This is the 6th annual SOTI from Akamai. The Key findings are: • Between November 2017 and October 2019, more than 40% of the unique DDoS targets were in the financial services industry • Traditional logins (username and password) still account for the majority (74%) of access methods to applications and services • From May to October 2019, credential stuffing attacks targeting the financial services industry have targeted APIs, often accounting for 75% or more of the total login attacks against financial services

This report anticipates activity targeting and affecting ICS to increase into 2020 and further. It expects to see more adversaries expand their focus to additional criticalinfrastructure and industrial environments, which willlikely align with activity associated with military orgeopolitical conflict. Although defenders continue to gaininsight through OT-specific detection and monitoringplatforms, it is imperative people continue to improvevisibility into activities and threats impacting criticalinfrastructure.

This report covers: the security practices for each of the two different core projects, both Angular and React, the state of security of each of the two different module ecosystems, based on an in-depth look at the vulnerabilities contained in each of the ecosystems, the security practices for other common JavaScript frontend framework alternatives such as Vue.js, Bootstrap and jQuery, and the significant security differences between the different alternatives, and particularly between Angular and React

This report covers penetration prevention in the last year. It covers changes in penetration prevention such as the levels of risk incurred by applications, the way the shift to the cloud affects risk, and how the size of the business affects risk.

The goal of this survey was to capture hard data on experiences, trends and approaches to security around identity technologies which include IGA, PAM and account management solutions.

Cofence report on how phishing attempts and phishing prevention have changed in 2019.

In this fourth edition of BeyondTrust’s annual Privileged Access Threat Report, we’ll be exploring the 2019 threat landscape in detail, with a focus on how security decision makers are utilizing Privileged Access Management (PAM) solutions to mitigate these risks.

Bomgar outlines how to defend against security threats, showing two distinct groups of threats, prevention techniques, etc.

A report by DZone showing trends in the changing AppSec industry.

Most blogs or papers about crypto-ransomware typically focus on the threat’s delivery, encryption algorithms and communication, with associated indicators of compromise (IOCs). This research paper takes a different approach: an analysis of the file system activity or behaviors of prominent crypto-ransomware families (hereafter, simply called ransomware).

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019.

In this eBook, they’ll cover: • The Insider Threat investigation process with security solutions like Security Information and Event Management (SIEMs) • What an investigation looks like within ObserveIT, a dedicated insider threat management platform, including: – Proactive threat hunting – Reactive alert investigations after a known incident

This report compiles information gained by the Trustwave SpiderLabs who maintain a presence in some of the more prominent recess of the online criminal underground. The provide information on the dark web’s code of honor, reputation systems, job market, and techniques used by cybercriminals to hide their tracks from law enforcement.

From the report, “From January 2018 through June 2019, Akamai recorded more than 61 billion credential stuffing attempts and more than 4 billion web application attacks. In this special edition of the State of the Internet / Security Report, we’re focusing on data within the high tech, video media, and entertainment sectors — collectively named Media & Technology.”

From the report, “We wanted to do something different for this report. Instead of looking at a single type of attack, we stepped back to look at attacks against banks, credit unions, trading companies, and other organizations that make up financial services as a whole. Most defenders only see a very small segment of the overall traffic, whether they’re the target or the vendor supplying defensive tools. The breadth of Akamai’s products and our visibility into a significant portion of Internet traffic allows us to research multiple stages of the attack economy.”

This paper provides a review and analysis of 2018 cyber incidents and key trends to address.

From the report, “It is clear that there is no shortage of vulnerabilities to find. In the last year, Bugcrowd saw a 92% increase in total vulnerabilities reported over the previous year. The average payout per vulnerability increased this year by a whopping 83%, with average payouts for critical vulnerabilities reaching $2,669.92 — a 27% increase over last year.”

This report is essential reading for executives, security practitioners and development teams who want to better understand the present state of software security risk, and who seek to benchmark and improve their own organization’s performance.

From the report, “After working with hundreds of security professionals and covering over 1 million assets at some of the world’s most innovative brands, the team at Axonius has identified 5 things that security teams discover when they automate cybersecurity asset management. In this short paper, we’ll review each of these findings, discuss their security implications, and show how automating asset management can both find and resolve these challenges.”

This report discusses the problems with passwords, “The problem is that passwords, 2FA and legacy multi-factor authentication solutions have one thing in common – they rely on shared secrets. That means that a user has a secret, and a centralized authority holds the same secret. When authenticating, those two secrets are compared to approve user access. If a malicious 3rd party intercepts the secret, they can impersonate the user. The bad news is that this reliance on shared secrets has kept large populations of users vulnerable to phishing, credential stuffing attacks, and password reuse while contributing to the steep rise in Account Take Over (ATO). The good news? The Digital Identity landscape is about to change very quickly.”

This installment of State of the Internet / Security examines credential stuffing and web application attack trends over the last 17 months, with a focus on the gaming industry. One reason gaming is so lucrative is the trend of adding easily commoditized items for gamers to consume, such as cosmetic enhancements, special weapons, or other related items. Gamers are also a niche demographic known for spending money, so their financial status makes them tempting targets. We began collecting credential abuse data at the beginning of November 2017 and chose to use the same period with our application attack data to make direct comparisons between plots easier for readers.