Trend Micro looks into the email security threat landscape, looking into threat types, number of threats, etc.

This report focuses on the changes in security threats and the effect that COVID-19 has on the overall landscape.

This report outlines happenings in malware attacks for the last 3 months of 2019. In general, it says malware attacks died down this quarter.

A long form narrative on several threat trends seen in recent months.

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019.

From the report, “The challenges facing security teams are, perhaps unfortunately, common knowledge by now. A constant rise in alert volume, a stark security skills gap, piecemeal processes, and siloed tools have made security operations a tough place to be. In 2018, Demisto commissioned a large study to delve deeper into these issues, their manifestations, and possible solutions. The 2019 report broadens the perspective from Security Orchestration, Automation, and Response (SOAR) to the security incident response lifecycle. Demisto commissioned a study with 552 respondents to find out specific challenges at each stage of the incident response lifecycle, how current product capabilities help overcome these challenges, and what capabilities are missing within security products today.”

The Bromium Threat Insights Report is updated on a regular basis to track notable threats and the information gleaned from them.

From the report, “BEC is a specific type of phishing email that operates without links and without attachments (two of the standard markers that perimeter defenses look for). However, instead of taking over a computer or stealing data, BEC hackers impersonate an executive (a known CEO, CFO or other CxO), and persuade the recipient (an employee) to perform some action – like wiring money or attaching information to an email. " Read on to learn more.

This report is about evolution, how phishing emails and malware are in a state of constant flux. But one thing hasn’t changed: phishing is still the #1 cyber-attack vector. The vast majority of breaches begin with malicious emails or other social engineering and most malware is delivered by email.

Risk IQ offers a glimpse into the multiple attacks on IT infrastructure organizations like Wipro and several others. This report is an analysis of those campaigns, their operators, and their targets.

Bromium Insights Report is designed to help our customers become more aware of emerging threats and trends and to equip security teams with knowledge and tools to combat today’s attacks and anticipate evolving threats to manage their security posture.

This report from Bromium offers insights into notable threats and events from 2019.

As with driving, not only do you get a good look at what’s behind you, but you can often spot what’s coming up quick, set to overtake you. That’s the spirit of this threat report. We’ve picked out five key stories from the last year or so, not just because they were big events, but because we think these threats, or similar ones, could very well appear in the near future.

An In Depth Look at the most prevalent ATT&CK techniques according to Red Canary’s historical detection dataset.

This report offers insight into the impact of AI from both the attackers, and the cybersecurity warriors.

This brief but important report offers information into the events and data from the holiday shopping season of 2018.

From the report, “Each marketplace has to approve each game being sold, which gives your company credibility. Consumers also have the ability to rate the games with reviews in order to warn others about a game or a developer. Adding the consumer reviews is a layer of credibility for your game, as long as the reviews are positive. Being able to sell games directly online is great for merchants, but also opens them up to the possibility of fraud and chargebacks.” Read on to find out more.

Using an important analogy from Star Wars, this report provides insight into threat intelligence. May the Force Be With You.

This report offers research on analysis and lifecycle of an attack on critical infrastructure. It discusses command and control, internal reconnaissance, lateral movement, and targeting the ICS and SCADA infrastructure.

To stop phishing attacks, it helps to see them coming. So we asked an array of CofenseTM experts for 2019 predictions. What trends in phishing and malware threats should you anticipate? To be better prepared to defend your organization, read on.

From the report, “For security teams, the sheer depth and breadth of what they need to defend may seem daunting, but thinking about the Internet from an attacker’s perspective —a collection of digital assets that are discoverable by hackers as they research their next campaigns— can put the massive scope of their organization’s attack surface into perspective. In this report, we’ll highlight five areas that we feel help to better frame the challenges faced in keeping the Internet a safe environment, all of which underline a need to broaden awareness of the potential risks involved to foster a more informed approach to cyber defense.”