Aaron Higbee, Co-founder and CTO, PhishMe, (now CoFense) discusses the future of phishing defence and asks which side of the fence the future of defence against phishing attacks lies: human or machine?

This annual report takes a look at the most popular vulnerabilites used by cybercriminals. It intends to help organizations make good, informed decisions about their cyber security.

This paper seeks to help mitigate serious crimes related to mobile security and credential fraud.

This e-book provides a helpful analysis of malware that mines cryptocurrency.

This paper presents the testimony, of Martin Libicki, presented before the House Armed Services Committee on March 1, 2017.

Notable declines in darknet exposure among black hat exhibitors, but does a risky darkint score correlate to share price performance?

This paper was conceived to examine the relative value placed on data from the perspective of different stakeholders: be they enterprise security professionals, regulators, insurers or cybercriminals. An integral part of this process is determining what that data is worth. The report attempts to answer this question and to provide guidance that can be used to help evaluate the cost of data breaches. It also looks at what data risk vigilance measures organizations have in place.

This report deals with mobile healthcare apps and their ability to be easily hacked.

This short report takes a look at cybersecurity related Credit Card Fraud.

This report aims to investigate the role of the Internet in facilitating drugs trade. It is commissioned by the Research and Documentation Centre (Wetenschappelijk Onderzoek- en Documentatiecentrum, WODC), the independent research arm of the Ministry of Security and Justice in the Netherlands. Special attention will therefore be paid to the role of Dutch actors in facilitating this trade.

This paper discusses the How and Why the Dark Web Marketplace for Ransomware Is Growing at a Rate of More Than 2,500% Per Year

Shap Security has a unique position to talk about credtial spills. This paper provides a breakdown of their experiences with the credential spill issues of 2017.

In this report, they highlight the statistics gathered by McAfee Labs in Q3 of 2017.

This paper lays out the 5 steps necessary for the foundation of an effective cyber risk management program.

This book provides excellent research and an in-depth study of cybercrime criminals and money.

From the report, “AED is an acronym we‘ve coined, short for “Acquire, Enrich, Detect.” It describes the process we use internally to collect threat intelligence and actualize our ability to identify when networks are under attack. We do this in the shortest possible time, with the highest degree of confidence, by looking ONLY at the raw network traffic.”

Trend Micro researchers’ in-depth explorations of the cybercriminal underworld— from Germany1, Brazil2, Japan3, North America4, and China5 to Russia6—have shown how financial gain motivates the way malware, crimeware, personally identifiable information (PII), and stolen commodities change hands. While their marketplaces are profit-driven and focused on flaunting their wares, we observed that the Middle Eastern and North African (MENA) underground was somewhat different with its ironic mix of ideology and felony.

To help organizations prepare for what lies ahead and ensure incident response plans are ready for the evolving data breach environment, Experian Data Breach Resolution has outlined five predictions for what we can expect in 2016.

This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications.

Based on this research on the growing age gaps in the workforce, Centrify has been able to identify some key recommendations that senior decision makers can follow to help bridge the gap and harmonise approaches to data security and privacy in the workplace.

This paper provides an in-depth look at current cryptominer trends and the technology behind Monero. Additionally, it explores the projected attack methods that threat actors are likely to adopt, as well as tactics and best practices that security teams can utilize to keep themselves on the right side of this emerging cat-and-mouse game.