Not just security, the right security.
Here on the Cyber Risk Analytics research team, we have more than our fair share of “glitch in the matrix moments” – you know, that proverbial black cat walking across your screen that makes you think: “Didn’t I just see this breach?” Usually it’s a case of similar circumstances or simply two names that are […]
On June 11th, MITRE published descriptions and references for 318 entries, all relating to Mozilla Firefox. Yes; three hundred and eighteen entries. It may be tempting to think Mozilla was holding back on disclosures or there was a flurry of research activity leading to a slew of new vulnerabilities being discovered. But no, this would […]
In the early afternoon of June 4th, the CISO of MyHeritage received the message every security professional dreads. A researcher was reaching out to share the news they had found a file containing users’ email addresses and hashed passwords – 92,283,889 records in total – for nearly every account created with the service through October […]
Risk Based Security, Inc. (RBS) is pleased to announce a partnership with eGRC.COM (eGRC) and the corresponding launch of the RiskManaged VulnDB Connector. eGRC provides Enterprise Governance, Risk and Compliance software, integration and consulting services to Fortune 500 clients. eGRC helps customers maximize value from their GRC platform investments, supporting a variety of technologies including […]
The other day I happened upon an article titled: “Vulnerability Management: Why the Problem Can’t Be Solved“, which made me curious for all the wrong reasons. As you can imagine, I strongly disagree with the premise that vulnerability management is a problem that cannot be solved. Having worked in the vulnerability intelligence field for more […]
Yesterday, news broke of a “critical” vulnerability in OpenPGP and S/MIME, named ‘Efail’ that could lead to an attacker gaining access to plaintext emails. News broke in the form of a dire warning from the Electronic Frontier Foundation warning people to “immediately disable and/or uninstall tools that automatically decrypt PGP-encrypted email.” This was, of course, […]
Risk Based Security today announced the release of our Vulnerability QuickView Report, examining vulnerabilities reported in the first quarter of 2018. The report shows a continuing rise in the number of publicly disclosed vulnerabilities. Unless the pace of vulnerability disclosure slows down in the coming quarters, we are looking at yet another record-breaking year. Key […]
RICHMOND, VA, May 8, 2018 — After year over year increases in the number of reported data breaches, Risk Based Security has released the results of their Q1 2018 Data Breach QuickView Report, showing the number of breaches disclosed in the first three months of the year fell to 686 compared to 1,444 breaches reported […]
Statistics vary, but a prevalent theme is that ransomware attacks rose by as much as 250% in 2017. Since a considerable number of incidents go unreported, potentially a majority of them in fact, it is difficult to fully understand just how deep the problem goes. That said, we can all agree the problem is bad. […]
We recently posted an article about RSA and vendors making promises about their products. In some cases these promises are not technically possible, or the vendors are overstating what they can really do. The RSA booth from F.A.K.E Security was epic! There is no other way to describe it. When we posted the original article […]
The most comprehensive vulnerability intelligence and third party library monitoring service available.
Extensive database of data breaches with interactive dashboards, leaked email accounts and vendor assessments.
Affordable SaaS security solution providing a complete Information Security Program with access to a CISO.
Risk Based Security’s risk management solutions are a combination of data analytics, risk assessment and improvement strategies.
Richmond, VA
(855) RBS-RISK
EMAIL US