Black Kite Blog
Microsoft Sharepoint Under Siege: CVE-2025-53770 Exploited Via Toolshell Rce Chain
Protect your data now from the critical SharePoint RCE vulnerability CVE-2025-53770 (ToolShell) exploitation.
Jul 22, 2025AI Won’t Fix Your TPRM Mess (but Here’s What Might)
AI enhances Third-Party Risk Management, but it's not the full solution. Discover how to build a robust TPRM program with strong foundations.
Jul 16, 2025Focus Friday: TPRM Perspectives on Mssql, Redis, and Zimbra Vulnerabilities with Black Kite’s Focustags™
How MSSQL, Redis, and Zimbra vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prioritize exposure and streamline TPRM response.
Jul 11, 2025Focus Friday: TPRM Insights on Critical Citrix Bleed 2 and Wing Ftp Server Vulnerabilities
Explore the Citrix Bleed 2 RCE and Wing FTP Server vulnerabilities from a TPRM perspective—guiding vendor assessments and targeted remediation.
Jul 3, 2025Focus Friday: TPRM Insights Into Mattermost Arbitrary File Write and Mongodb Denial-of-service Vulnerabilities
Dig into a critical arbitrary file write vulnerability in Mattermost and two DoS vulnerabilities in MongoDB Server from a TPRM perspective.
Jun 27, 2025The Bedrock of Effective TPRM? Quality Data
What distinguishes quality data in risk management, how to implement data quality control, and why Black Kite provides the most trustworthy data.
Jun 26, 2025AI in Ransomware: How Threat Actors Are (and Aren’t) Using AI
How ransomware groups are leveraging AI to carry out attacks today, what to expect next, and how to prepare your cyber ecosystem for these threats.
Jun 25, 2025Focus Friday: Grafana Vulnerability and Cisco Clamav Risks From a TPRM Perspective
Unpack the high-severity vulnerability in Grafana and multiple security flaws in Cisco’s ClamAV antivirus engine from a TPRM perspective.
Jun 20, 2025New-generation Ransomware Groups Are a Growing Threat
Emerging ransomware groups are using new, evolved tactics, including legitimate software, to bypass defenses. Learn how to protect your organization.
Jun 18, 2025Focus Friday: TPRM Insights Into Tridium Niagara and Elastic Kibana Vulnerabilities
Dive into critical Tridium Niagara and Elastic Kibana vulnerabilities from a TPRM perspective. Learn to assess vendor risk and mitigate proactively.
Jun 13, 2025Now’s the Time for Agile, Data-driven TPRM (and Our Latest Research Proves It)
Traditional TPRM fails against modern threats. New research reveals how to build an agile third-party risk management program for supply chain resilience.
Jun 4, 2025Focus Friday: TPRM Insights Into Zimbra, Draytek Vigor, Atlassian Jira Data Center, Tornado, and Mdaemon Vulnerabilities
Timely TPRM insights into critical vulnerabilities affecting Zimbra, Draytek Vigor, Atlassian Jira Data Center, Tornado, and MDaemon and next steps
May 23, 2025