This issue of the Rapid7 Quarterly Threat Report takes a deep dive into the threat landscape for 2018 Q4 and looks more broadly at 2018 as a whole. We provide an assessment of threat events by organization size and industry, and examine threat incident patterns identified through guidance from security specialists. We also further explore inbound activity to our honeypot network to identify trends and patterns that reveal rising new threats, such as Android Debug Bridge (ADB) activity, the persistence of old threats such as EternalBlue, and the vulnerability posed by non-novel credentials as revealed to publicly exposed systems. The report concludes with five steps you can take to bolster your organization’s security posture in 2019 and beyond, based on our findings.

“Our 6th annual DevSecOps community survey, represents the voice of 5,558 IT professionals and demonstrates that DevOps practices are maturing rapidly, security is being automated earlier in the development lifecycle, and management of software supply chains is a critical differentiator. "

From the report, “All three of our stories in this issue of the State of the Internet / Security report are about things most organizations aren’t examining. Whether the cause is that organizations don’t perceive some issues as important to their environment, if they don’t have tooling to monitor these issues, or if the resources to monitor this traffic are not available, this traffic is often being overlooked.”

This report examines emerging cyber security challenges and risks that businesses are facing as they embrace cloud services at an accelerating pace. The report provides leaders around the globe and across industries with important insights and recommendations for how they can ensure that cyber security is a critical business enabler. Cyber security leaders and practitioners can use this report to educate lines of business about the real security risks the cloud can present.

The HIMSS Media survey, Cloud Security Insights, sponsored by the Center for Connected Medicine, sought to better understand attitudes and perceptions about cloud security among hospitals and health systems. It’s findings: among the IT, cybersecurity and informatics professionals surveyed, more than half cited cybersecurity concerns as “significantly limiting” their use of cloud services.

In this paper, a depp look into existing cybersecurity practices, their shortcomings, and the urgent need to avoid breaches altogether and not just mitigate them after the fact.

This report offers advice for what to do when the barbarians are at your door…

In the last two years, businesses and governments have seen data breaches like Equifax and Marriott impact 100s of millions of accounts each, as well as critical intellectual property (IP) and core operations. A global survey of 600+ cybersecurity leaders and professionals by Ponemon Institute shows that 67% of organizations are not confident that they can avoid a data breach, and what the primary security and IT challenges that are causing this. The survey also provides fundamental recommendations that can reduce breach risk through innovating and improving a vulnerability management program.

This report takes a deep dive into examining the types of fraud that occur in the travel industry.

This report offers an inside look into how accounts are hacked and taken over.

Retailers can’t get paid if their payment processing doesn’t work. And if a transaction proves fraudulent, a retailer not only loses the value of the sale and the merchandise, but also risks losing the loyalty of a customer who was billed incorrectly for the purchase. Here’s a look at the essential components of payment processing that every online retailer should consider—no matter their size— in order to provide both a positive customer experience and to successfully collect payment.

This report offers the latest trends and insights into securing digital identities and transactions.

This guide offers helpful insight into online fraud.

From the report, “Each marketplace has to approve each game being sold, which gives your company credibility. Consumers also have the ability to rate the games with reviews in order to warn others about a game or a developer. Adding the consumer reviews is a layer of credibility for your game, as long as the reviews are positive. Being able to sell games directly online is great for merchants, but also opens them up to the possibility of fraud and chargebacks.” Read on to find out more.

From the report, “This report shares Feedzai’s original research. We found that fraudsters are attacking in methods that are faster and faster – and continuously new. The time horizon for the future of fraud has been shrinking. Today, the time horizon has shrunk to now. What does this new now look like?” Read on to find out more.

This report offers insight into the changes occurring in the financial services industry as relates to the revised Payment Services Directive (PSD2).

From the report, “Before we begin the 2018 Black Report in earnest, it’s important to understand who our respondents are. Last year, we focused on people who referred to themselves as hackers or professional penetration testers. This year, we broadened our survey to include incident responders. These guys deal first-hand with hackers and the aftermath of data breaches. And as you’ll see, their perspective provided a tremendously valuable contribution to the results of the survey.” Read on to find out more.

From the report, “Analyzing this flurry of legislative activity in 2018, we have identified a number of continuing trends. In general, the overarching trend is increasing stringency and growing complexity in breach notification obligations. In the following pages, we’ll break down this overarching trend into separate and distinct trends. We’ll also look at what these trends mean for how privacy and security professionals work today.”

From the report, “This quarter’s report covers three main areas of concern for the modern IT defender: • First, credential theft, reuse, and subsequent suspicious logins are—today— the most commonly reported significant incident we’re seeing across both small (<1,000 endpoints) and large organizations (≥1,000 endpoints). • Second, the DDoS landscape just got a lot more interesting with the debut of a new technique using misconfigured—and plentiful—memcached servers. • Finally, we take a look at the increasing levels of SMB and Cisco SMI attacker probes and attacks, where the former continues to define the “new normal” level of background malicious behavior around Windows networking, and the latter begins to bring shape to this relatively new attack vector targeting core router infrastructure.” Read on to find out more.

This helpful guide provides insight into the settings you should maintain on all of the major social networks. Read on to learn more.

This report offers the following highlights - Case study of a Fortune 50 organization breached via social media, Deep dive into each layer of the new attack chain, A detailed look at impersonation accounts and hijacked accounts, a new staple in the attack lifecycle, Tactics, techniques, and procedures (TTPs) used by the modern attacker on social media, Recommendations and best practices for updating your security posture.