Resources, Whitepapers and Blog Information

BLOG: Effective Supplier Risk Management – Key Insights for Professionals
Organizations face a myriad of cybersecurity challenges, with supplier risk...
BLOG: Demystifying External Attack Surface Management  – Key Insights
Understanding and managing your external attack surface is paramount to...
BLOG: Cybersecurity and Governance – Aligning Strategies for GRC Specialists
The convergence of cybersecurity and governance has become paramount for...
BLOG: Streamlining Vulnerability Prioritization – The Orpheus Cyber Advantage
With an overwhelming number of Common Vulnerabilities and Exposures (CVEs)...
BLOG: Cyber Risk Mitigation Strategies for Insurance Underwriting Specialists
As we continue to witness remarkable strides in technology, the...
BLOG: Understanding Vulnerability Remediation
 As the digital realm becomes increasingly complex, the need for...
BLOG: The Role of Cyber Risk Ratings in Comprehensive Supply Chain Defense
With the escalating frequency and sophistication of cyber threats, the...
BLOG: Vulnerability Lifecycle Management – Best Approaches
As expected, cyber threats are becoming more sophisticated with time....
BLOG: The Impact of Cyber Risk Ratings on Compliance Effectiveness
As the regulatory landscape becomes increasingly complex and cyber threats...
BLOG: Enhancing Client Trust through Cyber Risk Ratings by MSPs
Managed Service Providers (MSPs) stand as the vanguard, safeguarding businesses...
BLOG: MSPs’ Role in Navigating Evolving Cyber Threats with Confidence
Cyber threats are constantly morphing and evolving at an alarming...
BLOG: Exploring the Reach of External Attack Surface Management – Safeguarding Your Digital Perimeter
Cyber threats loom from every corner of the internet, targeting...
BLOG: Data-Driven Defense – Amplifying Threat Intelligence with Cyber Risk Ratings
Businesses are increasingly turning to sophisticated solutions to safeguard their...
BLOG: Enhancing Business Continuity via Third-Party Cyber Risk Insights
Businesses rely on an intricate network of third-party vendors and...
BLOG: MSPs and the Power of Data-Backed Security Insights
 As cyberattacks grow in sophistication, relying solely on traditional security...
BLOG: Redefining MSP Excellence – Delivering Holistic Security Through Cyber Risk Insights
Managed Service Providers (MSPs) play a crucial role in safeguarding...
BLOG: Crafting Resilient Strategies with Actionable Cyber Threat Insights
In the continually changing realm of digital conflict, maintaining a...
BLOG: Insights into the Sophisticated World of State-Sponsored Cyber Attacks
In the constantly shifting landscape of cybersecurity, a distinct category...
BLOG: How Cyber Risk Intelligence Expands Threat Detection Horizons
Cybercriminals continually adapt and refine their tactics, making it crucial...
BLOG: Identifying Critical Vulnerabilities through Risk-Centric Approach
Traditional security measures, while still important, may not provide the...
BLOG: Client-Centric Security – Enhancing MSP Services with Real-Time Cyber Risk Ratings
Managed service providers (MSPs) play a pivotal role in ensuring...
BLOG: Prioritizing Remediation with Risk-Driven Insights
Cyber threats are evolving all the time and as a...
BLOG: Identifying and Addressing Third-Party Risks with Precision
Organizations are more reliant than ever on third-party relationships to...
BLOG: Strategic Partnership, Stronger Security – Blueprint for MSPs Using Risk Intelligence
Managed service providers (MSPs) play a pivotal role as guardians...
BLOG: Elevating Small Team Security with Actionable Intelligence
While many large enterprises may have dedicated security teams and...
BLOG: Risk vs. Reward – Striking the Balance in Third-Party Relationships with Cyber Risk Ratings
Expansion and competitiveness heavily rely on establishing partnerships and collaborations...
BLOG: The MSP Advantage – How Cyber Risk Ratings Enhance Offerings and Client Relationships
With the ever-growing threat landscape, MSPs are not just service...
BLOG: Consistent and Standardised Cyber Risk Assessments – Real-World Examples of Improved Decision-Making
Organizations worldwide recognize the importance of robust risk assessment methodologies....
BLOG: The Value of Cyber Risk Ratings for Regulatory Bodies
Amidst our contemporary interwoven digital environment, safeguarding sensitive data and...
BLOG: The Impact of External Attack Surface Management on Cybersecurity Strategy
Amidst the ever-evolving realm of cybersecurity, characterized by evolving threats...
BLOG: Orchestrating Remediation Efforts with Risk-Based Strategies
The rise of risk-based strategies signals a transformative shift in...
BLOG: The Intersection of Cyber Threat Intelligence and Risk-Based Vulnerability Management
The relationship between vulnerability management and cyber threat intelligence has...
BLOG: The Growing Demand for Cyber Insurance and the Competitive Edge of Offering Ratings
Businesses and organizations have become increasingly dependent on technology. As...
BLOG: Using Cyber Threat Intelligence to Identify and Counter Advanced Persistent Threats (APTs)
The world of cybersecurity is fraught with ever-evolving threats, and...
BLOG: Protecting Your Clients, Scaling Your Business – The Power of Cyber Risk Ratings for MSPs
Managed Service Providers are vital in safeguarding their clients’ sensitive...
BLOG: Limitations of Traditional Security Assessments and How Cyber Risk Ratings Offer a More Comprehensive View
Traditional security assessments have always been crucial in identifying vulnerabilities...
BLOG: How Cyber Risk Ratings Improve Regulatory Fairness
The escalating frequency and sophistication of cyberattacks have prompted regulatory...
BLOG: Managed Service Providers – How Risk-Based Vulnerability Management Can Help Protect Your Clients
As a Managed Service Provider (MSP), your primary objective is...
BLOG: Integrating Vulnerability Management into Your IT Security Framework
To effectively mitigate the increasing number of risks and cybersecurity...
BLOG: Unveiling the Dire Consequences of Inadequate Cybersecurity Measures for Organizations
The digital revolution has certainly accelerated business growth and efficiency,...
BLOG: The Power of a Comprehensive Cyber Risk Rating System for Organizations
With an ever-growing digital landscape, organizations are facing a multitude...
CTI Weekly: Deep Fake Video of Putin Address and Cyber Threats Amidst Ukrainian Counter-Offensive, State-Linked Malware, Ransomware Campaigns, and Banking Security Concerns
Key Issue: Broadcast of deep fake Putin speech coincides with...
BLOG: Leveraging Cyber Threat Intelligence – Strengthening Managed Service Providers’ Defense Against Emerging Threats
In today’s digital landscape, the relentless rise of cyber threats...
BLOG: The Future of Regulation – Embracing Cyber Risk Ratings for Effective Oversight
Cyber threats are becoming increasingly sophisticated and prevalent, and effective...
BLOG: The Power of Cyber Threat Intelligence – How It Can Protect Your Business
Businesses are increasingly reliant on digital platforms for their day-to-day...
BLOG: The ROI of Cyber Risk Ratings for MSPs
Managed Service Providers play a critical role in protecting their...
BLOG: Best Practices for Managing and Mitigating Third-Party Risks – Lessons Learned
As businesses continue to expand and rely on third-party vendors...
CTI Weekly: US Intelligence Leak Links Russia to Threat Actors
Highly confidential intelligence documents, allegedly leaked from the US Pentagon,...
BLOG: The Future of Cyber Risk Rating: Implications for Regulators and Financial Institutions
The world has witnessed an exponential increase in cyber attacks...
CTI Weekly: Ransomware group adds 53 companies to its leak site within 48 hours
Between March 22 and 24, the Clop ransomware group added...
CTI Weekly: Increasingly extreme extortion tactics leveraged by ransomware groups
Cybercriminals are using new tactics to extort victims for ransom,...
BLOG: Assessing the Impact of Third-Party Risks on Your Organization
In the current interconnected business landscape, numerous organizations depend on...
CTI Weekly: HiatusRAT malware is targeting business-grade routers to collect intelligence
The Hiatus campaign is using a new malware called HiatusRAT...
BLOG: The Female Cyber Security Revolution – How Women are Transforming the Industry
The field of cybersecurity has long been dominated by men,...
BLOG: Navigating the Roadblocks: Overcoming Common Challenges in Risk-Based Vulnerability Management
Risk-based vulnerability management is an essential aspect of any organization’s...
BLOG: What MSPs Should Know about Cyber Threat Intelligence
Managed Service Providers are responsible for providing a range of...
BLOG: Cybercrime on the Rise – Understanding and Defending Against Cyber Threats
The advancement of technology has made our lives easier, but...
BLOG: Advancing Diversity and Inclusion in Cyber Security Through Black History Month
February is Black History Month in the US, a time...
BLOG: The Role of Risk-Based Vulnerability Management Regulations in Ensuring Cybersecurity
Cybersecurity is a growing concern for businesses and organizations around...
BLOG: How Risk Based Vulnerability Management Can Help Insurers Mitigate Financial Losses
Risk-based Vulnerability Management is a method that helps insurers identify...

BLOG: Vulnerability Prioritization

Monday 30th January 2023

BLOG: Vulnerability Prioritization
Vulnerability prioritization is identifying, assessing, and prioritizing vulnerabilities in your...
Cyber Threat Intelligence Weekly Update: 27th January 2023
United States Justice Department disrupt Hive Ransomware operations This week...
BLOG: Why You Should Be Monitoring Your Supply Chain For Breaches
In today’s interconnected business world, supply chain security has become...
Threat intelligence weekly update | 6th January 2023
Key Issue: Slack discloses data breach affecting its GitHub code...
BLOG: Threat Actors Targeting MSP Access to Customer Networks
As the use of managed service providers (MSPs) continues to...
BLOG: How Cybercrime is a Regulatory Issue
Cybercrime is a major regulatory issue because it can have...
Threat intelligence weekly update | 30th December 2022
Key Issue: Ransomware groups increasingly compromise healthcare sector entities Cybercriminals:...
Threat intelligence weekly update | 23rd December 2022
Key Issue: Suspected Russian threat actors target Ukrainian military application...
BLOG: Seasonal Cyber Threats to the Retail Sector
For the retail sector, the holiday season running from October...
Threat intelligence weekly update | 16th December 2022
Key Issue: FBI targeted in data exfiltration campaigns Cybercriminals: Multiple...
Threat intelligence weekly update | 9th December 2022
Key Issue: North Korea-backed APT37 leverages Internet Explorer zero-day vulnerability...
BLOG: Black Friday & Cyber Monday 2022 – What Happened?
The lucrative nature of Black Friday and Cyber Monday for...
Threat intelligence weekly update | 2nd December 2022
Key Issue: International law enforcement operations disrupt cybercriminal groups Cybercriminals:...

Week 47 | 21st – 25th November 2022

Friday 25th November 2022

Week 47 | 21st – 25th November 2022
Key Issue: Email cyberattacks targeting Arab countries rise in run...

Week 46 | 14th – 18th November 2022

Friday 18th November 2022

Week 46 | 14th – 18th November 2022
Key Issue: Lazarus Group targets multiple countries with DTrack malware...

Week 45 | 7th – 11th November 2022

Friday 18th November 2022

Week 45 | 7th – 11th November 2022
Key Issue: Russian state unit Sandworm linked to Prestige ransomware...

Week 44 | 31st Oct– 4th Nov 2022

Tuesday 8th November 2022

Week 44 | 31st Oct– 4th Nov 2022
Key Issue: Two high-severity vulnerabilities found in OpenSSL software Cybercriminals:...
BLOG: Infamous Threat Actors – Where Are They Now?
  Many threat groups either disband, go dark, or remerge...
Week 43 | 24th – 28th October 2022
Key Issue: Large-scale domain typosquatting campaign delivers commodity malware Cybercriminals:...
BLOG: Small Businesses Vulnerable To Cyber Attacks
Ransomware and cyberattacks have seen a significant increase in intensity...

BLOG: Threat Actors Targeting MSPs

Wednesday 12th October 2022

BLOG: Threat Actors Targeting MSPs
Managed service providers are an attractive target for threat actors...

BLOG: Who Are Lapsus$ Group?

Tuesday 20th September 2022

BLOG: Who Are Lapsus$ Group?
After disappearing in March, Lapsus$ group has made its way...
BLOG: Data Breaches Rising Throughout 2022
Threat actors will stop at nothing to infiltrate networks and...
IntSum – Week 33 | 15th – 19th August 2022
Key Issue: USD 6 million worth of in–game items stolen...

BLOG: What Are Vulnerabilities?

Tuesday 26th July 2022

BLOG: What Are Vulnerabilities?
The cyber threat landscape is endlessly evolving and advancing, the...

BLOG: Choosing The Right Vendor

Friday 22nd July 2022

BLOG: Choosing The Right Vendor
Finding a vendor has never been an easy task. The...
BLOG:  Why Cybersecurity Needs To Be A Priority For The Education Sector
Despite the development of many cyber security measures that can...
BLOG: US Eye Clinic Suffers Data Breach Impacting 92,000 Patients
A healthcare clinic based in Missouri has informed US regulators...
BLOG: Biden Signs Two Bills to Enhance Government Cybersecurity
On Tuesday, June 21 President Biden signed two crucial cybersecurity...
BLOG: Risk Compliance – How Organisations can keep safe and avoid penalties
Compliance risk is an organisation’s potential exposure to legal penalties,...
BLOG: How Continuous Risk Monitoring of Supply Chains is Key to Every Business
Building connections and relationships with third parties are great and...
BLOG: How Vulnerable MSP’s Are to Threat Actors
Today’s cyber threat landscape has made it a necessity for...

BLOG: Understanding Cyber Risk

Wednesday 4th May 2022

BLOG: Understanding Cyber Risk
Cyber risk is the probability of exposure or loss resulting...
BLOG: How Cyber Risk Ratings Can Help MSPs Protect Businesses from Data Breaches
The tactics and strategies of threat actors mean that no...
BLOG: Reducing Cyber Risk When Doing Business with a New Vendor
Organizations are becoming alert to the risks of supply chain...
BLOG: How Cyber Risk Ratings Are Building Real Time Cybersecurity
A high-quality cyber risk rating is an asset for organizations....
PRESS RELEASE:  City Corporation launches new cyber security innovation challenge supported by Microsoft
The City of London Corporation is launching a new cyber...

BLOG: Vendor Risk Management

Wednesday 16th March 2022

BLOG: Vendor Risk Management
Organisations are delegating more of their business procedures to third...
BLOG: Women In Cyber – What Progress Are We Making?
Cybersecurity is a critical topic for all countries however, the...
BLOG: Suspected state front FreeCivilian publishes Ukrainian government data after DDoS and wiper attacks 
Executive Summary  On 24 February, our research uncovered that several...
BLOG: Third-Party Risk Management Lifecycle
Third party risk management has become a key focus for...
BLOG: Why Cybersecurity Needs Diversity & Inclusion
Instinctively, as a society, we are aware that diversity and...
BLOG: The Security and Vulnerability Management Market Size Estimated To Be Worth $15.86 Billion by 2030
A report published by The Brainy Insights found that the...
BLOG: Threat Actors – Every Day Is Valentine’s Day
Threat actors will always find ways to utilise occasions to...
BLOG: Cyberattacks on the United States Government
A wide variety of United States Government institutions have been...

BLOG: The Growing Threat of Cyberattacks

Wednesday 26th January 2022

BLOG: The Growing Threat of Cyberattacks
While there are a multitude of threats and risks threatening...
BLOG: Biggest Cyber Risks Threatening the United States
The largest risks to the cyber security world continue to...
BLOG: US and Israel Announce Joint Cybersecurity Task Force
A partnership between the United States and Israel to support...
BLOG: What Are The Signs Of A Phishing Attempt?
Phishing attacks affect individuals and organizations spread across the globe;...

BLOG: Wiper Malware

Friday 14th January 2022

BLOG: Wiper Malware
Wiper malware is used for wiping, overwriting, or removing data...
BLOG: Insider Threats In the Healthcare Sector
The healthcare sector should be a sector that threat actors...

BLOG: What is Magecart/E-Skimming?

Tuesday 7th December 2021

BLOG: What is Magecart/E-Skimming?
Magecart is a commonly used name for loosely affiliated groups...

BLOG: How Black Friday Impacts Businesses

Wednesday 24th November 2021

BLOG: How Black Friday Impacts Businesses
With Black Friday around the corner, it is important consumers...
PRESS RELEASE: Orpheus Cyber x Cyber Runway
Orpheus Cyber is pleased to announce that we have been chosen...
BLOG: Cybersecurity Weaknesses In The Financial Industry
The financial sector remains at the sharp edge of the...
BLOG: How Secure Is Two Factor Authentication?
Implementation of two-factor authentication is often the advice provided by...
BLOG: UK Ransomware Attacks Have Doubled In A Year
Ransomware attacks have been one of the critical moments of...
BLOG: DDoS Attacks on Online Gamers and How to Prevent Them
DDoS Attacks and Gaming Gaming has been described as a...

BLOG: The Dangers of QR Codes

Wednesday 13th October 2021

BLOG: The Dangers of QR Codes
A QR code (Quick Response code) is a type of...
BLOG: NatWest’s £320m Money-Laundering Fine
Last week it was found that NatWest is facing the...

BLOG: Pharming vs Phishing

Friday 8th October 2021

BLOG: Pharming vs Phishing
Last year, Phishing and Pharming were among the top types...

BLOG: The Return Of REvil

Monday 13th September 2021

BLOG: The Return Of REvil
Following an abrupt departure for two months, several of the...

BLOG: Ragnar Locker New Tactic

Tuesday 7th September 2021

BLOG: Ragnar Locker New Tactic
Ragnar Locker operatives this week have cautioned victims against soliciting...

BLOG: What Is Pegasus?

Tuesday 7th September 2021

BLOG: What Is Pegasus?
On Monday, Spyware researchers obtained what is believed to be...

BLOG: The Rise Of Stalkerware

Tuesday 7th September 2021

BLOG: The Rise Of Stalkerware
Stalkerware is a term used to refer to software applications...
BLOG: Is Cryptojacking On The Rise Again?
Cryptojacking was at the centre of a lot of controversy...

BLOG: How Are Vulnerabilities Defined?

Thursday 2nd September 2021

BLOG: How Are Vulnerabilities Defined?
A vulnerability is a weakness or error in a system/device’s...
BLOG: Why is a Third-Party Risk Management Budget Important?
A great way for organisations to deal with the expanding...
BLOG: Why Vulnerability Management Crucial to Managing Third-Party Cyber Risk & How Orpheus Cyber Can Help
The current cyber threat landscape means that taking a pre-emptive...
BLOG: How Artificial Intelligence and Machine Learning Help Cybersecurity In 2021
Machine learning and artificial intelligence provide us with a wide...
BLOG: Supply Chain Attacks Expected To Quadruple In 2021
The European Union Agency for Cybersecurity (ENISA) conducted research and based on...
BLOG: How Important Is Continuous Risk Monitoring?
Third-party security breaches are increasing and rising at a large...
BLOG: Respect in Security Pledge
When you work in threat intelligence you are very aware...
BLOG: The Most Routinely Exploited Vulnerabilities of 2020 & 2021
A Cybersecurity Advisory report was co-authored and published on 28th...
BLOG: The Importance of Supply Chain Risk Management
With the recent controversy surrounding the huge supply chain attack...
BLOG: UK Government Requests Views on Supply Chain Cybersecurity
The United Kingdom’s Department for Digital, Culture, Media & Sport...

BLOG: Star-Fs & CBest Compared

Wednesday 14th July 2021

BLOG: Star-Fs & CBest Compared
STAR-FS and CBEST are both frameworks for intelligence-led penetration testing...

BLOG: Who is RYUK?

Thursday 8th July 2021

BLOG: Who is RYUK?
Ryuk is a complex ransomware threat that first emerged in...

BLOG: What is Maze Ransomware?

Thursday 24th June 2021

BLOG: What is Maze Ransomware?
Maze ransomware is a complex strain of Windows ransomware, this...
BLOG: Common Third-Party Risk Management Concerns
Organisations are often unaware of the risks that third-party vendors...
BLOG: How Ransomware-As-A-Service Works
Ransomware as a Service (RaaS) is an implementation of the...
CASE STUDY: UKRI x Orpheus Cyber
At Orpheus Cyber, we deploy award-winning machine learning technology to...
BLOG: What role do cryptocurrencies play in ransomware?
Ransomware has gradually become a prevalent cybercrime. Cryptocurrency and ransomware...
BLOG: Why is Third-Party Risk Management Crucial?
Third-party risk management is imperative in helping mitigating risk and...
BLOG: The Evolution of Ransomware
Ransomware is a threat landscape that is always transforming and...
Orpheus Cyber Wins ‘Best Use Of Machine Learning/AI’ At SC 2021 Awards Europe
We are appreciative and pleased to announce our win for...
BLOG: Should Organisations Pay Ransom Demands?
A popular debate is quite often, “should organisations pay the...
BLOG: Who is REvil/Sodinokibi?
REvil (also identified as Sodinokibi) is a private ransomware-as-a-service (RaaS)...
BLOG: JBS S.A. Falls Victim To Ransomware Attack
Over the weekend, global food distributor JBS S.A. has become...
BLOG: Researchers Expose Malware Trick Used To Bypass Antivirus Software
Researchers have recently divulged substantial security weaknesses surrounding common software...
BLOG: Malvertising Campaign Distributes Malicious AnyDesk Installer
On Wednesday, Cybersecurity researchers revealed the disruption of a malvertising...
BLOG: Energy Firms Rush to Buy Cyber Insurance
A recent article from Reuters suggests that energy companies are...
BLOG: Microsoft Informs About Data Stealing Malware That Acts As Ransomware
Microsoft issued a warning on Thursday May 20th about a...
BLOG: Colonial Pipeline Operations ‘Back to Normal’ As DarkSide Shuts Down
The Colonial Pipeline at the centre of the recent ransomware...
Achilles partners with Orpheus to offer supply chain cyber risk management and intelligence
Achilles Information, global leader and partner of choice for supply...

BLOG: Who is DarkSide?

Thursday 13th May 2021

BLOG: Who is DarkSide?
DarkSide is the name given to the group operating the...
BLOG: Fuel Pipeline Cyber Attack Causes US To Declare Emergency
A colonial pipeline that contains and supports 45% of the...
BLOG: The Escalating Concern About Ransomware
Ransomware has always been quite a prominent threat, but it...
BLOG: How Security Intelligence Improves Cloud Security
Security intelligence can play a huge role in cloud security,...
BLOG: How Orpheus Cyber Approaches Cyber Risk Ratings
A recent Forrester report on cyber risk ratings has provided...
BLOG: Main Cloud Security Issues and Threats in 2021
As threats have evolved and we have sophisticated new attacks...
BLOG: How Machine Learning and AI can be used to prevent cyberattacks
At Orpheus Cyber, we deploy award-winning machine learning technology to...
Orpheus Cyber Shortlisted For Best Use Of Machine Learning/AI By SC 2021 Awards Europe
Orpheus Cyber is delighted to announce we have been shortlisted...

BLOG: What Is Cloud Security?

Thursday 15th April 2021

BLOG: What Is Cloud Security?
Cloud security describes a form of cybersecurity that covers policies,...
BLOG: Third-Party Risk Management Guidance
The UK financial services regulators have combined to deliver guidelines...
BLOG: COVID 19’s Impact on Women In Cyber
Throughout the pandemic we have read countless articles on the...
BLOG: Using your voice as a woman in cybersecurity
As we have discussed before, diversity within the cybersecurity industry...
BLOG: How close are we to closing the gender diversity gap?
Cybersecurity has long been a male dominated industry with only 20 per...
BLOG: Why Diversity Is Crucial For Threat Intelligence Teams
Workplace diversity is often supported for ethical or moral reasons...
BLOG: Increase in QuickBooks Data Spear-Phishing Attacks
Research has now led to a discovery of a significant...
BLOG: 30,000 Macbooks Infected By New “Silver Sparrow” Malware
There is popular belief that Apple made computers are mostly resistant to any type of malware, however as of recently it appears...
BLOG: What are the benefits of a STAR-FS?
The UK regulator has recently introduced the STAR-FS intelligence-led penetration...

BLOG: Danger Of Ads & PUAs

Tuesday 16th February 2021

BLOG: Danger Of Ads & PUAs
As long as there have been web advertising networks, there...

BLOG: Valentine’s Day Phishing Scams

Saturday 13th February 2021

BLOG: Valentine’s Day Phishing Scams
Valentine’s day is universally known as the day when people...
BLOG: Remote Working Causing Data Breach Fatigue
At a time when data security needs to be taken more...

STAR-FS Accreditation Announcement

Wednesday 10th February 2021

STAR-FS Accreditation Announcement
Orpheus is pleased to announce our accreditation under the STAR-FS...

BLOG: What Is STAR-FS?

Wednesday 10th February 2021

BLOG: What Is STAR-FS?
STAR-FS is the new standard for threat-led penetration tests within...
BLOG: Makop RaaS Campaign targets South Korean Entities
Executive Summary A recent Makop ransomware campaign has been targeting...

BLOG: Continuous Risk Monitoring

Friday 29th January 2021

BLOG: Continuous Risk Monitoring
Continuous risk monitoring is a valuable tool for organisations seeking...
BLOG: New Wormable Android Malware Spreading Through WhatsApp
A newly discovered, Android malware software has been found to disseminate itself through WhatsApp messages to other...
BLOG: Why are big-game hunting ransomware groups targeting remote access vulnerabilities?
Version 1.1 Author Alex Ashby Date 12th May 2020 The...
BLOG: WhatsApp Delays Controversial Privacy Update
WhatsApp announced on Friday that the controversial policy update (click...
BLOG: Understanding Third Party Risk
Third Party Risk is the potential risk that arises from institutions...

BLOG: Whatsapp’s New Privacy Policy

Saturday 9th January 2021

BLOG: Whatsapp’s New Privacy Policy
WhatsApp has issued an update to their privacy policy informing...
BLOG: Ticketmaster To Pay $10 Million Fine Over Hacking Scandal
The recent news surrounding Ticketmaster has caused some controversy. Ticketmaster...

BLOG: 2020 predictions in review

Thursday 31st December 2020

BLOG: 2020 predictions in review
We review a series of forecasts we made at the...

BLOG: 2021 Predictions

Wednesday 23rd December 2020

BLOG: 2021 Predictions
Introduction 2020 has been a tough year for us all,...
BLOG: 12 Vulnerabilities of Christmas – CVE -2019-2725
CVE-2019-2725 is a vulnerability that targets Oracle WebLogic Server versions...
BLOG: 12 Vulnerabilities of Christmas – CVE-2019-3396
The penultimate blog in our series on the most significant...
12 Vulnerabilities of Christmas- CVE-2017-0199
The latest in our 12 vulns of Christmas series looks...
BLOG: 12 Vulnerabilities of Christmas CVE-2019-19781
Having reportedly caused the death of a hospital patient and...
BLOG: 12 Vulnerabilities of Christmas – CVE-2019-10149
Although the latest vulnerability in our series had a CVSS...
BLOG: 12 Vulnerabilities of Christmas- CVE-2020-0688
CVE-2020-0688 is a critical vulnerability affecting Microsoft Exchange Server, allowing...
BLOG: 12 Vulnerabilities of Christmas CVE-2017-5638
CVE-2017-5638 is a critical vulnerability affecting certain versions of Apache...
BLOG: 12 Vulnerabilities of Christmas CVE -2019-11510
CVE-2019-11510 in Pulse Secure VPN products earned a maximum OVS score of...
BLOG: 12 Vulnerabilities of Christmas – CVE-2020-0796 A.K.A SMBGhost
CVE-2020-0796 is a critical vulnerability affecting the SMB protocol originally...
FireEye breach sees release of red-team tools
The breach affecting cyber security giant FireEye reaffirms that sophisticated...
BLOG: 12 Vulnerabilities of Christmas CVE-2020-10189
Day three of our Christmas vulnerability countdown looks a vulnerability...
12 Vulnerabilities of Christmas- CVE -2020-5902
The Twelve Days of Christmas commemorates a series of increasingly...
12 Vulnerabilities of Christmas- CVE-2019-0708 A.K.A BlueKeep
The Twelve Days of Christmas commemorates a series of increasingly...
BLOG: Computer Security Day – What Precautions Should You Take?
In this blog post, we will briefly discuss Computer Security...
BLOG: Black Friday 2020 – What Are The Risks?
Black Friday is universally known as the time of year...

BLOG: The Privacy Risks Of Smart TVs

Thursday 19th November 2020

BLOG: The Privacy Risks Of Smart TVs
In honour of World Television Day, within this blog post...
‘You’re hired!’ The rise of corporate hack-for-hire groups
By Orpheus Analysts In this blogpost, the Orpheus analyst team...
What Do The Regulators Say About Third Party Risk?
Third party risk has long been identified as a key...

BLOG: Gone Phishing

Tuesday 3rd November 2020

BLOG: Gone Phishing
Investigation into a spearphishing campaign targeting company supported by Orpheus...
Blog: Future of Threats Against Connected Devices
As we come into the last few days of Cyber...
BLOG: Biden Their Time – The Cyber Threats To The US Election and Their Wider Consequences
By Orpheus Analysts Introduction   The US presidential election is always...
BLOG: US’ National Security Agency List of 25 Vulnerabilities That Chinese State Actors Are Scanning For and Exploiting
This week, the US’ National Security Agency (NSA) published a...
BLOG: The Importance Of Threat-Led Patch Prioritisation
In this blog we briefly discuss threat led patch prioritisation, to read...
BLOG: The UK’s Outrage Against The ‘Fatima’ Advert
In this blog post, we discuss the recent controversial government...
BLOG: Poor attack surface management means the threat from targeted ransomware persists
By Jamie MacColl In this blog post, we explain how...

test page 1

Thursday 17th September 2020

test page 1
dklfsjaklsdjfaklsdjflkdf jdffhadkfhadskfsaasf
How to ensure supply chains are cyber proof and secure? – Retail Tech Innovation Hub  press coverage
Covid-19 has caused unprecedented disruption to supply chains, particularly during...
Newcastle University ransomware infection – what happened and why?
By Katharine Palmer Following an incident affecting Northumbria University, Newcastle...
Healthcare cyber security feature comes to retail – Ret@il Technology press coverage
A leading cyber security feature on a health platform used...
BLOG: Ransom-where? The past, present and future of encrypt and leak ransomware operations
By Jamie MacColl In this blog, one of our analysts...
Virtualstock integrates integrates Orpheus Cyber Risk Rating score onto retail platform – Tamebay press coverage
By Chris Dawson August 20, 2020 – 2:24 pm Virtualstock is extending its partnership...
NEW TECHNOLOGY DEPLOYED TO COMBAT CYBER SECURITY THREAT IN RETAIL – press release
Virtualstock integrates award-winning cyber risk technology onto its retail platform...
BLOG: COVID’s Metamorphoses Part V: The regulatory and legislative challenge
By Orpheus Analysts In the fifth part of our series...
BLOG: COVID’s Metamorphoses part IV: insider threats, nation-state cybercrime and cyber security budgets during the “Great Lockdown” Recession
By Orpheus Analysts The fourth part of our series on...
BLOG: COVID’s Metamorphoses part III: Cybercrime during the “Great Lockdown” recession
By Orpheus Analysts The third part of our series on...
BLOG: Beyond the scam: geopolitical implications of the Twitter hack
The breach of Twitter on 15 July was an attempted...
THE LORCA REPORT 2020: MAKING OF AN ECOSYSTEM
Orpheus is featured as an innovator solving supply chain cyber...
BLOG: COVID’s Metamorphoses part II: A world disrupted: the consequences of the “retreat of globalisation” for nation-state cyber threats
By Jamie MacColl In the second part of our series...
BLOG: COVID’s Metamorphoses part I: nation-state activity in the era of vaccine nationalism
By Kit Palmer and Jamie MacColl Orpheus analysts examine one...
BLOG: COVID’S Metamorphoses: a pandemic’s long-term impact on the cyber threat landscape – an introduction to the series
By Jamie MacColl Over the past few months, COVID-19 has...
Which remote access vulnerabilities are targeted by ransomware groups and why? – SC Magazine press coverage
OPINION by Oliver Fairbank and Alex AshbyBEC ransomware tactics can be...
BLOG: Why are big-game hunting ransomware groups targeting remote access vulnerabilities?
The cybercriminal shift towards big-game hunting – going after bigger,...
Orpheus – AI & Machine Learning for predictive cyber risk management
Shining a light: Using AI to Transform Accountancy and Cyber...
WEBINAR: Join the next City and Financial webinar series – Orpheus is on the panel for webinar one 25th June 12pm.
Orpheus’ Head of Analysis Oliver Fairbank is sitting on the...
WEBINAR: Register for our next webinar on 23rd June 12pm.
Join our next webinar with our strategic partner Lorca Cyber...
BLOG – Second Order Effects of COVID-19 on the Attack Surface
  Following our previous research into the second-order effects of...
WEBINAR: Register for our next webinar on 28th April 10.30am.
Join us with one of our strategic partners, 2|SEC Consulting,...
WEBINAR: How Secure Are Your Supply Chains? Join us on 7th May 2020 10am
Click on image above to register for the webinar…
BLOG – COVID-19 response sees increase in potentially exploitable attack surface
Following our previous analysis of the likely cyber threat consequences...
BLOG – Beyond phishing – Coronavirus’ wider impact on the threat landscape
Over the past week, you may have seen multiple articles...
The increasing cyber-threat to the supply chain, and how to secure yours – SC Magazine press coverage
OPINION by Oliver FairbankSupply chain cyber-risk is increasing but by taking...

Orpheus 2020 Forecast

Tuesday 25th February 2020

Orpheus 2020 Forecast
ORPHEUS 2020 FORECASTS With the start of the new year...
Cyber security news round-up – Digital Health press coverage
NHS procurement platform Edge4Health has implemented an integrated cyber security...
Cybersecurity feature integrated to NHS procurement platform – Med-Tech press coverage
The Edge4Health is being rolled out to more than 60 NHS...
New cyber security feature for NHS procurement platform – BBH press coverage
The newly-launched NHS procurement platform, The Edge4Health, now comes with...
SBS adds cyber function to Edge4Health platform – Health Business press coverage
The Edge4Health procurement platform now comes with an integrated cyber...
NHS SBS adds cyber security function to The Edge4Health – UK Authority press coverage
The corporate services provider, which is a joint venture between...
NHS adds supplier security audits to procurement platform – Computer Weekly press coverage
NHS Shared Business Services (SBS) and its cloud platform partner Virtualstock have...
NEW Cyber Security Feature for NHS Procurement Platform, The Edge4Health
The newly-launched NHS procurement platform, “The Edge4Health” now comes with...
Why Diversity is Important in Analytical Teams
Diversity is an important part of every workplace. In a...
LORCA announces largest cohort of cybersecurity innovators
Government-backed innovation programme delivered by Plexal selects 20 companies to...
The Implications of Rising US-Iran Tensions for Businesses
The targeted  assassination of Iranian general Qasem  Soleimani on 3...
A Nasty Surprise in Supplies: Monitoring Your Supply Chain in the Wake of the Travelex Ransomware Incident
On 31st December, as the world prepared for the new...
Digital Health Magazine Cyber Security Round Up
Making it into our round-up of cyber security news this...
Current Cyber Security in NHS Suppliers
Cyber security is a key risk for NHS Trusts and...
Cyber Security in the Healthcare Supply Chain
“Cyber security is a key risk for NHS Trusts and...
Black Friday Highs and Woes: how cybercriminals exploit this season’s best deals
With over 165 million people shopping over Black Friday weekend...
BLOG SERIES: The Balkanisation of the Internet Part IV: From SORM to Sovereign: Russia’s digital surveillance and cybercrime
The fourth part of our “Balkanisation of the Internet” blog...
The Balkanisation of the Internet Blog Series Part III –  Brazil, India, and WhatsApp: A case study for tech decolonisation
In the third part of our Balkanisation series, we address the policies in India and Brazil that are contributing to the process
Hacktivists take Eastern Europe by storm
Two leaks of historic proportions occurred in Eastern Europe this...
The Balkanisation of the Internet Blog Series Part II – The inconsistent application of GDPR
Our analysts discuss the impact of GDPR on the balkanisation of the Internet
GDPR fines take off, highlighting the importance of a threat-led approach
Our analysts discuss the implications of the £183 million fine announced by the ICO on British Airways under new GDPR rules.
BLOG SERIES: The Balkanisation of the Internet I
In the first blog post of our 'Balkanisation of the Internet' series, our analysts introduce the key concept, and discuss the events leading up to the 'Splinternet'
Orpheus selects Alpha Generation as its UK Distribution Partner
Orpheus Cyber uniquely combines government-accredited Cyber Threat Intelligence and award-winning...
Trickle-Treat: How Threat Actors Benefit From the Trickle-Down of Capabilities
Our team analyses the 'trickle-down effect', in which TTPs filter from highly sophisticated actors to less sophisticated ones, and what it means for the threat landscape
Rude Awakening: Dream Market set to shut down
Our analysts discuss the shut down of Dream Market, and the future of similar dark web marketplaces
Hasta la Visa, baby: chatbots gone rogue
Our analysts discussed the innovative cyber threats associated with chatbots.
Orpheus present the CTIPS guide to cyber threat intelligence
Orpheus staff presented at the inaugural meeting of CREST Cyber Threat Intelligence Professionals.
Don’t ex-Spectre media coverage to Foreshadow the most potent vulnerabilities
Data from our collection sources and our repository of intelligence...
Orpheus data shows downward trend in zero-day use in nation-state operations
Data from our repository of intelligence reports (IntReps) has highlighted the extent to which advanced nation-state threat actors are reducing their reliance on zero-day exploits.
Our Tencent(s) on the battle royale to exploit interest in the Fortnite Android app
Cybercriminals have sought to take advantage of the long-awaited release...
Orpheus Cyber appoints Zoe Clark as Director of Channels
London-based threat intelligence and third party cyber risk ratings firm,...

Get our latest cyber intelligence insights straight into your inbox

Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.