Contrary to popular belief, every device is worth hacking when the process is automated. It doesn’t matter who or where you are, if you own a company big or small, or have technology in the home – every device can be monetized by an enterprising criminal. Brute force login attempts are likely occurring on any online device. Yet the speed and scale of the problem can boggle the mind. Criminals are relentless and often competitive with one another to find, take over, and monetize your smart devices. The research you’ll find here, using honeypot devices across the internet, is a first step in attempting to quantify the issue.

An In Depth Look at the most prevalent ATT&CK techniques according to Red Canary’s historical detection dataset.

The problem that occurs when applications deserialize data from untrusted sources is one of the most widespread security vulnerabilities to occur over the last couple years. This article will provide background on the deserialization vulnerability, describe the limitations of the existing mitigation techniques and explain why Waratek’s Compiler Based solution is ideal in solving this problem.

From the report, “The Prioritization to Prediction series is an ongoing research initiative between Kenna Security and the Cyentia Institute. The first volume proposed a model for predicting which of the numerous hardware and software vulnerabilities published each month were most likely to be exploited, and thus deserving of priority remediation. The second volume sought to apply and test that theoretical model using empirical data collected on billions of observed vulnerabilities. We ended the last report by analyzing vulnerability remediation timeframes across a sample of 12 firms. This third volume picks up where we left off and expands the analysis to roughly 300 organizations of different types and sizes. We leverage a technique called survival analysis to draw out important lessons about remediation velocity and capacity, concepts we explore and define during the course of this report. Overall, our goal is to understand what it means to survive—nay thrive—in the race of vulnerability remediation.” Read on to find out more.

This report takes a specific look back at connected medical device events that occurred in 2017.

This report offers insight into the impact of AI from both the attackers, and the cybersecurity warriors.

This third edition of the Hacker’s Playbook Findings Report continues in the tradition of reporting enterprise security trends from the point of view of an attacker. The findings represent anonymized data from many millions of SafeBreach breach methods executed within real production environments. This edition includes existing Hacker’s Playbook Findings Report data and new data from deployments between January 2017 and November 2017, with a combination of over 3,400 total breach methods and almost 11.5 million simulations completed. This report reflects which attacks are blocked, which are successful, and key trends and findings based on actual security controller effectiveness.

This brief but important report offers information into the events and data from the holiday shopping season of 2018.

FireMon is proud to present its 2nd Annual State of the Firewall Report based on a November 2015 survey of 600 IT security practitioners, representing a range of professional roles, organization sizes and industry verticals. Survey participants were asked 21 questions about their current firewall infrastructure and management challenges as well as questions about adoption and impact of emerging technologies such as NGFW, SDN and cloud. When compared with results from the 2015 study, the responses revealed three trends that this report will explore further: 1) Firewalls remain an extremely valuable part of the network security infrastructure; 2) Next-generation firewalls continue to see broad adoption, adding complexity to security management; and 3) Awareness around SDN and its impact on network security has increased.

The State of Manual Reviews: 2018 Report, brought to you by Kount and Paladin Group, provides survey results about manual review trends and best practices in the card-not-present (CNP) payments environment. It includes key performance indicators (KPIs) and demographic details related to participating merchants. In addition, participants in the survey shared insights about the tools, services, and solutions they employ for their manual review process.

From the report, “Partnering with retailers for over a decade to detect and prevent online fraud has unearthed many insights about eCommerce criminals. One insight is that while detecting and preventing fraudster attacks is good, it is even better to catch and prosecute. But gathering evidence and building a case can be complex. Kount asked Skip Myers and Chad Evans to share best practices and firsthand success stories with building, submitting cases and engaging with law enforcement to not only catch fraudsters, but to bring them to justice.”

Kount and The Fraud Practice designed the State of CNP False Positives survey because false positives are one of the least, if not the least, understood aspects of risk management. While merchants tend to focus directly on chargebacks and fraud losses, false positives are another major source of lost revenue but are often underestimated if not ignored altogether.

Forter and PYMNTS.com partnered together to track, analyze and report on the important trends happening in the world of fraud as it relates to payments and commerce online. Every quarter we will monitor how fraud attempts, reflected as a percent of U.S. sales transactions, on U.S. merchant websites are trending. Up? Down? Stable? Time to panic? Hopefully not.

This report offers insight into 6 different fraud profiles in the online world.

This whitepaper is intended to help firms understand how security automation can accelerate analyst response time to incoming phishing alerts and minimize the impact of these malicious attacks on their environment.

From the report, “To understand current levels of exposure and resiliency, Rapid7 Labs measured 4532 of the 2017 Fortune 500 List3 for: • Overall attack surface (the number of exposed servers/devices); • Presence of dangerous or insecure services; • Phishing defense posture; • Evidence of system compromise; • Weak public service and metadata configurations; and • Joint third-party website dependency risks.” Read on to find out more.

In 2016, Rapid7 Labs launched the National Exposure Index in order to get a measurable, quantitative answer to a fairly fundamental question: What is the nature of internet exposure—services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet—and where, physically, are these exposed services located? Now in our third year, we continue this ongoing investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the continuing changes involving these exposed services. We’ve also added a third dimension for exposure, “amplification potential,” in the wake of the disastrous memcached exposure uncovered in 2018.

In this whitepaper, they look at three categories of approaches taken by malware to evade sandboxes and explore techniques associated with each approach.

This report includes detailed technical information discovered during our analysis of the forensics artifacts collected from the affected systems by the AIR Module. The report provides detailed information about the key processes used by AIR to review the malicious activity and detect the infection quickly. We also break down the encoding techniques, the registry operation, and the protection and communication mechanisms used by Kovter.

From the report, “An OS-Centric Positive Security isn’t a silver bullet, but it can be a tremendously valuable and complementary defense mechanism—your second or last line of defense. The majority of endpoint security solutions deployed today are based on the Negative Security model; so, it’s time to add a Positive Security solution to strengthen your endpoint protection.” Read on to find out more.

From the report, “For security teams, the sheer depth and breadth of what they need to defend may seem daunting, but thinking about the Internet from an attacker’s perspective —a collection of digital assets that are discoverable by hackers as they research their next campaigns— can put the massive scope of their organization’s attack surface into perspective. In this report, we’ll highlight five areas that we feel help to better frame the challenges faced in keeping the Internet a safe environment, all of which underline a need to broaden awareness of the potential risks involved to foster a more informed approach to cyber defense.”