This report was complied using Open Source Intelligence (OSINT), the practice of collecting information from published or otherwise publicly available sources, and Sysdig TRT’s global data collection network. (more available)

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan. (more available)

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. (more available)

The findings of this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events each day observed in live production environments around the world. (more available)

M-Trends provides an inside look at the evolving cyber threat landscape directly from global incident response investigations and threat intelligence analysis of high-impact attacks and remediations around the globe. (more available)

This report incorporates not only the malware zoo, but new analysis for what is being detected in the wild. Also added: statistics detailing the top MITRE ATT&CK techniques observed in Q4 2020 from Criminal/APT groups. (more available)

This inaugural report covers seven years of data from the DBIR as well as additional Verizon information, providing an overview of the cyber-espionage landscape. (more available)

This report reflects on the key threats that emerged or expanded in the 4th quarter of 2020.

This report looks at the malware used by a group called Sunburst. It gives a detailed timeline of attacks, and the code used in them. (more available)

This report provides a look into FIN11, a financially motivated threat group that has conducted some of the largest and longest running malware distribution campaigns to date. (more available)

This report from Kaspersky explains changes in the threat landscape for industrial automation systems for the first half of 2020. It goes in detail on the variety of malware, the main threat sources, regional differences, and more. (more available)

Now in its sixth year, Sonatype’s State of the Software Supply Chain Report continues to examine measurable practices of secure open source software development and delivery. (more available)

This report sought to understand the health and security of Free and Open Source Software (FOSS) as it is today. It identifies the most commonly used free and open source software components in production applications, and examines them for potential vulnerabilities. (more available)

The annual report on trends in malware and hacked website from the incident response and malware research teams at GoDaddy Security /Sucuri. (more available)

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

A survey-based report from March 2020 on the impacts of staff shortages in the cybersecurity industry. A special focus on remote work and COVID-19 impacts. (more available)

In the following report, Naikon describes the tactics, techniques, procedures and infrastructure that have been used by the Naikon APT group over the 5 years since the last report, and offer some insight into how they were able to remain under the radar. (more available)

The recent Chinese New Year ushered in the Year of the Rat, but from the perspective of the many corporations, government agencies and other organizations around the world who continue to be the targets of Advanced Persistent Threat (APT) groups acting in the interest of the Chinese government, recent years could aptly be described as the Decade of the RATs - Remote Access Trojans, that is. (more available)

FireEye Threat Intelligence assesses with high confidence that APT41 is a prolific cyber threat group that carries out Chinese state-sponsored espionage activity in addition to financially motivated activity potentially outside of state control. (more available)

With this common understanding in mind, we have taken a comprehensive look at previously disclosed activity that can now be attributed to the GRU. (more available)

Our 2019 Threat Research Report is a deep dive into our logs, experiences, and collected analysis. It summarizes and identifies the latest tactics, techniques, and procedures seen by the Malware Research team, Vulnerability Research team, Threat Intel Research team and Remediation Groups at Sucuri/GoDaddy. (more available)