Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
GuidePoint Security

GuidePoint Security Vendor Cyber Rating & Cyber Score

guidepointsecurity.com

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make informed decisions and minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled 40% of Fortune 500 companies and more than half of U.S. government cabinet-level agencies to improve their security posture.


GuidePoint Security A.I CyberSecurity Scoring

GuidePoint Security
Company Information
Website:https://www.guidepointsecurity.com
Employees number:1,321
Number of followers:60,399
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:guidepointsecurity.com
GuidePoint Security Risk Score (AI oriented)
Between 750 and 799
logo
GuidePoint SecurityIT Services and IT Consulting
Updated:
02/07/2026
758/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
GuidePoint Security Global Score (TPRM)
xxxx
logo
GuidePoint SecurityIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

GuidePoint Security
GuidePoint SecurityFair
Current Score
758Baa (FAIR)
01000
1 incidents
-2 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
758Before Incident
JUNE 2026
759Before Incident
Vulnerability
01 Jun 2026GuidePoint Security
Citrix, Kontron, The Gentlemen RaaS Victims and Anubis Ransomware Victims: Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Anubis Ransomware Exploits Citrix Bleed 2 in Targeted Attacks Across Critical Sectors

757After Incident
CRITICAL-2
CITGUIKONARC1783031139
Anubis Ransomware Exploits Citrix Bleed 2 in Targeted Attacks Across Critical Sectors Threat actors linked to the Anubis ransomware-as-a-service (RaaS) operation are actively exploiting CVE-2025-5777 (Citrix Bleed 2), a critical vulnerability in Citrix NetScaler ADC and Gateway, to gain initial access to victim networks. According to a report by Arctic Wolf, attackers leverage legitimate Remote Management and Monitoring (RMM) tools including ScreenConnect, Zoho Assist, MeshAgent, Remotely, UltraVNC, and Total Software Deployment to blend in with normal IT activity while maintaining persistent control. Anubis, a rebrand of the Sphinx ransomware, emerged in late 2024 and was formally announced on the RAMP underground forum in February 2025. Since then, the group has claimed 91 victims on its data leak site, with 11 reported in June 2026 alone. Targeted sectors include healthcare, business services, manufacturing, technology, and financial services, with over 50% of victims based in the U.S., followed by the U.K., Australia, France, and Canada. The group employs aggressive tactics, including an irreversible data-wiping feature that reduces files to 0 KB regardless of ransom payment, increasing pressure on victims. Affiliates receive 80% of ransom payments, a lucrative incentive that has fueled the operation’s growth. Beyond Citrix Bleed 2, Anubis actors have also used stolen VPN credentials potentially sourced from initial access brokers, credential stuffing, or info-stealer malware to breach networks via Cisco AnyConnect VPNs, particularly through hosting providers like AS20473 (The Constant Company) and AS55286 (ServerMania). Once inside, attackers move laterally using RDP and PsExec, deploy RMM tools for persistence, and exfiltrate data via Cloudflare Tunnels, S3 Browser, rclone, s5cmd, WinSCP, and PuTTY. They also disable security defenses, including Windows Defender and Sophos, and manipulate logs to hinder forensic analysis. In some cases, the ransomware encryptor is deleted post-execution, further complicating detection. ### The Gentlemen RaaS and Zero-Day Exploits Separately, Kaspersky detailed The Gentlemen RaaS, which exploits known vulnerabilities and weak credentials to deploy a Go-based backdoor for remote command execution. The malware collects system data, exfiltrates it to 81.177.215[.]15:9443, and can establish a SOCKS proxy for network pivoting. The group has also weaponized a zero-day vulnerability in ktapi.sys, a Kontron driver, to bypass Windows security protections and terminate processes from Microsoft, ESET, Palo Alto Networks, and SentinelOne. ### VECT and TeamPCP’s Supply Chain-Ransomware Hybrid A Sophos investigation revealed a partnership between VECT and TeamPCP, announced in March 2026, combining supply chain credential theft with ransomware deployment. TeamPCP, previously operating as CipherForce, rebranded after listing six victims in February 2026. However, VECT’s encryptor contains critical flaws, destroying files larger than 128 KB instead of encrypting them a defect TeamPCP claims it never used in attacks. The alliance represents a shift toward industrialized ransomware deployment, lowering the barrier for cybercriminals by merging large-scale supply chain attacks with mature RaaS operations. Despite technical shortcomings, the model poses a growing threat to enterprises.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gainData exfiltrationExtortion
IMPACT
Citrix NetScaler ADC and GatewayVPN systems (Cisco AnyConnect)Windows systemsOperational Impact: Disruption of services, lateral movement within networks, disabling of security defenses
DATA BREACH
Personally identifiable informationPayment informationSensitive corporate dataSensitivity Of Data: High
MAY 2026
759Before Incident
APRIL 2026
759Before Incident
MARCH 2026
759Before Incident
FEBRUARY 2026
759Before Incident
JANUARY 2026
759Before Incident
DECEMBER 2025
759Before Incident
NOVEMBER 2025
759Before Incident
OCTOBER 2025
759Before Incident
SEPTEMBER 2025
759Before Incident
AUGUST 2025
759Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for GuidePoint Security ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in June 2026 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in May 2026 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in April 2026 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in March 2026 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in February 2026 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in January 2026 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in December 2025 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in November 2025 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in October 2025 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in September 2025 ?
?
What was GuidePoint Security's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on GuidePoint Security's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with GuidePoint Security ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view GuidePoint Security's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?