This edition of the SOTI focuses on malicious activity detected and managed over the course of 2020 via DNS filtering.

This report looks at the malware used by a group called Sunburst. It gives a detailed timeline of attacks, and the code used in them. (more available)

This annual report looks at changes in internet of things security.

This article offers a glimpse into the inner workings of the Interplanetary Storm botnet, provides an exhaustive technical analysis of the Golang-written binaries along with an overview of the protocol internals and finally, some attribution information. (more available)

FireMon’s second annual State of Hybrid Cloud Security report dives into how the proliferation of cloud environments is impacting enterprises and their ability to scale and protect them. (more available)

Bitdefender researchers recently investigated a sophisticated APT-style cyberespionage attack targeting aninternational architectural and video production company, pointing to an advanced threat actor and a South Korean based C&C infrastructure. (more available)

An annual report using Carbon Black’s data sets of the Carbon Black Cloud customer footprint, Carbon Black User Exchange, public samples, Carbon Black Endpoint Standard data, and internal sources. (more available)

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

A special edition of the Veracode SOSS series, focusing on the vulnerabilities present in open source software libraries and the surrounding ecosystem. (more available)

The recent Chinese New Year ushered in the Year of the Rat, but from the perspective of the many corporations, government agencies and other organizations around the world who continue to be the targets of Advanced Persistent Threat (APT) groups acting in the interest of the Chinese government, recent years could aptly be described as the Decade of the RATs - Remote Access Trojans, that is. (more available)

In this report, BlackBerry researchers reveal what the focus on those groups has overshadowed: several governments with well-established cyber capabilities have long ago adapted to and exploited the mobile threat landscape for a decade or more. (more available)

This report outlines happenings in malware attacks for the last 3 months of 2019. In general, it says malware attacks died down this quarter. (more available)

A focused subset of Cisco’s 2018 full Cyber Security Report, focusing on cloud security practices.

Using data from the Verizon DBIR and other sources, this report reviews the value of DNS in overall organizational security.

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019. (more available)

This is a quarterly publication from Fortinet that looks at how the threat landscape has changed in the first quarter of 2019. (more available)

From the report, “From January 2018 through June 2019, Akamai recorded more than 61 billion credential stuffing attempts and more than 4 billion web application attacks. (more available)

The Bromium Threat Insights Report is updated on a regular basis to track notable threats and the information gleaned from them. (more available)

This specialized report offers insights into the Healthcare industry and the gaps in policies and procedures that could lead to damaging cyber events within the industry. (more available)

A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2000, as Amended

Akamai provides a thorough report to educated the industry on the attacks that are growing, evolving, and becoming more sophisticated.