Tenable’s Security Response Team (SRT) continuously monitors the threat landscape throughout the year, putting us at the forefront of trending vulnerabilities and security threats. From this vantage point, we complied and categorized our data from this annual report. In a year marked by tense geopolitics, hacktivism, ransomware and attacks targeting critical infrastructure - all alongside a turbulent macroeconomic environment - organizations struggled to keep pace with the demands on their cybersecurity teams and resources.

Rapid7’s Vulnerability Intelligence Report examines notable vulnerabilities and high-impact attacks from 2022 in order to highlight exploitation trends, explore attackers use cases, and offer a framework for understanding new security threats as they arise. Our aim is the contextualize the vulnerabilities that introduce serious risk to a wide range of organizations. The report examines 50 vulnerabilities that pose considerable risk to organizations of all sizes. In total, this report includes 45 vulnerabilities that were exploited in the wild 2022, of which 44% arose from zero-day exploits.

In this report, we analyze data from Dark Reading’s survey that shows how security teams are struggling to keep up with the transformational changes to their business model and infrastructure. Many are partnering with security service providers, but they often struggle to get the most value from these partnerships. We show how organizations can optimize - and get the most out of - the relationships with their security solution provider partners.

The 2023 SonicWall Cyber Threat Report provides critical insights and actionable intelligence needed to safeguard your organization from new and emerging cyber threats. The bi-annual report includes key threat intelligence, trend analysis and changes in cybercriminal tactics - al in one in-depth resource.

This research paper is a joint effort between Trend Micro and Waratah Analytics, a data-modeling, risk-analysis, and exposure management services provider. It analyzes the modern ransomware ecosystem using data-science approaches and leverages information collected from network-based and host-based telemetry, underground forums, bitcoin and financial transactions, and chat logs - together with a deep analysis of criminal business processes - to find trends, new developments, and choke points in the ransomware ecosystem.

The goal of this report is to share our knowledge about the most commonly used attack techniques and their use cases, so that security teams can adopt a more threat- centric approach and prioritize threat prevention, detection, and response efforts.

As 2021 progressed through its second quarter and into the third, cyber criminals introduced new - and updated - threats and tactics in campaigns targeting prominent sectors. Ransomware campaigns maintained their prevalence while evolving their business models to extract valuable data and millions in ransoms from enterprises big and small. REvil/Sodinokibi topped our list of ransomware detection in Q2 of 2021.

As we look ahead in this new year, we must acknowledge a threatscape that left us all exhausted from a particularly challenging end to 2021. In our new company’s first threat report, we acknowledge the issue that dominated not only headlines, but the focus of defenders and enterprise security teams. We also look back at the third and fourth quarters of 2021, but let’s first detail our weather of resources available to help you combat Log4j.

In this report, we share our industry-leading lineup of which threat actors, families, campaigns, and favorite techniques were prevalent during the last quarter. But there’s more. We’ve also expanded our sources to glean data from ransomware leak sites, and security industry reports. And as Trellix resources grow, so do the categories of threat research including new content covering Network Security, Cloud Incidents, Endpoint Incidents, and Security Operations.

The first quarter of 2022 in cybersecurity was more about evolution than revolution. The techniques and prevalence of ransomware attacks advanced while Russian cyberattacks continues a slow-building evolution fed by the continuing conflict in Ukraine. Our latest Trellix Threat Report includes our findings from Q1 2022 and other vital research included the evolution of Russian cybercrime, ransomware in the United States, and email security trends. We also share our team’s recent research into vulnerabilities found in building access control systems, and risks unquie to connected healthcare.

In the third quarter of 2022, Trellix delivered a new, powerful resource to support the future of extended detection and response (XDR) and cybersecurity. The first Threat Report presented by the Trellix Advanced Research Center, showcases the rapid research and real-time intelligence resources with notable data and findings from Q3 2022 including: Increased threats to Transportations and Shipping sectors, Increased threats to Germany and The proliferation of old CVEs from 2016, 2017, 2018 - as the most commonly exploited in 2022.

The IBM Security X-Force Threat Intelligence Index 2023 tracks new and existing trends and attack patterns and includes billions of datapoints ranging from network and endpoint devices, incident response (IR) engagements, vulnerability and exploit databases and more. This report is a comprehensive collection of our research data from January to December 2022.

This annual report sheds light on the cybersecurity threats facing the financial sector. The report provides cyber ground truth, specifically manifesting an eye-opening perspective on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector. In this year’s report, financial sector security leaders from around the world revealed during a series of interviews the type of attacks they’re currently seeing, what threats they’re most concerned about and how they’re adjusting their security strategy.

The RiskLens Cybersecurity Risk Report is designed to provide references estimate for the probability, loss, and loss exposure of common cyber events. It summarizes the findings by industry and event themes, and details how actionable variables, such as security stance and data retention management, can reduce risk exposure.

The National Cyber Threat Assessment 2023-2024 will help Canadians understand current cyber security trends, and how they are likely to evolve. The NCTA is especially helpful for Canadian decision-makers as the focus is on cyber threats most relevant to Canada.

This report, co-authored by our security operations center (SOC) leadership team, aggregates data from the incidents we investigated in 2022. It covers our full customer base, from small and midsize companies to enterprise organizations at every phase of the security journey across every industry we serve.

The purpose of this report is to share our view on how the threat landscape has evolved over the last twelve months, with a clear focus on our first-hand observations of threat actor tooling and behaviors. This report reviews changes in the ransomware landscape, and in the behavior of threat actors enabling ransomware groups with malware like loaders and stealers. It surveys significant activity by major government-sponsored threat groups. And it examines how threat actors move swiftly to exploit new vulnerabilities, and how they combine sophisticated with more basic techniques to evade detection by defenders once inside the network. The report concludes by examining how Taegis forms the backbone of this visibility.

This report summarizes the ever-changing TTPs leveraged to achieve Initial Access from security incidents thwarted by eSentire’s 24/7 SOC Analysts over a two-year period between April 2020 to April 2022. Experts from out TRU team have summarized an analysis of Initial Access trends and presented recommendations on how your organization can precent attackers from establishing initial footholds and deploying malware.

This first-of-its-kind report offers insight into how organizations are navigating the global cyber security threat landscape. Findings are drawn from extensive interviews with 1,350 business and IT leaders who make security decisions for organizations with at least 1,000 employees. Respondents were based in 13 countries across three regions and in 18 sectors - including financial services, healthcare and government.

Intel 471 reported 34 ransomware variants were used to conduct 722 attacks from October 2021 to December 2021, an increase of 110 and 129 attacks from the third and second quarters of 2021, respectively.

Intel 471 reported 27 ransomware variants were used to conduct 455 attacks from July 2022 to September 2022, a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022. The daily average of reported LockBit breaches was two - the same trend we observed from the ransomware group in the third and fourth quarters of 2021 and the first and second quarters of 2022.