The scourge of ransomware has resulted in an entire ecosystem necessary to combat its spread and prevent organizations from becoming victims of an increasingly motivated set of criminals. Our research, which gleaned insights from close to 400 survey responses in July of 2022, provides key data points that infer strong correlation between organizations with board involvement in ransomware preparedness and positive outcomes related to it.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats to help organizations protect their systems. During May and June, CTU researchers identified the following noteworthy issues and changes in the global threat landscape: government-sponsored threat groups use ransomeware to, don’t leave the door to your data unlocked, and business email compromise (BEC) is as big a problem as ransomeware.

The EY Global Information Security Survey 2021 (GISS)finds Chief information Security Officers (CISOs) and security leaders battling against a new wave of threats unleashed by COVID-19. Our report illustrates the devastating and disproportionate impact that the crisis has had on a function that is striving too position itself as an enabler of growth and a strategic partner to the business. It also outlines what cybersecurity leaders need to know now about their current operating environment and what they need to do to transform it.

The year’s Global Economic Crime and Fraud Survey enquired about organizations’ attitudes towards fraud and financial and economic crime in the current environment and drew responses from 1,296 respondents in 53 countries and regions. This survey, our first snapshot of 2022, homed in on fraud trends and conduct risk.

In this report we take a closer look at how cyber warfare has intensified to become an essential part of the preparation for, and conduct of, actual military conflict. Furthermore, we uncover what the fallout of this will be for governments and enterprises all over the world, even those that are not directly involved in the conflict.

The report surfaces the most significant data we’re seeing in our threat detection and response effort, curates that data into trends that can impact your cybersecurity posture, and offers resilience recommendations to protect your organization.

In our H1 2022 FortiGuard Labs Threat Landscape Report, we examine the cyber threat landscape during the year’s first half to identify trends and offer recommendations about what CISOs and security teams should pay close attention to in the months ahead. The report’s findings are based on data collected through our global array of sensors monitored by the FortiGuard Labs team.

First, the bad - adversaries continued to innovate and alter strategies aimed at taking down DDoS protections with direct-path DDoS attacks and high-powered server-class botnets. Meanwhile, a little good news came in the way of a decrease in some reflection/amplification vectors, floating overall DDoS attack number down. Despite this decrease, the bad news tells us we must remain vigilant to combat ever-changing attacker methodologies and tactics.

This report aims to bring new insights into the reality of ransomware incidents through mapping and studying ransomware incidents from May 2021 to June 2022. The findings are grim. Ransomware has adapted and evolved, becoming more efficient and causing more devastating attacks. Businesses should be ready not only for the possibility of their assets being targeted by ransomware but also to have their most private information stolen and possibly leaked or sold on the Internet to the highest bidder.

This report will look at how ransomware caused gas shortages on the east coast, why a Justin Bieber tour might have put on the phone with a malware distributor, and what an increase in SMS phishing means for mobile security. We’ll also explore the evolving relationship between malware distributors and one of the world’s most successful ransomware gangs, and how legitimate cloud services now provide the infrastructure for a majority of malicious activity.

In this, our eighth annual State of the Phish report, we explore user vulnerabilities from multiple angles. We look at issues driven by poor cyber hygiene and those that could result from a lack of knowledge and clear communication. We discuss ways organizations can become more attuned to their risks. And we outline opportunities to build and sustain engaging security awareness training initiatives in the challenging climate.

The IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns we observed and analyzed from our data - drawing from billions of datapoints ranging from network and endpoint detection devices, incident response (IR) engagements, domain name tracking and more. This report represents the culmination of that research based on data collected from January to December 2021.

Get the latest Cortex Xpanse “Attack Surface Threat Report” to understand the risks, and learn how automation can help security teams stop chasing a moving post and reduce risks. The Cortex Xpanse research team studied the global attack surface by monitoring scans of 50 million IP addresses associated with 100+ global enterprises and discovered that the attack surfaces of all industries continue to grow. As security teams struggle to keep up, the constant stream of new issues becomes an ever-expanding backlog of exposure - misconfigured RDP, exposed admin portals, insecure Apache Web servers or Microsoft Exchange servers, and more.

The 2022 Unit 42 Incident Response Report sheds light on the risks and threats that organizations are facing. It provides insights into threat actors and their methods that can then be used to help organizations identify potential gaps in their defenses and areas to focus on to improve their cybersecurity stance going forward.

In the first half of 2022 SonicWall Capture Labs threat researchers recorded 2.8 billion malware hits globally, an 11% increase year to date over 2021. The amounts to an average of 8.240 malware attempts per customer. Based on data collected, the true culprits behind the rise in malware have been crypto-jacking and loT malware, which have risen 30% and 77% respectively, year to date.

However, 2021 is most likely to be remembered as the year that ransomeware epidemic isn’t over, and it may not even have peaked, but the threat it poses to businesses, supply-chains and critical infrastructure is no longer in doubt, and the forces arrayed against it have never been so formidable.

Evolving security threats, exponential data growth, increased complexity, and a continuing cybersecurity shill shortage has given rise to a new category of security solutions called Extended Detection and Response (XDR). Red Piranha and Cybersecurity Insiders conducted a comprehensive survey to reveal the latest XDR trends and challenges in managing XDR, what XDR might replace, and how organizations select security technologies and providers.

The 2022 Insider Risk Report is driven by real data observed as part of actual investigations of real customers with whom DTEX detected and responded to potential insider risk incidents before a breach occurred.

In this white-paper, we address both high-level concepts: With respect to ransomware, what are the current adversary trends, and then what can organizations do to defend themselves (or better defend themselves)? The basic concept of ransomeware remains the same: Encrypt data and demand money for decryption.

Amid our worldwide bedlam, this report is aimed at informing for the purposes of preparation. Whether you find yourself in the midst of government affairs, technology management, or business operations, the state of rising factors impacts nearly every country, either directly or indirectly, and provides a ripe setting for cyberattacks to thrive. Based upon research conducted and shared amongst our various practices in DevSecOps, Offensive Security, Governance-Risk-Compliance, Threat Intelligence, and Research, we have completed our overall analysis to focus on the following evolving threats as we navigate through 2022.

This report investigates the trends, pioneered by the Maze ransomware group, of double extortion. In particular, we examine the contents of initial data disclosures intended to coerce victims to pay ransoms. Rapid7 analysts investigated 161 separate data disclosures between April 2020 and February 2022 and identified a number of trends in the data.