This paper takes a look at one of the largest cyber-security attacks in history, that took place using Wannacry in May of 2017.

Recent ransomware attacks like Wanna and Petya have spread largely unchecked through corporate networks in recent months, extorting money to restore your data and regain control of your computers. Modern firewalls are purpose-built to defend against these kinds of attacks, but they need to be given an opportunity to do their job. In this whitepaper we’ll discuss how these attacks work, how they can be stopped, and best practices for configuring your firewall and network to give you the best protection possible.

This paper provides a complete roundup of cyber incidents in 2014.

In this issue, Mandiant presents their popular annual breach statistics, discuss three new trends that they have noticed, explore more in depth “Trends Turned Constants”, and include two additional articles to help support their interpretation of the numbers they present. The articles address the [re]Rise of Red Teaming operations, and how their FireEye as a Service (FaaS) service line is keeping companies safer and reducing the standard number of days compromised.

Between the beginning of 2017 and close of its first quarter, PhishMe IntelligenceTM completed analysis of 749 sets of phishing emails delivering nearly ten thousand unique malware samples supported by over fourteen thousand online resources. These indicators of compromise, as well as a full assessment of the phishing email tactics and malware capabilities, were profiled in in reports and Strategic Analysis documents designed to highlight techniques being used across the threat landscape. Several trends defined the phishing threat landscape in the first quarter of 2017.

Article discussing how ransomware is becoming even more dangerous.

There are a number of young people in the UK that are are becoming involved in cyber dependent crime. This report aims to Collate, and analyze offender briefs to identify motivations and pathways into cyber crime, as well as review academic studies in this area, to identify key intervention points that should be targeted and identify gaps in understanding and propose recommendations.

An Infographic created to explain what Ransomware is.

This report asserts that, “Many organizations still follow an outdated approach to cyber security, relying solely on a defensive perimeter to protect their infrastructure.” The report recommends a more robust, iterative approach, which can be broken down into four phases, Predict, Prevent, Detect, and Respond.

From the report, “This quarter, we’re taking a deeper look into the attacks directed against the hospitality industry - including hotel, travel, and airline sites - in an effort to understand why five out of six logins at these sites use fake or stolen credentials. We were surprised to find that many of these login attempts were coming from Russia and China, a departure from the general attack trends.”

If the North American underground had an alter ego, it would be the French underground. A deep dive into the North American underground1 revealed that it is a “glass tank,” open to not only the tech-savviest of hackers, but also visible to both cybercriminals and law enforcement. The French underground, meanwhile, is not only well-hidden in the Dark Web, its players also operate with extreme caution. Read this paper to find out more.

This report takes a look at some of the damages that occurred in the Healthcare Industry, and examines what positive steps can be made in 2018 to make a safer cybersecurity experience for the industry.

This Threat Report takes a look at some of the events of mid 2017. Specifically, it looks at the global WannaCry and Petya Threats, attacks that bypass filtering, a Chinese threat group, and threat actors stealing intellectual property from Japan.

This Quarterly report offers key takeaways from the fourth Quarter of 2016. Those takeaways come from Email, Exploit Kits, Web-Based Attacks, and Social Media and Domain Research.

This roundup reviews the pertinent security stories of 2016 and aims to help enterprises determine what to expect in the months ahead and what security strategies they can adopt to stay protected.

The ever-changing cyber threat environment is forcing IT decision-makers (ITDMs) to re- evaluate their security strategies. How well equipped are SMBs to protect their data? How are they adapting their approaches to keep pace with a barrage of new cyber threats? To find out, Webroot commissioned a study of ITDMs in the US, UK, and Australia to evaluate the current security concerns and strategies of SMBs around the world. This report discusses the results of that survey.

Through analysis of public breach data, a useful picture of the threat landscape can be observed. Analyzing trends, it may be possible to predict the general scale of expected breaches in the near future and frame those impacts in a meaningful way for individuals. This will hopefully serve to highlight the importance of good security practices and bring attention to the “personal supply chain” problem – that the companies where individuals maintain accounts and trust with personal information are part of the attack surface they create for themselves and the risk of such behavior needs to be weighed against the benefits gained.

This survey report discusses the point that no company is completely safe from a catastrophic cyberattack. It tries to help ask the questions, “How concerned is your company?” and “What are you doing to prepare?”

As always, this report is comprised of real-world data breaches and security incidents—either investigated by us or provided by one of our outstanding data contributors.

This report seeks to prove that the world emerging in 2017 will challenge cybersecurity professionals like never before.

This paper presents the results of a survey conducted in Australia to understand how prepared companies were for cyber breach situations, and compliance.