With the limits of both hard military power and soft power in mind, we set out to explore the space in between: nonmilitary ways of coercing, deterring, weaken- ing, and punishing those that threaten peace, security, and U.S. inter- ests. This examination was part of a project for the Army Quadren- nial Defense Review Office called Hard Security. This report presents alternate approaches to securing U.S. interests that complement hard security and potentially make it more effective.

A Bulleton recapping headlines and stores in the Global Insurance and Regulatory industry.

This report from the Ahn Lab Security Emergency Response Center provides a review of various Cyber events that took place in the 1st QTR of 2017.

This report offers a helpful understanding of data breaches.

This paper lays out a testing methodology for organizations to dermine if they are prepared to handle DDoS attacks.

This monthly threat report takes a look at the month of January 2018. Specifically, it looks at two VULNS, the hacking of nuclear weapons, and the increase in suspected Chinese Cyber activity.

In this quarterly threats report, they highlight three Key Topics: In the lead story, they analyze the recent WannaCry and Petya attacks, the perpetrators’ likely motives, and the business impact. The second Key Topic departs from their usual threat analysis stories. Because threat hunting is becoming increasingly important, in this story they offer detailed advice and recommendations for using certain types of indicators of compromise when hunting for threats. In the final Key Topic, they explore script-based malware—why it is used, how authors obfuscate scripts, how it propagates, and its growth in popularity.

This report uses the impact of the Mirai botnet, to help stakeholders prevent future incidents by addressing the lack of security-by-design in the Internet-of-things and in the Internet itself.

This report provides a technical investigation of the malicious components involved in the attack that infected over 500,000 routers and network storage devices.

Discover why the entertainment and media industries are valuable targets for APT groups and hacktivists seeking influence.

This monthly threat report takes a look at the month of December 2017. Specifically, it looks at insights into Coinhive, intellectual property theft via Iranian hackers, and North Korea’s new cyberattack tools.

This report takes a look at a threat that specifically attacks Android users.

This blog post takes a look at a specific Chinese threat that is impacting Engineering and Maritime corporations.

This report continues Fortinet’s excellent threat report. It discusses operational technology, Zero-day markets, malware, cryptojacking, the hacking event at the winter olympics, the rise of botnets, and Adromeda. Read On!

In this report, you’ll find a few highlights of what FortiGuard Labs analysts gleaned from Q1 intelligence collections. After that, they hope you’ll hang around while they dig deep into the threat landscape to unearth nuggets of insight you definitely won’t want to miss.

This blog post discusses the point that organizations need to assess cybersecurity as a business enabler, rather than a hindrance.

This report discusses trends in the cyber security environment in Southeast Asia from January to June 2015. We will review some recent cases of attempted breaches on companies and governments, and provide an update on a group we first identified in 2013 as APT.Nineblog.

In this report, they review the state of cyber attribution and they consider alternative mechanisms for producing standardized and transparent attribution that may overcome concerns about credibility. In particular, this exploratory work considers the value of an indepen- dent, global organization whose mission consists of investigating and publicly attributing major cyber attacks.

This paper outlines five major components of a life-cycle approach to defense and how companies can adopt this model to maximize security in the current threat landscape.

This report provides an analysis of Microsoft’s PowerShell language and how it has been used by cybercriminals.

Understand the cyber threats targeting the education industry, including subsectors impacted by advanced threat groups.