In their inaugural report, the Station 9 research team explores the complexities of open source dependencies and the top security considerations for open source adoption at the enterprise. (more available)

This SOTI report looks at current state of online gaming. it also examines the most pervasive threats coming from online criminals. (more available)

For The 2019 Duo Trusted Access Report, our data shows that Duo customers across all industries are starting to implement zero-trust security principles to secure their workforce. (more available)

Our latest Trellix Threat Lab Research Report includes our findings from Q4 2021, our identification of a multi-stage espionage attack on high-ranking government officials, and our recent analysis of cyberattacks targeting Ukraine and the newly identified HermeticWiper during Q1. (more available)

This report is a technical overview of the IsaacWiper malware reported by ESET. The malware was primarily delivered to Ukrainian organizations coincident with the Russian invasion of Ukraine. (more available)

Using Proofpoint deployments across the globe over 2020, this report reviews the email messages, URLs, and attachments being communicated and what these mean for email and cyber security. (more available)

This report analyzes phishing attacks and other identity theft techniques used in Q4 2020.

This report examines which employees, departments, and industries are the most vulnerable in 2019. It analyzes which ones receive the most targeted threats, and how their privilege might be abused. (more available)

This biannual report from Agari goes in-depth on changes and trends in email and identity fraud for the second half of 2020. (more available)

The second Abnormal Security Quarterly BEC Report examines the business email compromise (BEC) threat landscape during what may be the most tumultuous quarter in modern business history: the first full quarter of the COVID-19 pandemic. (more available)

A review of doxxing related ransomware cases handled by Kivu Consulting in a post-breach role. Explores firmographics of the organizations involved in various variants of ransomware families. (more available)

The Threat Intelligence Executive Report by Secureworks is a report designed to analyze security threats and help organizations protect their systems. (more available)

A combination of data from RiskIQ’s internet telemetry network and thought analysis, this report covers changes related to the COVID-19 pandemic, organization’s public attack surface, mobile threats, and the importance of JavaScript as an attack vector. (more available)

Trend Micro looks into the email security threat landscape, looking into threat types, number of threats, etc.

This report focuses on the changes in security threats and the effect that COVID-19 has on the overall landscape.

This report outlines happenings in malware attacks for the last 3 months of 2019. In general, it says malware attacks died down this quarter. (more available)

A long form narrative on several threat trends seen in recent months.

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019. (more available)

From the report, “The challenges facing security teams are, perhaps unfortunately, common knowledge by now. A constant rise in alert volume, a stark security skills gap, piecemeal processes, and siloed tools have made security operations a tough place to be. (more available)

The Bromium Threat Insights Report is updated on a regular basis to track notable threats and the information gleaned from them. (more available)

From the report, “BEC is a specific type of phishing email that operates without links and without attachments (two of the standard markers that perimeter defenses look for). (more available)