In this report, we’ve analyzed on-the-ground evidence collected while responding to nearly 1,500 ransomware events exceeding $1 billion in ransom demands. (more available)

The Zscaler Zero Trust Exchange houses the largest security data set in the world, collected from over 300 trillion signals and 160 billion daily transactions - more than 15x the volume of Google searches each day. (more available)

This report is to share notable trends and investigations to help inform our community’s understanding of the evolving security threats we see. (more available)

In this white-paper, we address both high-level concepts: With respect to ransomware, what are the current adversary trends, and then what can organizations do to defend themselves (or better defend themselves)? (more available)

In this report, we examine 10 prolific banking trojans targeting Android mobile apps of users worldwide, detailing their features and capabilities. (more available)

The Blackberry 2022 Threat Report is not a simple retrospective of the cyberattacks of 2021. It is a high-level look at issues affecting cybersecurity across the globe, both directly and indirectly. (more available)

This report provides an analysis of the DNS queries blocked by Protective DNS, finds commonalities among the end users that are protected, and uses a financial model to estimate the value of the threat prevention provided by Protective DNS to the UK economy. (more available)

Our latest Trellix Threat Lab Research Report includes our findings from Q4 2021, our identification of a multi-stage espionage attack on high-ranking government officials, and our recent analysis of cyberattacks targeting Ukraine and the newly identified HermeticWiper during Q1. (more available)

This report primarily analyzes threat data from millions for Fortinet devices across the internet.

The Fortinet Threat Landscape Index (TLI) was developed to provide an ongoing barometer of overall malicious activity across the internet. The TLI is based on the premise that the cyber landscape gets more threatening as more of our sensors detect a wider variety of threats at a higher volume. (more available)

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During September and October 2020, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider. (more available)

The data used in this report comes from Cisco Umbrella, Cisco’s cloud delivered security service that includes DNS-layer security, secure web gateway, firewall, cloud access security broker (CASB) functionality, and threat intelligence. (more available)

This inaugural report covers seven years of data from the DBIR as well as additional Verizon information, providing an overview of the cyber-espionage landscape. (more available)

This edition of the SOTI focuses on malicious activity detected and managed over the course of 2020 via DNS filtering.

This report looks at the malware used by a group called Sunburst. It gives a detailed timeline of attacks, and the code used in them. (more available)

This annual report looks at changes in internet of things security.

This article offers a glimpse into the inner workings of the Interplanetary Storm botnet, provides an exhaustive technical analysis of the Golang-written binaries along with an overview of the protocol internals and finally, some attribution information. (more available)

FireMon’s second annual State of Hybrid Cloud Security report dives into how the proliferation of cloud environments is impacting enterprises and their ability to scale and protect them. (more available)

Bitdefender researchers recently investigated a sophisticated APT-style cyberespionage attack targeting aninternational architectural and video production company, pointing to an advanced threat actor and a South Korean based C&C infrastructure. (more available)

An annual report using Carbon Black’s data sets of the Carbon Black Cloud customer footprint, Carbon Black User Exchange, public samples, Carbon Black Endpoint Standard data, and internal sources. (more available)

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.