For this report, Securonix partnered with the Cyentia Institute to analyze a dataset of more than 54 billion events fed into more than 154k policies generating an average of more than 750k violations per hour. The goal? To quantify our assumptions and findings in a way that can help organizations calibrate what’s going on in their own environments.

This report will focus on dark markets and cross-chain bridges. We continue looking at the trends, current events, hacks, thefts, exploits, and global regulatory developments. Our goal, as always, is to keep you informed and to highlight emerging and ongoing trends to give you the best possible information to keep your business running smoothly.

The Evolution of DDoS: Return of the Hacktivists is a joint report by FS-ISAC and Akamai to educate our community on the new and evolving threat of DDoS, the business risks it poses, and best practices on mitigation for the sector to better combat these attacks.

This report represents Deep Instinct’s current view of the threat landscape and trends seen between the period January – June 2021 and provides concrete data to verify the credibility of these developments. The information was sourced from our repositories which are routinely analyzed as we continuously protect our customers from unending and varied attacks.

This report represents Deep Instinct’s current view of the threat landscape. The report discusses trends seen during 2020 and provides concrete data to verify the credibility of these developments. The information was sourced from our data repositories which are routinely analyzed as part of protecting our customers from ceaseless attacks.

This report represents Deep Instinct’s current view of the threat landscape, showcasing trends seen throughout the course of the past year and providing concrete, actionable data to verify the credibility of these developments. The information was sourced from our data repositories, which are routinely analysed as part of protecting our customers from ceaseless attacks.

The mission of this report is to provide actionable intelligence on targeted attacks, cybercrime-motivated threat actors, and campaigns targeting organizations like yours so that you can make well-informed decisions and take prompt effective actions.

In T2 2022, we saw the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, which likely continued to lose their steam due to the Russia-Ukraine war, along with the post- COVOD return to offices and overall improved security of corporate environments. Even with declining numbers, Russia IP addresses continued to be responsible for the large portion of RDP attacks.

The final months of 2022 were bustling with interesting ESET research findings. Our researchers discovered a MirrorFace spearphishing campaign against high-profile Japanese political entities, and new ransomware named RansomBoggs that targets multiple organizations in Ukraine and has Sandworm’s fingerprints all over it. ESET researchers also discovered a campaign conducted by the infamous Lazarus group that targets its victims with spear-phishing emails containing documents with fake job offers; one of the lures was sent to an aerospace company employee.

Our research and collection methods largely are driven by our GIRs, however, we continue to acknowledge that new trends in our reporting, recurring requests for information (FRIs) and other significant activity from or against underground threat actors and/or services are equally important to our research into trending topics.

RiskRecon studied 1,000 publicly reported destructive ransomware events that occurred between January 2016 and November 2022. These publicly reported events were identifies through internet keyword searches, monitoring of event disclosure sites, dark web sites, and 8K SEC filings. Events in which the impact was limited to data theft were excluded.

The global energy sector is facing a time of uncertainly due to a confluence of geopolitical, economic, and environmental factors. In tandem, the cyber threat landscape is growing increasingly complex, further complicating the picture for global energy suppliers. While governments and regulatory bodies urge the critical infrastructure sector to double down on cyber defense.

This report was complied using Open Source Intelligence (OSINT), the practice of collecting information from published or otherwise publicly available sources, and Sysdig TRT’s global data collection network. Data on cryptominers and DDoS agents was detected through Sysdig’s advanced honeynets. The honeynet is designed to capture attacks and analyze the tools used by threat actors.

Q3 saw a notable trend in which attackers launched DDoS attacks at single targets within a CSP, attributing an attack size increase of 544% QoQ and 232% YoY. Over 55% of attackers focused on hitting specific service with high volumes of traffic simultaneously. Due to the dramatic increase in attack size, this shift to employing high-penetration volumetric attacks can potentially lead to additional impact to CSP networks, regionally.

In the first half of 2021, we found that 99.09% of attacks were smaller than 10Gbps and 95.62% of attacks were smaller than 1Gbps, of which we believe a majority were launched using readily available and inexpensive DDoS-for-hire services.

In this report, we’re going to discuss how bit-and-piece attacks have continued to evolve, and are able to successfully evade DDoS mitigation schemes when blended with multiple attack vectors, and the challenges that these advanced attack tactics present to the cybersecurity world.

The 2022 A10 Networks DDoS Threat Report provides insights into DDoS activity during the past six months including origins of activity; the growth of DDoS weapons and botnets; the role of malware in the propagation of DDoS weapons and attacks; and the steps organizations can take to protect against such activities.

In Q4 2019 an unprecedented concentration of DDoS attacks on US networks was observed, with more than 1,000 victims identified in various states. Whether motivated by politics, profiteering, crime or other malicious purposes, attacks were frequent and impactful.

In this report, the analysis conducted by our research team identifies vulnerabilities and measures attack trends worldwide to provide a comprehensive view of DDoS threats. Nexusguard is able to evaluate DDoS events in a manner that is not biased by any single set of customer or industries. Many zero-day threats are first seen on our global research network.

This report is based on data collected from the Imperva global network throughout 2021. The data is composed of hundreds of billions of blocked data bot requests, anonymized over thousands of domains. The goal os this report is to provide meaningful information and guidance about the nature and impact of these automates threats.

Censys maintains the most comprehensive view of assets on the Internet by continuously scanning the public IPv4 address space across the 3,500 most popular ports. This Internet-wide scan data also powers our Attack Surface Management (ASM) product, which comprehensively maps organizations’ Internet exposure. This data allows us to understand broader trends in Internet security and how organizations are exposed across the Internet.