The threat landscape is dynamic and reactive — a new technique empowers a previously unknown threat group, vendors swarm to mitigate that threat and create new technologies in the process, operators on both sides seek out new techniques or tools, and so it goes. Elastic Security provides mechanisms to detect and mitigate malware on all major desktop operating systems (OS). For these purposes, malware is any software developed to facilitate adversary actions, disrupt legitimate activities, or otherwise cause harm to a computer or network.

Cisco has a unique vantage point when it comes to cybersecurity. We resolve an average of 715 billion daily DNS requests, we see more threats, more malware, and more attacks than any other security vendor in the world. This report looks at the top threats that exploited DNS for cyberattacks, as well as how DNSlayer security provides better accuracy and detection of malicious activity and compromised systems.

This is the sixth year in a row Tidelift has conducted a survey about open source and the third time it focused exclusively on the maintainers who create and maintain the open source projects we all depend on. The most cited stat from that previous survey was that 60% of maintainers described themselves as unpaid hobbyists. We asked the same question again this year to see if things had changed.

In this report we share runZero’s observations from our unique perspective as an applied security research team. Our goal is to provide insight into how the security landscape is changing, and recommendations on what you can do to get ahead of these changes.

In this special year-end edition of the WatchTower Digest, we discuss the threats we observed and investigated in 2023, and look ahead to the 2024 threat landscape. Our findings are based on SentinelOne’s Singularity telemetry across tens of millions of endpoints, operating across a diverse number of industries and global geographies.

In this report, we shed light on these vulnerabilities and how they impact commercial and federal organizations today. We provide insights from a survey of IT security and data science leaders navigating these challenges. We share predictions driven by data from HiddenLayer’s experiences securing AI in enterprise environments. Lastly, we reveal cutting-edge advancements in security controls for AI in all its forms.

In our report, we look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on our findings. While most of our recommendations remain consistent with prior years, there were some surprising takeaways, including a shift in the most impactful threats. The most widespread threat to WordPress security in 2023 was Cross-Site Scripting, as techniques for taking over websites by adding malicious administrators and backdoors have become mainstream.

Our findings in this year’s Skybox Vulnerability and Threat Trends Report, detailed below, make the urgency of the situation abundantly clear. Vulnerabilities have skyrocketed, eclipsing all previous records. Attacks are increasing in velocity and impact. Threat actors are targeting more sensitive assets and inflicting more damage. They are better organized—backed increasingly by large crime rings and nation-states—and are employing more sophisticated tools and tactics, such as a growing assortment of backdoor malware and advanced persistent threat (APT) attacks.

The 2023 Elastic Global Threat Report is a summary of more than a billion data points distilled down to a small number of distinct categories. We describe the tools, tactics, and procedures of threats from the perspective of endpoints and cloud infrastructure — the most common enterprise attack surfaces — so readers with varying priorities can determine the best course of action to take next.

The 2023 Comcast Business Cybersecurity Threat Report was developed to help technology and security leaders get a deeper understanding of trends in cybersecurity threats—and the steps they can take to help protect their organizations from an evolving set of threats. Our goal is to provide insights from billions of threat data points and context around common ways that cybersecurity attacks arise and unfold.

This report describes threat phenomena, trends, and recommendations we believe will help organizations prepare for the future. Elastic discloses malware research, attack patterns, and clusters of malicious activity to the community -summarized in this inaugural report. Throughout this report, we observe that financially motivated threats are the most active, and the groups responsible for them are acting with increasing speed.

The analysis in this report was conducted by the PwC Threat Intelligence practice, which is distributed across Australia, Italy, Germany, Netherlands, Sweden, United Kingdom, and the United States. It is based on our in-house intelligence datasets on cyberattacks and targeting from a wide variety of threat actors, intelligence gleaned from PwC’s incident response engagements around the world, and our managed threat hunting services, as well as publicly available information.

The final months of 2022 were bustling with interesting ESET research findings. Our researchers discovered a MirrorFace spearphishing campaign against high-profile Japanese political entities, and new ransomware named RansomBoggs that targets multiple organizations in Ukraine and has Sandworm’s fingerprints all over it. ESET researchers also discovered a campaign conducted by the infamous Lazarus group that targets its victims with spear-phishing emails containing documents with fake job offers; one of the lures was sent to an aerospace company employee.

The IBM Security X-Force Threat Intelligence Index 2023 tracks new and existing trends and attack patterns and includes billions of datapoints ranging from network and endpoint devices, incident response (IR) engagements, vulnerability and exploit databases and more. This report is a comprehensive collection of our research data from January to December 2022.

This report was complied using Open Source Intelligence (OSINT), the practice of collecting information from published or otherwise publicly available sources, and Sysdig TRT’s global data collection network. Data on cryptominers and DDoS agents was detected through Sysdig’s advanced honeynets. The honeynet is designed to capture attacks and analyze the tools used by threat actors.

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan. In the course of our research, we were able to identify over a dozen of attacked organizations. An analysis of information obtained during our investigation indicates that cyberespionage was the goal of this series of attacks.

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. This report also reveals that five of the top ten ATT&CK techniques observed are categorized under the TA005 Defense Evasion tactic.

The findings of this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events each day observed in live production environments around the world.

M-Trends provides an inside look at the evolving cyber threat landscape directly from global incident response investigations and threat intelligence analysis of high-impact attacks and remediations around the globe.

This report incorporates not only the malware zoo, but new analysis for what is being detected in the wild. Also added: statistics detailing the top MITRE ATT&CK techniques observed in Q4 2020 from Criminal/APT groups.

This inaugural report covers seven years of data from the DBIR as well as additional Verizon information, providing an overview of the cyber-espionage landscape. Attackers, motivations, methods, and victims are all focus areas.