This is Akamai’s State of The Internet Security report from the third quarter of 2017

Overpowering today’s attackers and responding to threats requires EDR plus NGAV. The bad guys treat all of an organization’s machines as possible entry points. EDR plus NGAV takes this concept and uses it to the defender’s advantage by using all of a company’s endpoints for protection.

This year’s CrowdStrike Intelligence Global Threat Report contains a wealth of intelligence regarding adversary behavior, capabilities, and intentions. More importantly, it ties it back to the events that influenced those activities. By understanding the events that shape the beliefs and motivations of threat actors—regardless if they are criminal, nation-state, or hacktivist—it is possible to comprehend what drove the adversaries to behave as they did, and perhaps to understand what this will mean for the future.

This report reviews the cyber security threats that occurred in the first half of 2017.

Some statistics that jump out from this report, 76% of respondents see ransomware as significant business threat, 52% rate their organizations at above average or superior when it comes to detecting or blocking ransomware before it locks or encrypts data in their systems, 57% say they are more likely to be a ransomware target in 2017.

This report takes a look at 5 key trends that are shaping IT security practices, with findings that provide insight into customer challenges, threat actor behavior, and the global threat landscape.

Subtitled, “Threat Intelligence, Industry Analysis, and Cybersecurity Guidance, for the Global Cyber Arms Race,” this report seeks to fully disclose the research done by the authors, in order to aid all of those involved in the cybersecurity realm.

In this report, they describe FIN10’s activities and tactics, techniques and procedures (TTPs), and provide a glimpse into how they execute their operations.

Druva conducted its annual ransomware survey to better understand what impact ransomware has had on organizations, how they have responded to breaches, and what their outlook is regarding the future of these types of malware attacks.

Aaron Higbee, Co-founder and CTO, PhishMe, (now CoFense) discusses the future of phishing defence and asks which side of the fence the future of defence against phishing attacks lies: human or machine?

This survey was created to act as a barometer to measure the involvement of public company directors in cyber-risk management.

“Enterprises rely on custom applications to perform business-critical functions. Any downtime could halt operations. Our survey found that while enterprises have confidence in the security of IaaS providers’ underlying infrastructure compared with their own datacenters, data in custom applications is exposed to a wide range of threats independent of the platform. That includes accounts compromised by third parties—via phishing or another method. There are a growing number of examples such as Code Spaces where attackers have held data ransom and in some cases permanently deleted enterprise data in these applications. This report summarizes the scale of custom applications deployed today, where they are deployed, how they are secured, and who is responsible for securing them.”

This report provides detailed information about Iranian Threat, Extended Supply Chain Threats, Critical Infrastructure, Advanced Persistent Threats, Miner Malware, and Ransomware.

This is a report based on a collaborative survey. Taken as a whole, there continues to be low hanging vulnerabilities which are not addressed in the middle market space. This survey is meant to highlight some of these vulnerabilities and provide risk professionals with a tool to help mitigate both privacy and security risk.

In this whitepaper, they explore the growing threat of ransomware and what you can do to keep your organization secure.

This report offers the case studies used for the official report of the same name.

This paper seeks to provide guidance in understanding the best ways to train employees so that the don’t forget important information.

This newly released SANS survey suggests the need to broaden the definition of endpoint to include the user. The two most common forms of attacks reported are browser-based attacks and social engineering, both of which are directed at users, not technology. Download this survey report to learn other key issues surrounding endpoint protection.

While a data loss incident can be a disaster for an organization’s reputation, there is now a new imperative around inbound information as well. Unwanted data acquisition can create problems just as much as data leaving the organization. There are a couple of scenarios which should be considered. Read this paper to know more.

This is a Quarterly Report that looks at Cyber security issues in New Zealand and around the world.

This Quarterly report offers key takeaways from the first Quarter of 2016. Those takeaways come from Email, Exploit Kits, Web-Based Attacks, and Social Media and Domain Research.