In the third quarter of 2022, Trellix delivered a new, powerful resource to support the future of extended detection and response (XDR) and cybersecurity. The first Threat Report presented by the Trellix Advanced Research Center, showcases the rapid research and real-time intelligence resources with notable data and findings from Q3 2022 including: Increased threats to Transportations and Shipping sectors, Increased threats to Germany and The proliferation of old CVEs from 2016, 2017, 2018 - as the most commonly exploited in 2022.

In T2 2022, we saw the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, which likely continued to lose their steam due to the Russia-Ukraine war, along with the post- COVOD return to offices and overall improved security of corporate environments. Even with declining numbers, Russia IP addresses continued to be responsible for the large portion of RDP attacks.

The final months of 2022 were bustling with interesting ESET research findings. Our researchers discovered a MirrorFace spearphishing campaign against high-profile Japanese political entities, and new ransomware named RansomBoggs that targets multiple organizations in Ukraine and has Sandworm’s fingerprints all over it. ESET researchers also discovered a campaign conducted by the infamous Lazarus group that targets its victims with spear-phishing emails containing documents with fake job offers; one of the lures was sent to an aerospace company employee.

Last year, we made several predictions about how the threat landscape would evolve, ranging from attackers spending more effort on pre-attack activities to an increasing number of attack attempts impacting operational technology (OT). Lets look at how some of our predictions fared and how we expect these threats to evolve as we plan for 2023.

The IBM Security X-Force Threat Intelligence Index 2023 tracks new and existing trends and attack patterns and includes billions of datapoints ranging from network and endpoint devices, incident response (IR) engagements, vulnerability and exploit databases and more. This report is a comprehensive collection of our research data from January to December 2022.

CyberEdge’s annual Cyberthreat Defense Report (CDR) plays a unique role in the IT security industry. Other surveys do a great job of collecting statistics on cyberattacks and data breaches and exploring the techniques of cybercriminals and other bad actors. Our mission is to provide deep insight into the minds of IT security professionals.

This annual report sheds light on the cybersecurity threats facing the financial sector. The report provides cyber ground truth, specifically manifesting an eye-opening perspective on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector. In this year’s report, financial sector security leaders from around the world revealed during a series of interviews the type of attacks they’re currently seeing, what threats they’re most concerned about and how they’re adjusting their security strategy.

The RiskLens Cybersecurity Risk Report is designed to provide references estimate for the probability, loss, and loss exposure of common cyber events. It summarizes the findings by industry and event themes, and details how actionable variables, such as security stance and data retention management, can reduce risk exposure.

The National Cyber Threat Assessment 2023-2024 will help Canadians understand current cyber security trends, and how they are likely to evolve. The NCTA is especially helpful for Canadian decision-makers as the focus is on cyber threats most relevant to Canada.

Constella’s 2022 Breach Report offers key insights into these cyber threats and the staggering impact of malign activities fueled by breach data circulating on the deep and dark web. The following key findings represent the most significant and relevant trends for individuals, businesses, brands, and public organizations. This report also includes an extended analysis examining the ongoing conflict in Ukraine.

This report, co-authored by our security operations center (SOC) leadership team, aggregates data from the incidents we investigated in 2022. It covers our full customer base, from small and midsize companies to enterprise organizations at every phase of the security journey across every industry we serve.

2023 will most likely be just challenging as the previous few years, but I’m confident that the cybersecurity market has the right tools to deal with the constantly shifting cybercrime landscape and new/consolidated threats, whether we’re talking about supply chain attacks, ransomware, deepfakes or cyber espionage.

The purpose of this report is to share our view on how the threat landscape has evolved over the last twelve months, with a clear focus on our first-hand observations of threat actor tooling and behaviors. This report reviews changes in the ransomware landscape, and in the behavior of threat actors enabling ransomware groups with malware like loaders and stealers. It surveys significant activity by major government-sponsored threat groups. And it examines how threat actors move swiftly to exploit new vulnerabilities, and how they combine sophisticated with more basic techniques to evade detection by defenders once inside the network. The report concludes by examining how Taegis forms the backbone of this visibility.

This report summarizes the ever-changing TTPs leveraged to achieve Initial Access from security incidents thwarted by eSentire’s 24/7 SOC Analysts over a two-year period between April 2020 to April 2022. Experts from out TRU team have summarized an analysis of Initial Access trends and presented recommendations on how your organization can precent attackers from establishing initial footholds and deploying malware.

Intel 471 reported 34 ransomware variants were used to conduct 722 attacks from October 2021 to December 2021, an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

Intel 471 reported 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022, a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The daily average of reported LockBit breaches was two - the same trend we observed from the ransomware group in the third and fourth quarters of 2021 and the first and second quarters of 2022.

Intel 471 can help your organization defend against a wide variety of cyber threats by providing deep insights and comprehensive expertise into cybercriminal actors and related activity. This report provides a brief exploration of our unique insight into the cyber underground, highlighting how we can proactively help you stay ahead of the curve, enabling you to fight cybercrime and win.

This report provides a strategic-level overview of threats identified impacting the U.K. and U.K. based businesses, including ransomware and initial access brokers (IABs). as well as common threat actors tactics, techniques and procedures (TTPs) observed.

Our research and collection methods largely are driven by our GIRs, however, we continue to acknowledge that new trends in our reporting, recurring requests for information (FRIs) and other significant activity from or against underground threat actors and/or services are equally important to our research into trending topics.

This report includes insights on internet security, cyber risk, and security trends that organizations have face over the last year and what they need to prepare for in 2023. We’re sharing the critical information and our insights to help decision-makers in the information security community and insurtech sectors better understand the cyber risk landscape. Coalition’s data set includes internet scans of 5.2 billion IP addresses-an impressive number that comprises the entire IPv4 address space and relevant IPv6 addresses.

The cyber events of the past year included unprecedented supply chain attacks, assaults on critical infrastructure, and widespread vulnerabilities likely to haunt organizations for years. These events, among many others, are detailed in Blackberry 2022 Threat Report. However, reading the entire report can prove challenging for security professionals with little time to spare.