This report analyzes phishing attacks and other identity theft techniques used in Q4 2020.

This report examines which employees, departments, and industries are the most vulnerable in 2019. It analyzes which ones receive the most targeted threats, and how their privilege might be abused. (more available)

This biannual report from Agari goes in-depth on changes and trends in email and identity fraud for the second half of 2020. (more available)

The second Abnormal Security Quarterly BEC Report examines the business email compromise (BEC) threat landscape during what may be the most tumultuous quarter in modern business history: the first full quarter of the COVID-19 pandemic. (more available)

A review of doxxing related ransomware cases handled by Kivu Consulting in a post-breach role. Explores firmographics of the organizations involved in various variants of ransomware families. (more available)

The Threat Intelligence Executive Report by Secureworks is a report designed to analyze security threats and help organizations protect their systems. (more available)

A combination of data from RiskIQ’s internet telemetry network and thought analysis, this report covers changes related to the COVID-19 pandemic, organization’s public attack surface, mobile threats, and the importance of JavaScript as an attack vector. (more available)

Trend Micro looks into the email security threat landscape, looking into threat types, number of threats, etc.

This report focuses on the changes in security threats and the effect that COVID-19 has on the overall landscape.

This report outlines happenings in malware attacks for the last 3 months of 2019. In general, it says malware attacks died down this quarter. (more available)

A long form narrative on several threat trends seen in recent months.

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019. (more available)

From the report, “The challenges facing security teams are, perhaps unfortunately, common knowledge by now. A constant rise in alert volume, a stark security skills gap, piecemeal processes, and siloed tools have made security operations a tough place to be. (more available)

The Bromium Threat Insights Report is updated on a regular basis to track notable threats and the information gleaned from them. (more available)

From the report, “BEC is a specific type of phishing email that operates without links and without attachments (two of the standard markers that perimeter defenses look for). (more available)

This report is about evolution, how phishing emails and malware are in a state of constant flux. But one thing hasn’t changed: phishing is still the #1 cyber-attack vector. (more available)

Risk IQ offers a glimpse into the multiple attacks on IT infrastructure organizations like Wipro and several others. This report is an analysis of those campaigns, their operators, and their targets. (more available)

Bromium Insights Report is designed to help our customers become more aware of emerging threats and trends and to equip security teams with knowledge and tools to combat today’s attacks and anticipate evolving threats to manage their security posture. (more available)

This report from Bromium offers insights into notable threats and events from 2019.

As with driving, not only do you get a good look at what’s behind you, but you can often spot what’s coming up quick, set to overtake you. (more available)

An In Depth Look at the most prevalent ATT&CK techniques according to Red Canary’s historical detection dataset.