September '23 Policyholder Newsletter

Ransomware is up 139.26% YoY, but you can still save on your deductible.

We have gourd news (don’t unsubscribe — we are only allowed one bad pun per email 🎃) and bad news. To start with the positive, it’s fall! Kids are back in school, pumpkin flavor is everywhere, and you can pay money to get scared in a corn maze. 

The bad news? MOVEit fallout continues (more than three months after the zero-day exploit). National Student Clearinghouse (NSC) has disclosed a data breach affecting 890 schools using its services across the United States. Don’t worry though, school is still back in session.

For the latest from Corvus, keep reading:

Risk Advisory Tips

Security tips and service updates from Global Head of Risk Advisory, Lauren Winchester

Savings and better security are here! Unlock additional security recommendations (made just for your org) and up to 25% off your deductible by completing two security questionnaires.*

Who? Cyber and Tech E&O policyholders with the Corvus Signal Endorsement on their policies. Don’t see the endorsement yet? Come renewal, you will (if you choose to stick with Corvus!). Excess policyholders unfortunately do not qualify.

Why? Organizations that engage with Corvus Signal, our industry-leading risk prevention solution, are 20% less likely to experience a cyber claim. We want to encourage more engagement with our Risk Dashboard, and reward those that do!

You are only four steps away from a reduced claim deductible AND tailored cyber advice:

  1. Log on to your Risk Dashboard
  2. You’ll find a banner on the top of the homepage that takes you directly to the questionnaires. 
    1. Pro-tip: If you aren’t eligible for the endorsement yet, get a headstart on the security questionnaires to save up to 25% on your deductible at renewal (and get our actionable security advice now!). 
  3. We’ll track your progress so you (or someone else on your team) can revisit and finish at any time.

Security Questionnaire for PHs

4. Once you’ve finished both questionnaires, you’ll find a mark of completion on the policy page of your Dashboard (if you are currently eligible for the endorsement). 

Learn more about the Corvus Signal Endorsement 

*The reduction may be subject to a cap depending on the program, please review the endorsement terms on your policy.

Threat Intel Corner

Noteworthy trends in cybersecurity from Chief Information Security Officer Jason Rebholz

Ransomware groups took less of a summer vacation than usual. While ransomware attacks were down 18.41% in August, it was the sixth month in a row with victim counts over 300 (a 139.26% increase YoY).  And just as CLOP’s mass exploit damage finally started to slow, ransomware groups like LockBit and AlphVM returned from vacation. Read our full report.

We expect that ransomware actors will be back in full force this fall. Our risk prevention solution, Corvus Signal, helps you cut through the noise so you can focus where it matters most:

Together, we can cut through the noise to prioritize the threats that matter. Our risk prevention solution, Corvus Signal, does that for you:

  • Policyholders who use our Risk Dashboard are 20% less likely to experience a cyber incident. When we learn more about the specifics of your environment (because you filled out the security questionnaires!), we’re able to provide the most accurate guidance to safeguard your organization. 
  • Threat alerts — only when it counts. There’s an onslaught of new vulnerabilities every day. But we have a team of threat intel experts that combine their experience (with our technology) to provide you a 15-day head start to patch before active exploitation. Read more about how we help beat patch paralysis here.

We’re not sharing any of this to toot our own horn (we promise — we are incredibly humble). We just want to reiterate how much we believe in our partnership. It’s exactly why engaged policyholders can receive 25% off their deductible.

Learn more about everything available to you through your policy

Threat Intel Corner

Noteworthy trends in cybersecurity from Chief Information Security Officer Jason Rebholz

The Corvus Scan is a powerful asset that enables us to identify which policyholders may be at greater risk for vulnerabilities. In response, we send tailored, time-sensitive notifications with direct guidance for remediation. We’ve gathered a monthly round-up of our alerts and threat intel updates below:

Exim Vulnerability Advisory

The Zero Day Initiative has published a critical vulnerability (CVE-2023-42115) for Exim mail transfer agent (MTA), software widely used for email capabilities on Unix systems. The flaw could let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers. Exim has released updates addressing this vulnerability which should be applied as soon as possible. See Exim’s documentation here for updating instructions.

WinSock FTP Vulnerability Advisory

Multiple critical security flaws have been reported in WS_FTP. This tool is often used by companies to transfer sensitive files securely. The flaws allow a remote, unauthenticated attacker to gain unauthorized access to the system. File transfer products have been heavily exploited by ransomware groups over the past several months, therefore, it is critical that impacted organizations take action immediately.