberdefense Partner to Deliver Unparalleled Visibility and Actionable Insights to Remediate Third-party Risks
Learn how Black Kite and CGS CyberDefense partner to deliver deeper visibility and actionable insights for third-party risk remediation.
May 20, 2025blog
Focus Friday: TPRM Insights on Ivanti Epmm and Sap Netweaver Vulnerabilities – Ongoing Threat Actor/ransomware Groups Activity
Explore critical vulnerabilities Ivanti EPMM & SAP NetWeaver through a TPRM lens. Learn how to identify and manage vendor risks.
May 16, 2025blog
Why Counting Cves Misses the Real Third-party Risk
Counting CVEs for vendor risk is misleading. Why relevance, discoverability, and actionability are key to third-party vulnerability management.
May 15, 2025blog
Black Kite Releases 2025 Ransomware Report, Revealing 123% Increase in Ransomware Attacks Over Two Years
Explore Black Kite’s 2025 ransomware report showing a 123% rise in attacks, growing supply-chain threats, and proactive defense insights.
May 13, 2025blog
Focus Friday: TPRM Insights Into Sysaid, Activemq, Webmin, and Couchbase Server Vulnerabilities
Explore critical vulnerabilities in SysAid, ActiveMQ, Webmin, and Couchbase Server through a TPRM lens. Learn how to identify and manage vendor risks.
May 9, 2025blog
Your Friendly Neighborhood Ransomware Syndicate Will See You Now
Discover how LockBit ran ransomware like a business before getting hacked themselves. Understand the implications for TPRM.
May 8, 2025blog
Focus Friday: TPRM Approach to Sap Netweaver Vcframework Rce and Apache Tomcat Http/2 Dos and Rewrite-rule Bypass
Learn TPRM implications of SAP NetWeaver RCE (CVE-2025-31324) and Apache Tomcat DoS/bypass (CVE-2025-31650/51) along with remediation guidance.
May 2, 2025blog
Black Kite Unveils Vulnerability Intelligence Briefs to Provide Visibility Into Third-party Vulnerability Risks
Discover how Black Kite’s Vulnerability Intelligence Briefs offer visibility into third-party vulnerability risks and enhance security decision-making
Apr 29, 2025blog
Focus Friday: TPRM Insights Into Fortinet Backdoors, Sonicwall Sslvpn, and Redis Dos Vulnerabilities
Understand the TPRM impact of the Fortinet backdoor, SonicWall SSLVPN DoS, and Redis DoS vulnerabilities. Actionable insights from a TPRM perspective.
Apr 25, 2025blog
How to Prioritize Vulnerabilities in Your Supply Chain: a Proven Approach to Cut Through the Noise
Overwhelmed by CVEs? Learn a proven 3D approach to prioritize supply chain vulnerabilities beyond severity. Watch our video and read the report.
Apr 23, 2025blog
Ey Us Unveils Paul Paget of Black Kite as an Entrepreneur of the Year® 2025 New England Award Finalist
Paul Paget, CEO of Black Kite, is named a finalist for EY US’s prestigious Entrepreneur of the Year 2025 New England award.
Apr 21, 2025blog
Focus Friday: Third-party Risks From Adobe Coldfusion and Beego Xss Vulnerabilities
Understand the TPRM implications of Adobe ColdFusion and Beego XSS vulnerabilities. Get vendor questions and remediation steps. Read our analysis now!
Apr 18, 2025blog
Focus Friday: TPRM Perspectives on Ivanti Connect Secure, Fortiswitch, and Minio Vulnerabilities
Understand the TPRM implications of Ivanti, FortiSwitch, and MinIO vulnerabilities. Get vendor questions and remediation steps. Read our analysis now!
Apr 11, 2025blog
Why You Want Human Experts Behind Your TPRM Data: Black Kite Research & Intelligence Team (brite)
Human experts unlock the true value of your TPRM data, turning it into actionable intelligence. How expert analysis improves cyber risk management.
Apr 10, 2025
blog
Black Kite Honored as Finalist of the 2025 Sc Awards
Black Kite is honored as a finalist in the 2025 SC Awards for risk and policy management, highlighting excellence in cybersecurity solutions.
Apr 9, 2025blog
Black Kite Research Reveals Traditional Approaches to Vulnerability Management Fall Short in Third-party Risk Management (TPRM)
New research from Black Kite shows traditional vulnerability management falls short for third-party risk — and what to do next.
Apr 8, 2025blog
Black Kite Hires Chief Marketing Officer and Vice President of Strategic Partnership & Alliances to Enhance Leadership Team
Black Kite expands leadership with new Chief Marketing Officer and VP of Strategic Partnerships to drive growth and strategic alliances.
Apr 3, 2025blog
Infographic: Takeaways From the 8 Most Noteworthy Cyber Incidents of 2024
Discover 2024’s biggest cyber incidents and how they disrupted third-party cyber ecosystems.
Apr 2, 2025blog
Infographic: Key Stats From the 2025 Third-party Breach Report
Get the essential numbers from the 2025 Third-Party Breach Report. See the biggest trends, attack methods, and impacts in one infographic.
Mar 31, 2025blog
Focus Friday: TPRM Implications of Kubernetes Ingress Nginx, Synology Dsm, and Synapse Server Vulnerabilities
Explore critical vulnerabilities in Kubernetes, Synology, and Synapse. Learn TPRM implications and how to streamline risk management with vendors.
Mar 28, 2025blog
Oracle Cloud Breach: Claims, Denials, and the Reality of Cloud Security Risks in TPRM
Claims of an Oracle Cloud breach conflict with official denials. Explore the cloud security risks and leaked data with analysis on the TPRM impact.
Mar 27, 2025blog
Focus Friday: Fortifying TPRM Against Kernel Compromise, Buffer Overflow, and Directory Traversal Vulnerabilities
Strengthen TPRM against kernel, buffer overflow, and directory traversal vulnerabilities in Juniper, MongoDB, and SAP with targeted insights.
Mar 21, 2025blog
Focus Friday: Third-party Risks in Draytek Vigor Routers, Vmware Esxi, Apache Tomcat, and Axios Http Client Vulnerabilities
Explore key vulnerabilities in DrayTek routers, VMware ESXi, Apache Tomcat, and Axios HTTP Client from a TPRM perspective.
Mar 14, 2025blog
Ransomware Review February 2025: Clop’s Cleo Attack Pushes Victim Count to Historic High
Learn about February’s ransomware activity: a record 809 victims, Clop's CLEO attack peaks, 8Base shutdown, and essential defense insights.
Mar 7, 2025blog
3rd Party Risk Management
Many organizations have been talking about the 3rd party risk management for years and it is becoming more complex every day.
Mar 6, 2025blog
Top 3 Actions to Take After Reading the 2025 Third-party Breach Report
From a CSO to CISOs: How to improve your third-party risk strategy, reduce risk exposure, and apply insights from the 2025 Third-Party Breach Report.
Mar 3, 2025blog
Focus Friday: Third-party Risks in Postgresql and Zimbra Vulnerabilities
Explore third-party risk impacts of CVE-2025-1094 in PostgreSQL and CVE-2023-34192 in Zimbra Collaboration Suite (ZCS), plus steps to mitigate them.
Feb 28, 2025blog
Cybersecurity Technology Summit
Cybersecurity Technology Summit; Winners from five Shark Tank Events all come together for the final round of presentations and judging.
Feb 27, 2025blog
The Silent Breach: Why Third Parties Are Cybersecurity’s Greatest Hidden Threat
Silent breaches expose hidden vulnerabilities in third-party networks. Learn why they happen, their impact, and how to protect against them in 2025.
Feb 24, 2025blog
Ransomware Review January 2025: Clop’s Cleo Exploit Fuels a Record Month
Get the latest insights from our monthly ransomware roundup: 546 incidents in January 2025, Clop’s CLEO exploit continues, and tips to reduce risk.
Feb 21, 2025blog
Focus Friday: Addressing Third-party Risks in Pan-os, Ivanti Connect Secure, Zimbra, and Cacti Vulnerabilities
Explore third-party risk impacts of PAN-OS, Ivanti, Zimbra, and Cacti vulnerabilities, plus how Black Kite’s FocusTags help mitigate them efficiently.
Feb 14, 2025blog
Key Takeaways From the 2025 Third-party Breach Report
Discover key trends from the 2025 Third-Party Breach Report, including ransomware shifts, regulatory impacts, the rise of continuous risk monitoring.
Feb 13, 2025blog
Black Kite Research Exposes the “silent Breaches” Lurking Within Interconnected Ecosystems
Discover Black Kite’s latest research exposing hidden breaches within interconnected ecosystems and the risks they pose to your supply chain.
Feb 11, 2025blog
Ransomware Review December 2024: Funksec’s Meteoric Rise and the Growing Threat of Raas
Discover key ransomware trends from December 2024, including FunkSec’s rise, RaaS innovations, and LockBit's bold new pricing strategy.
Jan 30, 2025blog
Infographic: Healthcare Under Siege – the Ransomware Epidemic
Explore why healthcare is a top ransomware target, with attacks rising 32.16% and patient safety at risk. Learn how to stay protected.
Jan 27, 2025blog
Focus Friday: TPRM Insights on Fortigate, Qnap, Mongoose, and W3 Total Cache Vulnerabilities with Black Kite’s Focustags™
TPRM insights into vulnerabilities in FortiGate, QNAP, Mongoose, and W3 Total Cache. Learn how Black Kite’s FocusTags enhance vendor risk management.
Jan 24, 2025blog
Black Kite Research Finds Certain Ransomware Groups Disproportionately Target Healthcare Organizations
Black Kite research reveals that certain ransomware groups disproportionately target healthcare, detailing threat trends and risk insights.
Jan 22, 2025
blog
Why Healthcare Is Now in the Bullseye for Ransomware Groups
Discover why healthcare is a top ransomware target, key stats from recent attacks, and actionable insights to protect your organization.
Jan 22, 2025blog
Focus Friday: Third-party Risks From Critical Juniper Junos, Rsync, and Simplehelp Vulnerabilities
Welcome to this week's Focus Friday blog, where we delve into high-profile cybersecurity incidents with a critical eye on Third-Party Risk Management (TPRM).
Jan 17, 2025blog
How to Solve Vendor Outreach During Security Crisis Events
Discover how Black Kite Bridge™ revolutionizes the vendor engagement process with risk intelligence, automated tools, and real-time reporting during security cr...
Jan 13, 2025blog
Focus Friday: Addressing Critical Vulnerabilities in Sonicwall, Ivanti, Progress, and Gocd
Welcome to this week's Focus Friday blog, where we delve into high-profile cybersecurity incidents with a critical eye on Third-Party Risk Management (TPRM).
Jan 10, 2025blog
From Policing to Partnering: Rethinking the Third-party Risk Management Process
Transform your third-party risk management process by shifting from policing to partnering. Strategies to build trust and improve collaboration.
Jan 6, 2025blog
Focus Friday: TPRM Insights on Apache Tomcat, Crushftp, and Gogs Server Vulnerabilities
Welcome to this week's Focus Friday blog, where we delve into high-profile cybersecurity incidents with a critical eye on Third-Party Risk Management (TPRM).
Dec 27, 2024blog
Focus Friday: TPRM Insights on Cleo File Transfer, Beyondtrust Pra and Rs, and Ivanti Cloud Services Application Vulnerabilities
Welcome to this week's Focus Friday blog, where we delve into high-profile cybersecurity incidents with a critical eye on Third-Party Risk Management (TPRM).
Dec 20, 2024blog
Cl0p’s Exploitation of Cleo Puts the Supply Chain at Immediate Risk
Learn how Cl0p's exploitation of Cleo vulnerabilities threatens supply chains and discover critical steps to mitigate ransomware risks.
Dec 18, 2024
blog
Vendor Risk Assessments: Why Scaling Feels Impossible (and What to Do About It)
Vendor risk assessments don’t have to feel impossible to scale with these critical steps and the help of risk tools like Black Kite.
Dec 16, 2024blog
Focus Friday: TPRM Insights on Qlik Sense, Cleo File Transfer, and Sap Netweaver Java Vulnerabilities
Welcome to this week's Focus Friday blog, where we delve into high-profile cybersecurity incidents with a critical eye on Third-Party Risk Management (TPRM).
Dec 13, 2024blog
When Ransomware Ruins the Supply Chain: Lessons From Blue Yonder and the Rise of Termite Ransomware Group
Discover how the Blue Yonder ransomware attack exposed supply chain vulnerabilities and learn strategies to manage third-party risk effectively.
Dec 11, 2024blog
The Vendor’s Dilemma: How to Manage Customer Security Requests Without Losing Your Mind
Use these proactive strategies and focused processes to better manage (and even reduce) security requests from customers.
Dec 9, 2024blog
Collaboration to Win the War on Cyber Threats
Discover how collaborative cyber threat intelligence strengthens defenses and helps organizations combat rising cybersecurity challenges.
Dec 4, 2024blog
Focus Friday: TPRM Insights on Pan-os, Postgresql, and Apache Airflow Vulnerabilities
Welcome to this week's Focus Friday blog, where we delve into high-profile cybersecurity incidents with a critical eye on Third-Party Risk Management (TPRM).
Nov 22, 2024Ready to connect cyber risk intelligence to your entire risk program?
Integrate risk intelligence into every part of your workflow so you can make more informed decisions with confidence.