If your organization is like most, it depends on vendors, suppliers and business partners to help get work done. But when these often-less-secure third parties connect to your systems, you effectively increase your organization’s attack surface, thereby making yourself more vulnerable to cyberattacks. This problem is exacerbated when considering cloud assets: Your third parties may be storing your data on...

This week, sports fans reacted with disbelief when it was discovered that 15 NFL teams’ social media accounts were hacked. Those targeted included the two teams that will play in the Super Bowl LIV Championship match on February 2, the Kansas City Chiefs and the San Francisco 49ers. In addition to the Super Bowl contenders, the following teams were hacked...

Dirty dishes! Our team is dealing with an abundance of those. Argh! Which brought our researchers to develop a DishSnitch. Yeah, an automated app that detects and shames the culprit by sending the full evidence—including pics—to the company’s dedicated Slack. **Face palm** For those who are interested in the DishSnitch, we placed the app’s files free to grab on Github—you’ll...

Your vendors probably have cyber gaps. Which are the most common, and how can they be remedied? To answer these questions, Panorays used data from our cyber posture evaluations of tens of thousands of vendors from numerous industries over long periods of time. We extracted the findings that appeared in a large percentage of the companies and omitted obvious low-risk...

How secure are your third-party suppliers? And what about their suppliers? Panorays is focused on third-party security management – that is, the security posture of suppliers, vendors, partners and others doing business with an organization. But there’s yet another level that all businesses need to be concerned with – the partners and suppliers of their third parties, which are better...

When ranking the weakest link in an organization’s cybersecurity barriers, many tend to think of unpatched servers, exposed services or even shared resources on cloud providers. However, most overlook the number one factor needed for a successful cyberattack: humans. Different attack vectors, such as phishing and stolen credentials, focus on employees as an initial entry point to a company. The...

As the end of the year approaches, we at Panorays wanted to share what we found to be the top five vendor security cyber gaps in 2018. The Fab Five Panorays has the unique ability to evaluate the cyber posture of a large number of third parties from numerous industries over long periods of time. In our evaluation of over...

With football season just around the corner, we at Panorays decided to test the strength of NFL teams’ cyber defenses. We did this by simulating a hacker’s view to uncover cyber gaps on NFL team websites and digital assets. Above all, we wanted to know: Would there be any correlation between how teams played on the field and how their...

The TLS v1.0 cryptographic protocol, released in 1999, has various known vulnerabilities and security experts have recommended to disable it for a while now. However, Panorays research into 1,150 organizations (with a total of 29,000 websites) shows that 52% of organizations still use TLS v1.0 throughout all of their websites. A further 45% of organizations had at least one website...