Latest news with #SecurityScorecard
Techday NZ
22-05-2025
- Business
- Techday NZ
Fintech sector faces mounting third-party security breach risks
SecurityScorecard has published new research indicating that almost 42% of data breaches impacting top fintech companies can be traced back to third-party vendors, with a further 12% linked to fourth-party exposures. The findings, drawn from an analysis of 250 leading fintech firms worldwide, highlight the systemic risks facing the financial sector's supply chain despite robust internal cybersecurity practices. The report, titled Defending the Financial Supply Chain: Strengths and Vulnerabilities in Top Fintech Companies, exposes a growing separation between strong internal controls and vulnerabilities introduced through external partners. Fintech companies emerged as the industry with the strongest overall security posture, registering a median score of 90 in SecurityScorecard's assessment. More than half (55.6%) achieved an "A" rating. However, these scores did not fully shield the industry from cyber intrusions. According to the report, 18.4% of analysed fintech companies experienced breaches that were publicly reported, and over a quarter of these organisations (28.2%) suffered multiple incidents. Technology products and services featured in 63.9% of third-party breaches, with file transfer software and cloud platforms identified as the primary points of compromise. Application security and DNS health deficiencies were noted as the most prevalent weaknesses within the sector. Nearly half of the firms (46.4%) scored the lowest in application security assessments. These weaknesses included unsafe redirect chains, misconfigured storage, and missing Sender Policy Framework (SPF) records. Ryan Sherstobitoff, Senior Vice President of SecurityScorecard's STRIKE Threat Research and Intelligence Unit, commented on the findings: "Fintech companies anchor global finance, but one exposed vendor can take down critical infrastructure. Third-party breaches aren't edge cases - they reveal structural risk. In fintech, that means operational outages across payment systems, digital asset platforms, and core financial infrastructure." The report highlights that the threat emanating from an organisation's indirect partners - referred to as fourth-party suppliers - now exceeds double the global average, making up 11.9% of incidents in the fintech sector. These risks underscore the complexity and depth of digital supply chains in financial technology. In response to its analysis, the SecurityScorecard STRIKE team issued a series of recommendations for fintech companies to bolster their cybersecurity defences across the supply chain ecosystem. Among the recommendations is the need to strengthen oversight of both third- and fourth-party risks. The team advises that, "Fintech companies should tier vendors based on exposure and breach history, not just spend or business value. Disclosing downstream dependencies and requiring incident notification clauses in contracts can reduce cascading risk from fourth-party breaches." Securing shared infrastructure and the technical tools that enable financial operations is also critical. The team states, "File transfer software, cloud storage platforms and customer communication tools were the most common vectors for third-party breaches. Fintechs must audit these integrations regularly and require partners to demonstrate secure implementation practices." Another key area is the remediation of deficiencies in application security and Domain Name System (DNS) settings. According to the report, "Nearly half of fintechs scored lowest in application security. Unsafe redirect chains, misconfigured storage and missing SPF records were common. Remediating these foundational weaknesses should be a priority, starting with customer-facing assets." The report also advises enforcing robust credential protection measures. It recommends, "Credential stuffing campaigns and typosquatting attacks impacted a majority of firms. Enforcing MFA, monitoring for reused credentials and taking down spoofed domains are essential to protect users and prevent cross-platform compromise." Finally, the research suggests that companies which have experienced multiple breaches should be considered higher-risk and subject to extra scrutiny. The report notes, "Companies with multiple breaches accounted for the majority of total incidents. Vendors with prior breach history, especially those with known third-party exposures, should face enhanced scrutiny during onboarding and renewals." The study encompassed a range of fintech segments, including firms specialising in payments, digital assets, neobanking, financial planning, and technology infrastructure. The companies involved were selected for their international presence, influence within the industry, and operational scale.
Yahoo
02-04-2025
- Business
- Yahoo
Willis Towers Watson (NasdaqGS:WTW) Partners With SecurityScorecard For Cyber Risk Enhancement
Willis Towers Watson has seen a 7.6% price increase in the last quarter, potentially fueled by recent developments. The company's strategic partnership with SecurityScorecard could enhance its position in cyber risk quantification and enterprise security strategies. Concurrently, Willis' 5% dividend increase and robust Q4 earnings report, showing significant sales and income growth, might also have played a role in bolstering investor confidence. Furthermore, the ongoing market recovery, with the Nasdaq and other major indices gaining, may have supported the stock's upward trajectory amidst broader investor optimism despite volatility surrounding tariff announcements. We've discovered 2 risks for Willis Towers Watson that you should be aware of before investing here. Rare earth metals are an input to most high-tech devices, military and defence systems and electric vehicles. The global race is on to secure supply of these critical minerals. Beat the pack to uncover the 21 best rare earth metal stocks of the very few that mine this essential strategic resource. Over the past five years, Willis Towers Watson (WTW) achieved a total shareholder return of 101.78%, highlighting a significant enhancement in shareholder value. During this period, WTW re-entered the reinsurance market through a joint venture with Bain Capital, broadening its revenue streams and contributing to earnings diversification. This re-entry, completed as part of the company's "Grow, Simplify, and Transform" initiative, has set the stage for future growth. The company's strategic realignment, post-divestiture of TRANZACT, is expected to bolster its operating margins and free cash flow from 2025 onwards. Furthermore, WTW's investment in innovation was marked by enhancements in their Radar analytics engine, improving integration with platforms like Guidewire, and the formation of a partnership with SecurityScorecard to advance cyber risk quantification. Additionally, significant share repurchases, comprising over 54.02 million shares at a cost exceeding US$8.83 billion since 2007, have been undertaken to enhance shareholder value. These moves underscore WTW's commitment to strengthening earnings potential and solidifying its market position. Gain insights into Willis Towers Watson's past trends and performance with our report on the company's historical track record. This article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned. Companies discussed in this article include NasdaqGS:WTW. Have feedback on this article? Concerned about the content? with us directly. Alternatively, email editorial-team@ Sign in to access your portfolio
Yahoo
26-03-2025
- Business
- Yahoo
SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks
NEW YORK, March 26, 2025--(BUSINESS WIRE)--SecurityScorecard today released the 2025 Global Third-Party Breach Report. Using the world's largest proprietary risk and threat data set, SecurityScorecard's STRIKE Threat Intelligence Unit analyzed 1,000 breaches across industries and regions to uncover key attack patterns, measure the impact of third-party security failures and identify the most commonly exploited vendor relationships. Ryan Sherstobitoff, SVP of SecurityScorecard's STRIKE Threat Research and Intelligence, said: "Threat actors are prioritizing third-party access for its scalability. Our research shows ransomware groups and state-sponsored attackers increasingly leveraging supply chains as entry points. To stay ahead of these threats, security leaders must move from periodic vendor reviews to real-time monitoring to contain these risks before they escalate throughout their supply chain." Key Findings: Surging Risk: 35.5% of all breaches in 2024 were third-party related. This figure is likely conservative due to underreporting and misclassification. Tech Sector Shift: 46.75% of third-party breaches involved technology products and services, a drop from last year's 75%, signaling a diversification of attack surfaces. Industry Impact: Retail & hospitality saw the highest third-party breach rate (52.4%), followed by the technology industry (47.3%) and the energy and utilities industry (46.7%). Healthcare in the Spotlight: The healthcare sector had the most third-party breaches (78) but a below-average rate (32.2%). Global Hotspots: Singapore (71.4%) had the highest third-party breach rate, followed by the Netherlands (70.4%) and Japan (60%). The U.S. reported a lower rate (30.9%), falling 4.6% below the global average. Ransomware Connection: 41.4% of ransomware attacks now start through third parties. The ransomware group C10p stands out as the most prolific user of third-party access vectors. Actionable Strategies to Reduce Third-Party Breach Risk Based on third-party breach patterns, SecurityScorecard offers these targeted recommendations for security teams: Match Risk Management to Your Risk Profile: Third-party risk varies by industry, geography, technology and organizational structure. Security strategies should be tailored to these factors for effective risk management. Mitigate Fourth-Party Risk: Require vendors to maintain strong third-party risk management (TPRM) programs, include TPRM requirements in contracts and recognize that poor vendor security exposes your organization to fourth-party threats. Demand "Secure by Design" Technology: Ensure security features are built-in, not optional. Strengthen procurement standards and support CISA's Secure by Design initiative when selecting vendors. Harden High-Risk Infrastructure: Prioritize protection of file transfer software, cloud infrastructure, industry-specific services and VPNs. Implement prompt patching, multi-factor authentication (MFA) and continuous security assessments. Disrupt Ransomware Supply Chains: Paying ransoms fuels future attacks, creates legal risks and often fails to restore data. Strengthening defenses and refusing to pay ransoms protect both organizations and the broader security community. For more in-depth analysis and to download the report, visit: Methodology The findings in this report are based on a multi-source analysis of open-source intelligence (OSINT), security research, lawsuits, corporate filings, government disclosures, mainstream news media and underground criminal forums. This breach sample came from SecurityScorecard's intelligence feed, which is used in SecurityScorecard's SCDR platform to inform risk scoring and initiate incident response workflows. Unlike other reports that rely solely on self-reported data, this study integrates real-world breach intelligence gathered by SecurityScorecard's STRIKE Threat Intelligence team. Most breaches in the sample were not third-party related—this was intentional to provide a broader comparison sample. About SecurityScorecard SecurityScorecard created Supply Chain Detection and Response (SCDR), transforming how organizations defend against the fastest-growing threat vector—supply chain attacks. Our industry-leading security ratings serve as the foundation and core strength, while SCDR continuously monitors third-party risks using our factor-based ratings, automated assessments and proprietary threat intelligence, to resolve threats before they become breaches. MAX enables response and remediation capability, working through our service partners to protect the entire supply chain ecosystem while strengthening operational resilience, enhancing third-party risk management and mitigating concentrated risk. Trusted by over 3,000 organizations—including two-thirds of the Fortune 100—and recognized as a trusted resource by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Backed by Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, NGP, Intel Capital and Riverwood Capital, SecurityScorecard delivers end-to-end supply chain cybersecurity that safeguards business continuity. Learn more at or follow us on LinkedIn. View source version on Contacts Media Contact Allison Knight10Fold for SecurityScorecardsecurityscorecard@
Sky News
11-03-2025
- Business
- Sky News
X outage: Who are hackers 'behind massive cyber attack' on Elon Musk's social media platform?
Elon Musk said his social media platform X was hit by a "massive cyber attack" on Monday - but who was behind it? Musk said IP addresses involved in the attack were traced to locations "in the Ukraine area" but a hacking group called Dark Storm Team claimed it was responsible, in now-deleted Telegram posts. "Twitter has been taken offline by Dark Storm Team," a post read on the group's account, with a screenshot showing connection problems in a long list of countries. Here, Sky News looks at what we know about the hackers claiming responsibility for the attack. Who is Dark Storm Team? The hacking group was founded in 2023 and has orchestrated cyber attacks against governments and organisations known to support Israel, according to cyber security firm Check Point. "They tend to go after those high-profile attacks," said Muhammad Yahya Patel, a lead security engineer at Check Point. "Their main mantra is to cause disruption of services, largely related to government and NATO connections." The group has previously targeted Israeli hospitals, US airports, government websites and other critical infrastructure services, according to cyber security site Security Scorecard. It added that Dark Storm Team does not tend to demand ransoms after attacks and the group is vocal about its political motivations. "We will attack any country [...] that supports the occupying entity," the group posted on Telegram last year, in screenshots shared by Security Scorecard. However, Dark Storm Team is not completely motivated by political beliefs - it also advertises itself as hackers-for-hire. 0:56 'We have no relationship with Ukraine' While Musk linked the cyber attack to IP addresses "in the Ukraine area", this is disputed. A post from an X account claiming to be connected to Dark Storm Team read: "According to what Elon Musk said about the cyber attack on the X platform, its source is Ukraine. "It is an accusation without any evidence, and we have no relationship with Ukraine." Cybersecurity experts also questioned the claim, saying it would be unusual for an attack like this to come out of one location. "The IP addresses are [usually] distributed globally from different locations," said Mr Patel. After checking with Check Point's team of cyber analysts, he added: "It looks like a general DDoS attack coming from different locations, different IP addresses." A DDoS, or denial-of-service, attack is when hackers flood a system with attacks from all angles, targeting web servers, internal networks, or anything else they can access. The idea is to disrupt services enough that they become unavailable. After scouring the dark web, Mr Patel's team also found no one else claiming responsibility for the attack on X, only Dark Storm Team. Musk, the internet and Ukraine Musk caused alarm on Sunday when he claimed Ukraine's "entire front line would collapse if I turned it [Starlink] off". He made the remarks during a row with Poland's foreign minister over the use of Musk's satellite internet system. Last year, Ukraine said around 42,000 of the internet terminals were in operation across its military, hospitals, businesses and aid organisations. Musk later said he would "never turn off [Starlink's] terminals". US negotiators pressing Kyiv for access to Ukraine's critical minerals have raised the possibility of cutting Ukraine's access to the service, sources told Reuters in February.
