Curated dark web incident reports

Curated dark web incident reports 

Many organizations concerned with threat actors operating on the dark web lack visibility into actual activity on the dark web, relying on aggregated metrics of "hacker chatter" to detect and measure risk. Given that dark markets are notorious for scams, data reuse, and intentional misdirection to fool credulous observers, security analysts need visibility into raw data being published on the dark web to verify the veracity of the leak and assess any impact to their organization. UpGuard customers on the Professional tier and up will now see curated posts from ransomware leak blogs on the Incidents and News page tagged as Dark Web. 

Detection of Moodle vulnerabilities

Moodle vulnerabilities are now detected and reported in both BreachSight and Vendor Risk. Currently, it is not possible to detect software versions on many Moodle instances, so vulnerabilities from all versions of Moodle are shown. Stay tuned for further improvements to our Vulnerabilities module in the coming weeks, which should make dealing with this data easier. Learn more about how to use the vulnerabilities module in our knowledge base article “What is UpGuard BreachSight’s vulnerabilities module?”

Improvements to Shared Profiles‍

• Factor risks from shared profiles into risk profile, vendor summary, and associated exports.
• Include questionnaire scores from the vendor’s shared profile in overall vendor scores.
• Create risk waivers for shared questionnaire risks.‍
• Trigger notifications when a monitored vendor publishes or updates their Shared Profile.

Other improvements

• Ignore multiple unverified vulnerabilities at once with the select all option.
• This release includes a number of bug fixes.