Cryptocurrency usage is growing faster than ever before. Across all cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from 2020’s totals. Given that roaring adoption, it’s no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase in illicit transaction volume was just 79% — nearly an order of magnitude lower than overall adoption — might be the biggest surprise of all.

The events of this year have made clear that although blockchains are inherently transparent, the industry has room for improvement in this respect. There are opportunities to connect off-chain data on liabilities with on-chain data to provide better visibility, and transparency of DeFi, where all transactions are on-chain, is a standard that all crypto services should strive to achieve. As more and more value is transferred to the blockchain, all potential risks will become transparent, and we will have more complete visibility.

2023 was a year of recovery for cryptocurrency, as the industry rebounded from the scandals, blowups, and price declines of 2022. With crypto assets rebounding and market activity growing over the course of 2023, many believe that crypto winter is ending, and a new growth phase may soon be upon us. As always, we have to caveat by saying that these figures are lower bound estimates based on inflows to the illicit addresses we’ve identified today.

In this report, we explore the big names in ransomware, the most frequently targeted sectors, trends in data exfiltration, and which malware and tools are leveraged by ransomware operators. This data creates insights into how organizations can better protect their environments from cyberattacks. The 2023 threat landscape was characterized by a combination of mainstay threat actors and new or reemerging groups. While top variants continue evolving to maintain dominance, the widespread impact of newer groups demonstrates the constant evolution of today’s threats and the need for adaptable defenses and increased cyber resilience.

Dragos started the Year in Review to highlight significant trends in the OT cybersecurity community. This year’s report aims to go further by offering practitioners and leaders the most up-to-date data, along with perspectives from the field, to help them better defend critical infrastructure around the world. These perspectives are focused on providing actionable insights that have been tried and tested to help organizations effectively defend against and respond to industrial cyber threats.

The biggest shift the IBM X-Force team observed in 2023 was a pronounced surge in cyberthreats targeting identities. Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns. Lack of identity protections was corroborated by IBM X-Force penetration testing data for 2023, which ranked identification and authentication failures as the second most common finding.

With this report, we want to promote open sharing on cyber threats and incidents and give the industry a public and relevant cyber threat picture anchored on a solid, well-documented basis. The report and knowledge base are the product of a collaborative community effort with our members and the Nordic TIBER Cyber Teams (TCTs) at the centre, with contributions from Nordic government entities.

This report focuses primarily on hundreds of digital forensics and incident response (DFIR) engagements conducted by the Arctic Wolf Incident Response team. The vast majority of these engagements were initiated as part of cyber insurance policies, through our partnerships with insurance providers and privacy law practitioners.

Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by only a few groups and those widely exploited by several. Each category necessitates different defense strategies. Groups targeting specific vulnerabilities tend to follow particular patterns, enabling companies to prioritize defenses and audits. To defend against unique exploitation, understanding the likely targets and vulnerability types is crucial. Looking ahead to 2024, advancements in generative AI may lower the technical barrier for cybercriminals, facilitating the exploitation of more zero-day vulnerabilities.

The 10th annual Imperva Bad Bot Report is a threat research report that analyzes and investigates the automated attacks occurring daily, sneaking past traditional detection methods and wreaking havoc on the internet. It is based on data collected from the company’s global network throughout 2022, which includes 6 trillion blocked bad bot requests, anonymized across thousands of domains. . In addition, this report offers meaningful information and guidance about the nature and impact of bots to help organizations better understand the potential risks of bot traffic when not properly managed.

2024 is poised to be a hotbed for new challenges in cybersecurity. As both economic and political terrains continue to undergo digitization, enterprises will increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims. In this report, we detail the focal points of next year’s threat landscape, along with insights and recommended mitigation measures from our team of cybersecurity experts that are designed to guide decision-makers toward well-informed choices.

While third-party risk management is a well-established practice, it’s also continuously evolving. Organizations of all sizes and industries must continually adapt and change to effectively identify, assess, manage, and monitor third-party risks. By analyzing the third-party risk management landscape and practices captured in our survey, organizations can see where they stand compared to their peers and consider that information as they prepare and implement changes this year and beyond.

The Sysdig 2024 Cloud‑Native Security and Usage Report comes at an exciting time after a year of cybersecurity making headlines worldwide. This is indicative of how broad the security landscape has grown in a short amount of time, thanks to the cloud. This report looks at real‑world data to draw conclusions about the state of cloud security. From our perspective, we see that organizations continue to struggle with the shift‑left concept. Although runtime threat prioritization has greatly reduced vulnerabilities, there remains an urgency for powerful and speedy cloud threat detection and response (TDR).

The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions. And cyber incidents in healthcare are on the rise.

The world of cybercrime never stands still. In the new Cyber Threat Report – Edition 2021/22 – the IT experts from Hornet security once again take a close look at the gateway of email communication and analyze the latest cybercriminal scams. In doing so, they examine what threats have emerged in 2021, what has become of Emotet, and what companies need to be prepared for when opening their inboxes in the future.

The 5th edition of Wipro’s State of Cybersecurity Report (SOCR) offers a perspective and framework to help enterprises achieve cyber resilience. You will find a wealth of data and actionable insights covering attacks, breaches and law, along with the state of business cyber capabilities across geographies and industry sectors, plus future trends.

The level of uncertainty in today’s global marketplace and the velocity of change continue to produce a multitude of potential risks that can disrupt an organization’s business model and strategy on very short notice. This report contains results from our 11th annual worldwide risk survey of directors and executives to obtain their views on the extent to which a broad collection of risks is likely to affect their organizations over the next year - 2023. We analyze variances across different sizes and types of organizations, industry and respondent position, in addition to variations among organizations based in different geographic regions.

As organizations ramp up adoption of AI, edge and multi-cloud infrastructure, they will need broader and deeper visibility into expanding environments. This panoramic view is only possible when all relevant teams and stakeholders are aligned. That’s why organizations should ingrain security into all processes, functions and phases of development. In 2024, collaboration will be essential as resilience becomes non-negotiable. With communication, trust and a commitment to shared strengths, organizations can remain resilient through adversity next year and beyond.

When you overlap Resilience’s claims data with data from ransomware incident response partner Coveware, blockchain analytics firm Chainanalysis, security partner Zscaler, and security firm Sophos, it reveals five key findings that impact both network defenders and the cyber insurance industry at large.

The report explores a notable shift towards instability within the threat landscape and an increase in unnamed ransomware variants, potentially due to affiliates shifting between names to find the highest profits while reducing exposure to law enforcement. It also explores trends in ransom demands and payments across various industries. Finally, we discuss what may be coming in Q4 as the ransomware ecosystem continues to shift.

As the findings in this report show, these attacks are also having a greater impact, adding to pressure on security leaders to choose the right solutions and keep the entire environment safe, without sacrificing overall performance or innovation. The 1,200 respondents agreed overwhelmingly on the effectiveness of segmentation in keeping assets protected, but their overall progress in deploying it around critical business applications and assets was lower than expected.