In this white-paper, we address both high-level concepts: With respect to ransomware, what are the current adversary trends, and then what can organizations do to defend themselves (or better defend themselves)? (more available)

The CDR is the most geographically comprehensive, vendor-agnostic study of IT security decision makers and practitioners. Rather than compiling cyberthreat statistics and assessing the damage caused by data breaches, the CDR surveys the perceptions of IT security professionals, gaining insights into how they see the world. (more available)

Amid our worldwide bedlam, this report is aimed at informing for the purposes of preparation. Whether you find yourself in the midst of government affairs, technology management, or business operations, the state of rising factors impacts nearly every country, either directly or indirectly, and provides a ripe setting for cyberattacks to thrive. (more available)

This report investigates the trends, pioneered by the Maze ransomware group, of double extortion. In particular, we examine the contents of initial data disclosures intended to coerce victims to pay ransoms. (more available)

As these ransomware gangs and RaaS operators find new ways to remove technical barriers and up the ante, ransomware will continue to challenge organizations of all sizes in 2022. (more available)

The Blackberry 2022 Threat Report is not a simple retrospective of the cyberattacks of 2021. It is a high-level look at issues affecting cybersecurity across the globe, both directly and indirectly. (more available)

Arctic Wolf’s 2022 Security Trends Report provides insight into the current and future state of these cybersecurity teams as they attempt to move their security programs forward while dealing with an ever-evolving threat environment. (more available)

This survey report focuses on the current trends in cybersecurity workforce development, staffing, cybersecurity budgets, threat landscape and cyber-maturity. The survey findings reinforce past reporting and, in certain instances, mirror prior year data. (more available)

This report was created by the ConnectWise Cyber Research Unit (CRU) - a dedicated team of ConnectWise threat hunters that identifies new vulnerabilities, researches them, and shares what they find for all to see in the community. (more available)

In 2021, the industry saw a transition into threat actor separation of duties, with an increase in groups focused on obtaining and selling access to victims (Initial Access Brokers). (more available)

At Nuspire, we’re still witnessing threat actors using malicious files and cashing in on newly announced vulnerabilities. Threat actors are opportunistic for the most part and seek the easiest access for the least amount of effort. (more available)

This study offers the kind of insights CISOs have long been asking for - to benchmark their situation and experience against others; to learn from what their peers are doing and planning to do ; and to validate ideas and obtain solid data to justify investments in these areas. (more available)

The intent of the exercise was to assess public and private sector-wide communications and information-sharing mechanisms, crisis management protocols, and decision-making, as well as legal and regulatory considerations as exercise participants responded to and recovered from significant ransomeware attacks targeting the financial sector. (more available)

For this, our 15th anniversary installment, we continue in that same tradition by providing insight into what threats your organization is likely to face today, along with the occasional look back at previous reports and how the threat landscape has changed over the intervening years. (more available)

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. (more available)

This report explores how CISOs are adjusting in the wake of pandemic disruption, adapting strategies to support long-term hybrid work and battling an increasingly sophisticated threat landscape. (more available)

Based on Arete case data, the commonly observed techniques and vulnerabilities of 2021 will likely not change through most of 2022. (more available)

For many cybersecurity community, the past several months have been a dumpster fire. We’ve analyzed and tracked definitive data from more than 1,500 incident response and forensic cases over 12 months to provide unique visibility into the state of ransomware. (more available)

From Q2 to Q3 2021, ransomware gained increasing attention. In Q3 2021, threat actors also continued mass exploitation of vulnerabilities in systems, including those in Microsoft Exchange. (more available)

This report provides an analysis of the DNS queries blocked by Protective DNS, finds commonalities among the end users that are protected, and uses a financial model to estimate the value of the threat prevention provided by Protective DNS to the UK economy. (more available)

Our latest Trellix Threat Lab Research Report includes our findings from Q4 2021, our identification of a multi-stage espionage attack on high-ranking government officials, and our recent analysis of cyberattacks targeting Ukraine and the newly identified HermeticWiper during Q1. (more available)