To reflect the shift from malware to threats we have evolved our State of Malware report once again. We asked our experts what resource constrained IT teams should pay attention to in the year ahead. They have chosen six threats that illustrate some of the most serious cybercrime tactics we’ve seen on Windows, Mac, and Android. It is not an exhaustive list, but if you are equipped to handle these then you are well placed to deal with anything the cybercrime ecosystem can throw at you.

This year’s report introduces results from the Attack Path Validation (APV) and Detection Rule Validation (DRV) products on the Picus platform, offering deeper observations into organizational preparedness against automated penetration tests and the effectiveness of detection rules in SIEM systems. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

The 2024 edition of the Blue Report provides key findings and practical recommendations for cybersecurity professionals by evaluating the effectiveness of current detection and prevention practices. The Blue Report 2024 serves as a crucial resource for cybersecurity professionals and decision-makers. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

This research report provides a comprehensive analysis of ransomware incidents and binaries recorded and gathered globally, offering insights into trends, attacker profiles, ransomware families, and the implications for cybersecurity defenses. Ransomware knows no borders and neither do the groups unleashing it. Rather than picturing these groups as a collection of individuals in hoodies, we must extend our collective imagination to fathom the international business model that delivers the end product — ransomware — to our doorsteps.

The 2024 Ransomware Risk Report reveals concerning statistics for business, IT, and security leaders. This report reveals that 74% of victims were attacked not once, but multiple times. Certain countries and industries were more likely to experience subsequent attacks. But overall, more than half the companies we surveyed were successfully breached two or more times — sometimes within the same day.

In this report, the IT-ISAC tracked 18 new ransomware groups in 2023, reflecting that financial gain continues to be one of the top motivating factors behind cyberattacks. As long as the chances of making money is high and the risk of getting caught is low, ransomware will continue. Despite government and law enforcement efforts to take down malicious infrastructure, new ransomware strains continue to emerge.

This annual report is the result of the CRU’s research and analysis of nearly half a million alerts reviewed by the ConnectWise team, which is filtered into key takeaways and action items that affect MSPs the most. The information in this report is built to help MSPs protect their SMB customers. Our goal is to help you understand and prepare for the threats you and your customers are likely to face so you can focus your time, energy, and money on defenses that will impact your customers.

In this report, cybercriminal landscape remained diverse, comprising both lone actors and criminal networks offering a wide range of expertise and capabilities. Some cybercriminals targeting the EU were based within the EU, while others preferred to operate from abroad, concealing their illicit operations and funds in third countries. The use of deepfakes is another area of concern as this is a powerful addition to the cybercriminal toolbox.

This report nearly coincided with one of the most disruptive cyber attacks in the history of healthcare. The massive payment disruptions for U.S. healthcare providers resulting from the February 2024 BlackCat ransomware attack on Change Healthcare was an extreme yet highly illustrative example of the third-party risks stemming from high interdependence among healthcare organizations. This paper aims to help healthcare organizations and their partners reduce such risks.

This report comes at a time when top organizational risks, such as supply chain, cybersecurity, and third-party risks cut across large parts of all organizations. Stopping supply chain attacks requires understanding their causes and the variables that contribute to them. SecurityScorecard threat researchers assist in that effort by helping organizations gauge their overall risk levels and set priorities for vendor vetting.

In this report, he have to caveat by saying that these figures are lower bound estimates based on inflows to the illicit addresses we’ve identified today. One year from now, these totals will almost certainly be higher, as we identify more illicit addresses and incorporate their historic activity into our estimates. 2023 was a year of recovery for cryptocurrency, as the industry rebounded from the scandals, blowups, and price declines of 2022.

Howden’s fourth annual report on the cyber insurance market. The themes for this year’s edition are risk, resilience and relevance.This report reveals that more than half of premium growth is likely to emanate from non-U.S. territories. In the major European economies of Germany, France, Italy and Spain alone, the premium uplift potential in just replicating penetration levels recorded in more mature markets can be measured in the (high) hundreds of millions of euros.

SecurityScorecard researchers identified not only a pool of 150 top vendors – based on their detectable market share of products and customers – but also a subset of 15 “heavy hitters” with an even higher market share concentration. In today’s interconnected world, concentrated cyber risk threatens national security and global economies. Much like a precarious house perched on a cliff’s edge, the reliance on a handful of vendors shapes the foundation of our global economy.

The results of the surveys affect our product strategy and go-to-market methods, and hopefully help organizations engage in deeper conversations with colleagues and teams as they continually consider modernizations to their data protection and cyber-resiliency strategies. This year’s report surveyed 1,200 respondents — comprised of CISOs (or executives with similar responsibility), security professionals, and backup administrators — whose organizations suffered at least one ransomware attack in 2023 to assess different perspectives in the united fight against ransomware.

The report is based on the findings of an independent, vendor-agnostic survey commissioned by Sophos of 5,000 IT/cybersecurity leaders across 14 countries in the Americas, EMEA, and Asia Pacific. The research reveals that investing in cyber defenses to optimize your insurance position is a double win: organizations report both easier and cheaper access to coverage as well as wider benefits such as improved protection, fewer alerts, and freeing up IT time. This finding further emphasizes the importance of considering cyber risk investments holistically, rather than as individual components.

The fifth Sophos annual study of the real-world ransomware experiences of manufacturing and production organizations around the globe explores the full victim journey, from root cause to severity of attack, financial impact, and recovery time. Fresh new insights combined with learnings from our previous studies reveal the realities facing businesses today and how the impact of ransomware has evolved over the last five years.

Based on that data and Sophos threat research, we see that ransomware continues to have the greatest impact on smaller organizations. But other threats also pose an existential threat to small businesses. Data theft is the focus of most malware targeting small and medium businesses—password stealers, keyboard loggers, and other spyware made up nearly half of malware detections. Email attacks have begun to move away from simple social engineering toward more active engagement with targets over email, using a thread of emails and responses to make their lures more convincing.

We chose to analyze four recent ransomware attacks. These ransomware attacks resulted in significant business disruption and financial impact, and in some cases, continue to result in collateral damage. While details are often sparse on how the attacks happened, the nature of the attack can be examined to determine the degree to which basic ransomware controls impact organizational outcomes. Many ransomware attacks are not technically sophisticated, but instead take advantage of controllable gaps and lapses that organizations do not actively seek to identify and remediate.

This Index provides a comprehensive view of what organizations need to be ready to tackle the security challenges of the modern world, and more importantly where companies across the globe are lacking. It provides a detailed point of reference and serves as a guide on what organizations need to do to improve their cybersecurity resilience.

That is the purpose of this report is to show you the hours saved, the data aggregated, and the research methodologies laid bare. you’ll find several sections covering some of the bigger mass exploitations of 2022, also known as celebrity vulnerabilities.

This report presents multiple segments detailing various key aspects of major mass exploitations of 2023. We encourage you to view the year through the perspective of a defender, say on a security operations (SOC) team, with limitless access to GreyNoise data. From this vantage point, see how 2023 might have appeared if you had utilized our datasets* to remain at the forefront of thwarting widespread internet exploits.