This report provides 10 findings on how over 800 IT Pros handle Disaster Recovery & Cloud Adoption.

From the report, “The survey results show that companies should ensure their online interactions with customers are aligned around three key principles: trust, consent, and education.” Read on to understand more.

Historically, the annual Most Wired research has focused on measuring adoption of healthcare information technology to highlight those organizations with the broadest, deepest IT infrastructure. With the ever-growing need to improve healthcare, the research now adds a new emphasis on measuring key areas that can help advance the industry as well as on gathering information about organizations’ technology strategies (which include not just technology adoption but also the refinement of processes and the development of people). With this new focus, this year’s research and future Most Wired research can help identify gaps in healthcare organizations’ technology adoption and strategies and highlight areas in which the industry has opportunities to make progress.

F5 Labs, in conjunction with our data partner Loryka, has been tracking “The Hunt for IoT” for two years. We have focused our hunt primarily around port 23 telnet brute force attacks—the “low-hanging fruit” method—as they are the simplest, most common way to compromise an IoT device. (Telnet was also the most prominent attack type when we started this research series.)

In recent months, Beazley Breach Response (BBR) Services has seen the number of reported ransomware incidents climb again. The varieties of ransomware and the differing technical abilities of the criminals make effective response especially challenging. Breach response services, such as forensics and legal counsel, are often necessary in ransomware attacks to determine the attack vector and level of access obtained by the attacker. If the attacker accessed or exfiltrated personally identifiable information or protected health information, notification to affected individuals may be required by law.

This report offers insight into the Win32/Industroyer a new threat for industrial control systems.

“The Turla espionage group has been targeting various institutions for many years. Recently, we found several new versions of Carbon, a second stage backdoor in the Turla group arsenal. Last year, a technical analysis of this component was made by Swiss GovCERT.ch as part of their report detailing the attack that a defense firm owned by the Swiss government, RUAG, suffered in the past. This blog post highlights the technical innovations that we found in the latest versions of Carbon we have discovered.”

“In my previous blog posts I posted details of cyber attacks targeting Indian Ministry of External Affairs and Indian Navy’s Warship and Submarine Manufacturer. This blog post describes another attack campaign where attackers impersonated identity of Indian think tank IDSA (Institute for Defence Studies and Analyses) and sent out spear-phishing emails to target officials of the Central Bureau of Investigation (CBI) and possibly the officials of Indian Army.”

Iranian threat agent OilRig has been targeting multiple organisations in Israel and other countries in the Middle East since the end of 2015. In recent attacks they set up a fake VPN Web Portal and targeted at least five Israeli IT vendors, several financial institutes, and the Israeli Post Office. This report offers insight into this threat.

This report analyzes the Mac specific malware from APT28 named Trojan.MAC.APT28

Malware utilizing known Lazarus group tools was used in a heist of a Taiwan bank. This Malware was later uploaded to several repositories. This post analyses and summarizes the uploaded Malware from the repositories.

This report is specifically geared to the Healthcare and Cross-Sector Cybersecurity Issues.

This is a technical guidance document provided by the US Government. It provides an aggregate of already existing Federal government and private industry best practices and mitigation strategies focused on the prevention and response to ransomware incidents.

IBM fielded a US-based consumer and business research study to determine the value people place on data and their awareness and knowledge about ransomware. The results are alarming.

This report from April 2016 takes a look at a variety of threat events, and provides insight and solutions for those issues.

This guide offers help for surviving ransomware attacks.

This year’s study reveals the increasing risk of noncompliance with new global privacy and data protection regulations. Another important trend over the past three years is IT security’s continuing loss of control over cloud security practices and budget.

The goal of this book is to clarify the most frequently encountered concepts of inline security and be a resource as you develop your network security architecture. For each of the 20 terms included, they provide a simple definition, common use cases, and important considerations for deployment.

From the report, “We are pleased to present the findings of The Rise of Ransomware, sponsored by Carbonite, a report on how organizations are preparing for and dealing with ransomware infections. We surveyed 618 individuals in small to medium-sized organizations who have responsibility for containing ransomware infections within their organization.”

This paper takes a look at cloud sandboxing and how that can be used to protect governments from Ransomware.

This report from Symantec gives a variety of information about ransomware. It gives an overview, discusses the factors driving the growth and persistence of ransomware, infection vectors, platforms affected, the major ransomware families and finally, how businesses are going to be impacted.