In this report, Marsh McLennan’s team demonstrated a statistically significant correlation between all of our dark web intelligence sources - including (but not limited to) dark web market listings, hacking forum chatter, and dark web traffic to and from the corporate network - and an increased likelihood of suffering a cybersecurity incident. Put simply: the presence of any dark web findings related to an organization - without exception - was associated with a higher likelihood of a breach.

The 3rd edition of the Lucy Study builds on a four-year history of objective comprehensive and robust data. The study lacks precision on the segment of small and micro companies. The number of insured companies - and there analyzed - is not yet sufficient in relation to the number of companies listed by INSEE.

Attackers continue to gain ground. In 2023, the average duration of attacks increased by 403%. Read about DDoS trends and what you can do about them in Zayo’s DDoS Insights Report. This report contains insights, analysis, and conclusions about each industry under attack. Further, it provides you the steps to take to ensure your business isn’t harmed by the DDoS attacks heading your way.

The report raises a number of interesting findings, which you’ll read about in the pages to come. However, one through line that emerges is the need for reliable threat intelligence and its impact on threat hunters’ ability to do their jobs well. Threat intelligence, or lack thereof, is a commonality across the top challenges respondents identified. Access to threat intelligence also affects nearly every aspect of how respondents say they do their jobs.

This white paper explores the 5-step process, highlighting our findings across many data sources and rigorous testing of our telemetry pipeline. As we detail our methodology, we’ll also suggest different use cases. The goal is to showcase our journey and equip you with the tools and understanding to optimize your telemetry data.

Application Programming Interfaces (APIs) have emerged as useful tools that streamline business operations and enhance the digital experience for customers. As their use has proliferated, however, the importance of properly securing APIs is also becoming increasingly evident. API-related hacks and data breaches have impacted companies across nearly all sectors and geographies, resulting in skyrocketing remediation and legal costs for companies.

In this edition of the State of the Internet/Security (SOTI) report, we continue to research the array of attacks observed in web applications and API, their impacts on the organization, and how vulnerabilities figure in the API landscape. Our goal is to illustrate the dangers posed by the web application and API attacks, with recommendations on how to successfully defend your network against such attacks.

This research was conducted to understand the challenges and issues facing businesses worldwide when it comes to escalating cyberattacks. It identifies trends in hacking and malicious attacks, and the financial and repetitional impact breaches had in what has been an unprecedented year. It examines organizations’ plans for securing new technology, adopting a cloud-first security strategy, and dealing with the complexity of the current cybersecurity management environment.

It’s a horror story that many organizations are familiar with - an employee clicks a link or visits a website, and chaos ensues. At best, it’s just a minor disruption. At worst, business continuity is broken, and an organization’s critical infrastructure is at risk. Regardless of the outcome, managing human risk is a major part of business today. In this report, we dive into what makes workers high risk, where those high risk users spend their time, what are their riskiest behaviors, and what that might mean for your organization’s security.

Radware’s 2022 Global Threat Analysis Report reviews the year’s most important cybersecurity events and provides detailed insights into the attack activity of 2022. The report leverages intelligence provided by Radware’s Threat Intelligence Team, and network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network and Threat Research team.

Our findings should serve as a wake-up call to both the mid-market segment and the cyber security industry that is currently underserving it. In just the past two years, attacks against mid-sized companies overall have increased by 150%, with attacks against specific sectors ranging from just about doubling to nearly tripling over that two-year period. At the same-time, mid-market companies’ defenses against these growing attacks have not kept pace.

Intel 471 reported 34 ransomware variants were used to conduct 722 attacks from October 2021 to December 2021, an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

Intel 471 reported 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022, a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The daily average of reported LockBit breaches was two - the same trend we observed from the ransomware group in the third and fourth quarters of 2021 and the first and second quarters of 2022.

The past year, the VOID grew from 2,000 to nearly 10,000 incident reports from close to 600 organizations. We rigorously collect the same metadata, along with a new value: severity. This enabled us to investigate whether there is a relationship between the reported length of the incident and the impact (or severity) of the incident.

This report, the Annual Report Trust Services Security Incidents 2021, analyzing root causes, statistics and trends. This report marks the sixth round of security incident reporting for the for the EU’s trust services sector. In this round of annual summary reporting a total of 27 EU countries and 3 EEA countries took part. They reported a total of 46 incidents.

The 2021 Insider Threat Report reveals the latest trends and challenges facing organizations in this new environment. The report explores how IT and cybersecurity professionals deal with risky insiders and how organizations are preparing to protect their critical data and IT infrastructure better.

The 2022 Endpoint Security Report reveals the latest endpoint security trends and challenges, why and how organizations invest in endpoint security, and the security capabilities companies are prioritizing.

Q3 saw a notable trend in which attackers launched DDoS attacks at single targets within a CSP, attributing an attack size increase of 544% QoQ and 232% YoY. Over 55% of attackers focused on hitting specific service with high volumes of traffic simultaneously. Due to the dramatic increase in attack size, this shift to employing high-penetration volumetric attacks can potentially lead to additional impact to CSP networks, regionally.

In the first half of 2021, we found that 99.09% of attacks were smaller than 10Gbps and 95.62% of attacks were smaller than 1Gbps, of which we believe a majority were launched using readily available and inexpensive DDoS-for-hire services.

In this edition of our quarterly report, there will be a special feature story that focuses on the DDoS issues surrounding the online gaming industry, in particular, why it is an industry to keep an eye on - especially the service providers to this industry. And why the popularity of online gaming has skyrocketed in Q3.

In this report, we’re going to discuss how bit-and-piece attacks have continued to evolve, and are able to successfully evade DDoS mitigation schemes when blended with multiple attack vectors, and the challenges that these advanced attack tactics present to the cybersecurity world.