In this report we begin by examining the prevalence of those vulnerabilities across assets to determine which ones are most common. Then we measure how quickly those vulnerabilities are remediated and what factors speed up or slow down that process. We’ll begin our foray into the wilds of the vulnerability landscape by examining the product vendors that shape it. This is important because these technologies are commonly used, thus vulnerabilities affecting them can have a widespread impact on cyber risk posture.

This report focuses on the security of deployed AI models in cloud services and environments. Our research indicates that more than half of organizations have adopted AI models for custom applications. More than half of organizations are deploying their own AI models. Default AI settings are often accepted without regard for security.

Security threats are real, they continue to grow, and they are likely to penetrate an organization through email. Organizations simply cannot settle for ‘Good Enough’ email security and sole reliance on a SEG is not enough. As we all know, it only takes one breach to damage a company’s financial status, brand reputation, and/or relationship with its employees and customers. Each day, our analysts see thousands of threats that are bypassing all SEGs on the market.

In the second quarter of 2023 GreyNoise researchers observed a substantial change in the behavior of some regular internet scanning idioms. Inventory scans—where both benign and malicious actors perform regular checks for a given technology or specific vulnerability being present—significantly reduced in frequency and scale. These targeted attacks threaten to circumvent existing defense capabilities and expose organizations to a new wave of disruptive breaches. Defenders must evolve in response.

In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100% . In other words, your email security solutions aren’t stopping the threats you think they are. Security threats are real, they continue to grow, and they are likely to penetrate an organization through email . Organizations simply cannot settle for ‘Good Enough’ email security and sole reliance on a SEG is not enough . As we all know, it only takes one breach to damage a company’s financial status, brand reputation, and/or relationship with its employees and customers.

Attackers persistently adapted their email-based techniques throughout 2022, cycling through new and old tactics in the hopes of evading human and cyber security measures.

The report is based on threat intelligence observations from the Threat Analysis Group (TAG), Google Cloud Threat Intelligence for Chronicle, Trust and Safety, and other internal teams. It provides actionable intelligence that enables organizations to ensure their cloud environments are best protected against ever evolving threats. In this and future threat intelligence reports, Google will provide threat horizon scanning, trend tracking, and Early Warning announcements about emerging threats requiring immediate action.

The goal of this report is to share our knowledge about the most commonly used attack techniques and their use cases, so that security teams can adopt a more threat- centric approach and prioritize threat prevention, detection, and response efforts.

Intel 471 reported 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022, a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The daily average of reported LockBit breaches was two - the same trend we observed from the ransomware group in the third and fourth quarters of 2021 and the first and second quarters of 2022.

In their inaugural report, the Station 9 research team explores the complexities of open source dependencies and the top security considerations for open source adoption at the enterprise.

This SOTI report looks at current state of online gaming. it also examines the most pervasive threats coming from online criminals. Ans to fully explore the topic of attacks on gaming, we dig deeper into the data around web application and API attacks, Distributed Denial of Service (DDoS) trends, the overarching goals of attackers, and more. This report also explored the threat landscape that has grown out of the pandemic in the gaming industry and the impact of cyberattacks on gaming companies.

Our latest Trellix Threat Lab Research Report includes our findings from Q4 2021, our identification of a multi-stage espionage attack on high-ranking government officials, and our recent analysis of cyberattacks targeting Ukraine and the newly identified HermeticWiper during Q1.

This report is a technical overview of the IsaacWiper malware reported by ESET. The malware was primarily delivered to Ukrainian organizations coincident with the Russian invasion of Ukraine.

Using Proofpoint deployments across the globe over 2020, this report reviews the email messages, URLs, and attachments being communicated and what these mean for email and cyber security. An additional 300 customers provided information on privilege abuse concerns for a section of this report.

This report analyzes phishing attacks and other identity theft techniques used in Q4 2020.

This report examines which employees, departments, and industries are the most vulnerable in 2019. It analyzes which ones receive the most targeted threats, and how their privilege might be abused.

This biannual report from Agari goes in-depth on changes and trends in email and identity fraud for the second half of 2020.

The second Abnormal Security Quarterly BEC Report examines the business email compromise (BEC) threat landscape during what may be the most tumultuous quarter in modern business history: the first full quarter of the COVID-19 pandemic.

A review of doxxing related ransomware cases handled by Kivu Consulting in a post-breach role. Explores firmographics of the organizations involved in various variants of ransomware families.

The Threat Intelligence Executive Report by Secureworks is a report designed to analyze security threats and help organizations protect their systems. In this report, they look into Iranian espionage operations in 2020, Customized Magecart attacks, and China based threat groups targeting NGOs and Asian government networks.

A combination of data from RiskIQ’s internet telemetry network and thought analysis, this report covers changes related to the COVID-19 pandemic, organization’s public attack surface, mobile threats, and the importance of JavaScript as an attack vector.