The Blackberry 2022 Threat Report is not a simple retrospective of the cyberattacks of 2021. It is a high-level look at issues affecting cybersecurity across the globe, both directly and indirectly. It covers elements of critical infrastructure exploitation, adversarial artificial intelligence (Al), initial access brokers (IABs), critical event management (CEM), extended detection and response (XDR), and other issues shaping our current security environment.

This report provides an analysis of the DNS queries blocked by Protective DNS, finds commonalities among the end users that are protected, and uses a financial model to estimate the value of the threat prevention provided by Protective DNS to the UK economy.

Our latest Trellix Threat Lab Research Report includes our findings from Q4 2021, our identification of a multi-stage espionage attack on high-ranking government officials, and our recent analysis of cyberattacks targeting Ukraine and the newly identified HermeticWiper during Q1.

This report primarily analyzes threat data from millions for Fortinet devices across the internet.

The Fortinet Threat Landscape Index (TLI) was developed to provide an ongoing barometer of overall malicious activity across the internet. The TLI is based on the premise that the cyber landscape gets more threatening as more of our sensors detect a wider variety of threats at a higher volume.

The data used in this report comes from Cisco Umbrella, Cisco’s cloud delivered security service that includes DNS-layer security, secure web gateway, firewall, cloud access security broker (CASB) functionality, and threat intelligence.

This inaugural report covers seven years of data from the DBIR as well as additional Verizon information, providing an overview of the cyber-espionage landscape. Attackers, motivations, methods, and victims are all focus areas.

This edition of the SOTI focuses on malicious activity detected and managed over the course of 2020 via DNS filtering.

This report looks at the malware used by a group called Sunburst. It gives a detailed timeline of attacks, and the code used in them. It also compares the code to popular malware like Kazuar, suggesting it is being used by the same groups.

This annual report looks at changes in internet of things security.

This article offers a glimpse into the inner workings of the Interplanetary Storm botnet, provides an exhaustive technical analysis of the Golang-written binaries along with an overview of the protocol internals and finally, some attribution information.

FireMon’s second annual State of Hybrid Cloud Security report dives into how the proliferation of cloud environments is impacting enterprises and their ability to scale and protect them.

Bitdefender researchers recently investigated a sophisticated APT-style cyberespionage attack targeting aninternational architectural and video production company, pointing to an advanced threat actor and a South Korean based C&C infrastructure. This report goes in-depth on this attack.

An annual report using Carbon Black’s data sets of the Carbon Black Cloud customer footprint, Carbon Black User Exchange, public samples, Carbon Black Endpoint Standard data, and internal sources. Leverages the ATT&CK framework to determine common tools-techniques-processess (TTPs).

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

A special edition of the Veracode SOSS series, focusing on the vulnerabilities present in open source software libraries and the surrounding ecosystem.

The recent Chinese New Year ushered in the Year of the Rat, but from the perspective of the many corporations, government agencies and other organizations around the world who continue to be the targets of Advanced Persistent Threat (APT) groups acting in the interest of the Chinese government, recent years could aptly be described as the Decade of the RATs - Remote Access Trojans, that is.

In this report, BlackBerry researchers reveal what the focus on those groups has overshadowed: several governments with well-established cyber capabilities have long ago adapted to and exploited the mobile threat landscape for a decade or more. In this context, mobile malware is not a new or niche effort, but a longstanding part of a cross-platform strategy integrated with traditional desktop malware in diverse ways across the geopolitical sphere.

This report outlines happenings in malware attacks for the last 3 months of 2019. In general, it says malware attacks died down this quarter.

A focused subset of Cisco’s 2018 full Cyber Security Report, focusing on cloud security practices.

Using data from the Verizon DBIR and other sources, this report reviews the value of DNS in overall organizational security.