Positive Technologies experts regularly perform security analysis of mobile applications. This report summarizes the findings of their work performing security assessment of mobile apps for iOS and Android in 2018.

This report explores how businesses worldwide are approaching data management, the most common challenges with backups and availability, and the lessons leaders can learn from how high-performing businesses are using data as they continue to transform.

This report offers quantitative findings from a study of UK individuals to measure and understand awareness and attitudes towards cyber security, and related behaviors. The findings are part of a wider research project to provide insight to inform HM Government’s approach to encourage positive behavior amongst the public in protecting themselves against cyber threats.

This report offers new insights into ransomware and the issues related to this problem.

Business in the Community is delighted to present this report, which confirms where we all can play a role in better online security and how we – business leaders, think tanks, government – can achieve this. We encourage CEOs and business owners of all sizes to take actions after reading this report. If you are a small business owner, we hope it inspires you to implement the recommendations to be safer online. For larger businesses, we hope you will consider joining our call to action. By working together, we will be a step closer to achieving the National Cyber Security Centre’s vision to help: “make the UK the safest place to live and do business online”.

From the report, ““Realized coverage & efficiency vary greatly among firms—over 50% between top and bottom performers—indicating different remediation strategies lead to very different outcomes.” Where is your strategy leading?” Read on to find out more.

According to IDC’s 2018 Data Services for Hybrid Cloud Survey: » 65% of enterprise IT security, line-of-business IT, and data management specialists cited a medium to robust digital rights management deployment in their organization. » Organizations are struggling to secure data across multi-cloud and hybrid environments. More than 37% of survey respondents indicated that the growing complexity of security solutions is a significant challenge that often impedes data governance policy enforcement.

From the report, “This technical whitepaper presents and discusses the concept of “Connectivity as Code”, a complementary concept to “Infrastructure as Code” (IaC), and we will explain how it can be incorporated into the DevOps lifecycle for a more agile application delivery. We will also describe how empowering the developer to define the application’s connectivity requirements will bridge the gap between developers and network security, and help to automate the application delivery process end-to-end. The solution presented in this whitepaper seamlessly weaves network connectivity into the DevOps methodology, while ensuring continuous compliance, so that automation does not compromise security.”

From the report, “The bottom line is that good customers who transact online are suffering a bad purchasing experience – and this is doubly harmful to both card issuers and merchants. Cardholders may elect to abandon a purchase altogether, seek a different online store to minimize purchase friction, or pull out a different card – sending their go-to card to the back of wallet. This paper explores the size of the problem, explains the destructive impact on customers who are wrongly turned away, delves into why transactions are declined and reveals how the industry currently manages declines from both a card issuer and merchant perspective. Finally, it presents some possible approaches to the problem, including several pilot programs that Ethoca currently has underway with card issuers and merchants.”

This report examines trends in vulnerabilities, exploits and threats in order to better align your security strategy with the current threat landscape. Incorporating such intelligence to vulnerability management programs begins to put vulnerabilities in risk–based context and helps to focus remediation on vulnerabilities most likely to be used in an attack. This is an update to a report published in January 2018 to reflect mid–year trends. All statistics for 2018 reflect data from the first half of the year — January 1, 2018 through June 30, 2018.

This report has been produced in partnership with the 400,000 member Cybersecurity Insiders community of IT security professionals to explore how AWS user organizations are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

This report offers deep insight into the threat actor known as Oilrig.

RiskIQ uses its repository of scanned mobile application stores to perform analaysis on threat trends in the mobile application space. The first quarter of 2018 showed a 43 percent decrease in blocklisted apps over Q4. Key threat trends include brand imitation, phishing, malware. A spike in apps targeting cryptocurrency and high-profile threats from nation-state actors.

This report offers insight into how you can use the theory of 8 degrees of separation in threat research.

This report offers insight into Ransomware and explains the growing threat that impacts enterprise security.

The big-name breaches have made us all sensitive to the loss of personal and competitive data. But are we overlooking the real risks? Shawn Henry of Crowdstrike offers insight on how we need to evolve our core defenses.

This paper discusses one possible avenue for improving EDR which is the broader adoption of machine learning techniques.

This paper provides a checklist to address CIS Critical Security Controls.

In mid-2018, VansonBourne conducted research on behalf of Nutanix to gain insight into enterprise plans for adopting private, hybrid, and public clouds. The respondent base spanned multiple industries, business sizes, and geographies, which included the Americas; Europe, the Middle East, and Africa (EMEA); and AsiaPacific (APJ) regions.

In this research, Digital Shadows assessed the sensitive data exposed from some of the most ubiquitous file sharing services across the Internet. We found over twelve petabytes of publicly available data across open Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives.

This paper provides information on Bad Rabbit a new ransomware roving the internet.