Our sixth annual retrospective, this report is based on in-depth analysis of nearly 60,000 threats detected across our more than 1,000 customers’ endpoints, networks, cloud infrastructure, identities, and SaaS applications over the past year. This report provides you with a comprehensive view of this threat landscape, including new twists on existing adversary techniques, and the trends that our team has observed as adversaries continue to organize, commoditize, and ratchet up their cybercrime operations.

The 2024 Cybersecurity Risk Report from the FAIR Institute shows broadly positive trends compared to last year’s survey. At the FAIR Institute, they believe that effective cyber risk management can only be achieved through transparent and defensible risk analysis using a standard such as FAIR and quality cyber risk data.

The goal of this report is to help security professionals remain at the forefront of securing organizations, as its content is based on real-world techniques employed by attackers to target cloud-based environments. As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number – a collective effort to safeguard both large enterprises and small businesses alike is key.

This report sets itself apart with our proprietary data and insights derived from comprehensive detection coverage coupled with human-led expert investigation and confirmation of threats. The data that powers Deepwatch results from thousands of expert investigations across hundreds of thousands of protected systems. This report examines the broader landscape of threats that leverage techniques and other tradecraft. We also track specific threats associating malicious or suspicious activity with a new or existing threat activity cluster, specific malware variants, abuse of legitimate tools, and known threat actors. ATI continually tracks and analyzes threats throughout the year, publishing weekly threat intelligence reports.

In this year’s Annual Cyber Threat Monitor Report, we take a look back at the key events that shaped the cyber threat landscape in 2023, as well as looking ahead at the year to come, sharing insights from our Cyber Threat Intelligence team here at NCC Group. 2023 showed signs that the international community is beginning to take the threats from cyber adversaries more seriously. We saw several examples of coordinated law enforcement action against criminal groups, including key ransomware operators and individuals believed to be acting on behalf of foreign intelligence services.

Today’s cyber landscape is threatened by a multitude of malicious actors who have the tools to conduct large-scale fraud schemes, hold our money and data for ransom, and endanger our national security. Profit-driven cybercriminals and nation-state adversaries alike have the capability to paralyze entire school systems, police departments, healthcare facilities, and individual private sector entities. The FBI continues to combat this evolving cyber threat. Our strategy focuses on building strong partnerships with the private sector; removing threats from US networks; pulling back the cloak of anonymity many of these actors hide behind; and hitting cybercriminals where it hurts: their wallets, including their virtual wallets.

The 2023 Arctic Wolf State of Cybersecurity Trends Report took the temperature of organizations around the globe and sought to understand not only their current and future concerns, but how they were responding to the problems that had plagued them in previous years. Our research shows that, despite the enduring nature of many of these challenges, organizations are making measurable strides in areas where progress has proven limited in previous years.

In year 2023, FortiGuard Labs blocked 2.4 trillion vulnerability attempts and 3 billion malware deliveries to protect its customers from cyber threats. FortiGuard Labs escalated the significant threats through the Outbreak Alert system to raise awareness. These outbreaks highlighted the various targeted and 0-day attacks, weaponized vulnerabilities, malware/ ransomware campaigns, and OT/IoT threats launched last year.

Cryptocurrency usage is growing faster than ever before. Across all cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from 2020’s totals. Given that roaring adoption, it’s no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase in illicit transaction volume was just 79% — nearly an order of magnitude lower than overall adoption — might be the biggest surprise of all.

The events of this year have made clear that although blockchains are inherently transparent, the industry has room for improvement in this respect. There are opportunities to connect off-chain data on liabilities with on-chain data to provide better visibility, and transparency of DeFi, where all transactions are on-chain, is a standard that all crypto services should strive to achieve. As more and more value is transferred to the blockchain, all potential risks will become transparent, and we will have more complete visibility.

2023 was a year of recovery for cryptocurrency, as the industry rebounded from the scandals, blowups, and price declines of 2022. With crypto assets rebounding and market activity growing over the course of 2023, many believe that crypto winter is ending, and a new growth phase may soon be upon us. As always, we have to caveat by saying that these figures are lower bound estimates based on inflows to the illicit addresses we’ve identified today.

This report was compiled by analyzing data captured from billions of cloud assets on AWS, Azure, Google Cloud, Oracle Cloud, and Alibaba Cloud scanned by the Orca Cloud Security Platform. Leveraging unique insights into current and emerging cloud risks captured from the Orca Cloud Security Platform, this report reveals the most commonly found, yet dangerous, cloud security risks.

Built on passion and expertise, Altitude Cyber delivers strategic advisory services specifically tailored for founders, investors, startups, and their boards. Our unique approach fuses strategic insight with financial acumen to help your company soar to new heights.

In this report, we explore the big names in ransomware, the most frequently targeted sectors, trends in data exfiltration, and which malware and tools are leveraged by ransomware operators. This data creates insights into how organizations can better protect their environments from cyberattacks. The 2023 threat landscape was characterized by a combination of mainstay threat actors and new or reemerging groups. While top variants continue evolving to maintain dominance, the widespread impact of newer groups demonstrates the constant evolution of today’s threats and the need for adaptable defenses and increased cyber resilience.

Dragos started the Year in Review to highlight significant trends in the OT cybersecurity community. This year’s report aims to go further by offering practitioners and leaders the most up-to-date data, along with perspectives from the field, to help them better defend critical infrastructure around the world. These perspectives are focused on providing actionable insights that have been tried and tested to help organizations effectively defend against and respond to industrial cyber threats.

The biggest shift the IBM X-Force team observed in 2023 was a pronounced surge in cyberthreats targeting identities. Attackers have a historical inclination to choose the path of least resistance in pursuit of their objectives. In this era, the focus has shifted towards logging in rather than hacking in, highlighting the relative ease of acquiring credentials compared to exploiting vulnerabilities or executing phishing campaigns. Lack of identity protections was corroborated by IBM X-Force penetration testing data for 2023, which ranked identification and authentication failures as the second most common finding.

With this report, we want to promote open sharing on cyber threats and incidents and give the industry a public and relevant cyber threat picture anchored on a solid, well-documented basis. The report and knowledge base are the product of a collaborative community effort with our members and the Nordic TIBER Cyber Teams (TCTs) at the centre, with contributions from Nordic government entities.

This report focuses primarily on hundreds of digital forensics and incident response (DFIR) engagements conducted by the Arctic Wolf Incident Response team. The vast majority of these engagements were initiated as part of cyber insurance policies, through our partnerships with insurance providers and privacy law practitioners.

This iteration of the Google Cloud Threat Horizons Report provides a forward-thinking view of cloud security with intelligence on emerging threats and actionable recommendations from Google’s security experts. This report explores top cloud threats and security concerns for 2024, including credential abuse, crypto-mining, ransomware, and data theft.

Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by only a few groups and those widely exploited by several. Each category necessitates different defense strategies. Groups targeting specific vulnerabilities tend to follow particular patterns, enabling companies to prioritize defenses and audits. To defend against unique exploitation, understanding the likely targets and vulnerability types is crucial. Looking ahead to 2024, advancements in generative AI may lower the technical barrier for cybercriminals, facilitating the exploitation of more zero-day vulnerabilities.

The 2024 edition of the CrowdStrike Global Threat Report arrives at a pivotal moment for our global community of protectors. The speed and ferocity of cyberattacks continue to accelerate as adversaries compress the time between initial entry, lateral movement and breach. At the same time, the rise of generative AI has the potential to lower the barrier of entry for low-skilled adversaries, making it easier to launch attacks that are more sophisticated and state of the art. These trends are driving a tectonic shift in the security landscape and the world.