The study, conducted by Opinion Matters on behalf of Tenable, surveyed 1,500 professionals representing roles in cybersecurity, DevOps and IT engineering. The study offers insights into what organizations perceive as the greatest risks and reward of investing in the metaverse and the level of development required to take such as major step safely.

Tenable’s Security Response Team (SRT) continuously monitors the threat landscape throughout the year, putting us at the forefront of trending vulnerabilities and security threats. From this vantage point, we complied and categorized our data from this annual report. In a year marked by tense geopolitics, hacktivism, ransomware and attacks targeting critical infrastructure - all alongside a turbulent macroeconomic environment - organizations struggled to keep pace with the demands on their cybersecurity teams and resources.

The report shows that security must parallel the slope of technology innovation. As technology matures, security has to mature and match the innovation of the technology running our organizations. The same thing can be said for the adversary. With every innovation we achieve, we can expect the adversary to actively seek ways to exploit it. From the cloud to Kubernetes, from Al to applications and more, as technology gets more complex and provides tremendous operational gains, security must evolve to protect the productivity we gain.

Rapid7’s Vulnerability Intelligence Report examines notable vulnerabilities and high-impact attacks from 2022 in order to highlight exploitation trends, explore attackers use cases, and offer a framework for understanding new security threats as they arise. Our aim is the contextualize the vulnerabilities that introduce serious risk to a wide range of organizations. The report examines 50 vulnerabilities that pose considerable risk to organizations of all sizes. In total, this report includes 45 vulnerabilities that were exploited in the wild 2022, of which 44% arose from zero-day exploits.

In this report, we share our industry-leading lineup of which threat actors, families, campaigns, and favorite techniques were prevalent during the last quarter. But there’s more. We’ve also expanded our sources to glean data from ransomware leak sites, and security industry reports. And as Trellix resources grow, so do the categories of threat research including new content covering Network Security, Cloud Incidents, Endpoint Incidents, and Security Operations.

In T2 2022, we saw the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, which likely continued to lose their steam due to the Russia-Ukraine war, along with the post- COVOD return to offices and overall improved security of corporate environments. Even with declining numbers, Russia IP addresses continued to be responsible for the large portion of RDP attacks.

The final months of 2022 were bustling with interesting ESET research findings. Our researchers discovered a MirrorFace spearphishing campaign against high-profile Japanese political entities, and new ransomware named RansomBoggs that targets multiple organizations in Ukraine and has Sandworm’s fingerprints all over it. ESET researchers also discovered a campaign conducted by the infamous Lazarus group that targets its victims with spear-phishing emails containing documents with fake job offers; one of the lures was sent to an aerospace company employee.

The IBM Security X-Force Threat Intelligence Index 2023 tracks new and existing trends and attack patterns and includes billions of datapoints ranging from network and endpoint devices, incident response (IR) engagements, vulnerability and exploit databases and more. This report is a comprehensive collection of our research data from January to December 2022.

This annual report sheds light on the cybersecurity threats facing the financial sector. The report provides cyber ground truth, specifically manifesting an eye-opening perspective on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector. In this year’s report, financial sector security leaders from around the world revealed during a series of interviews the type of attacks they’re currently seeing, what threats they’re most concerned about and how they’re adjusting their security strategy.

Our findings should serve as a wake-up call to both the mid-market segment and the cyber security industry that is currently underserving it. In just the past two years, attacks against mid-sized companies overall have increased by 150%, with attacks against specific sectors ranging from just about doubling to nearly tripling over that two-year period. At the same-time, mid-market companies’ defenses against these growing attacks have not kept pace.

In this report, we update the research summarized in the Capstone Report with current job opening data to compare the civilian cybersecurity and IT workforces with those in the U.S. government and the private sector. We also extend the DoD-private industry comparison research summarized in the Capstone Report by further examining the proportion of workers across a common taxonomy of cyber work roles, salaries paid across work roles, and demand for these jobs. Thus, this report both updates and expands upon the research presented in the Capstone Report.

Constella’s 2022 Breach Report offers key insights into these cyber threats and the staggering impact of malign activities fueled by breach data circulating on the deep and dark web. The following key findings represent the most significant and relevant trends for individuals, businesses, brands, and public organizations. This report also includes an extended analysis examining the ongoing conflict in Ukraine.

This report explores four key trends in teh payments space, and their importance to issuers, merchants and fintechs in reducing losses from fraud and unnecessary chargebacks while also delivering a next-gen customer experience.

This report, co-authored by our security operations center (SOC) leadership team, aggregates data from the incidents we investigated in 2022. It covers our full customer base, from small and midsize companies to enterprise organizations at every phase of the security journey across every industry we serve.

2023 will most likely be just challenging as the previous few years, but I’m confident that the cybersecurity market has the right tools to deal with the constantly shifting cybercrime landscape and new/consolidated threats, whether we’re talking about supply chain attacks, ransomware, deepfakes or cyber espionage.

Intel 471 can help your organization defend against a wide variety of cyber threats by providing deep insights and comprehensive expertise into cybercriminal actors and related activity. This report provides a brief exploration of our unique insight into the cyber underground, highlighting how we can proactively help you stay ahead of the curve, enabling you to fight cybercrime and win.

This report is based on data gathered from billions of containers, thousands of cloud accounts, and hundreds of thousands of applications that our customers operated over the course of the last year. Our findings provide signs of hope for overburdened developers, as the data showed opportunities to focus remediation efforts on vulnerable packages loaded at runtime.

The cyber events of the past year included unprecedented supply chain attacks, assaults on critical infrastructure, and widespread vulnerabilities likely to haunt organizations for years. These events, among many others, are detailed in Blackberry 2022 Threat Report. However, reading the entire report can prove challenging for security professionals with little time to spare.

We are excited about the future of cyber, and I invite you to join us in exploring some of the key finding in this report. In addition to data derived from the survey results, the report also includes observation and insights taken directly from survey respondents, as well as additional Deloitte insights on cyber, cloud, and other technologies enabling the future of business.

This study documents and quantifies how Mimecast protects organizations against threats. Cybercrime affects every organization no matter the size or type, and it’s a threat that is growing and changing constantly.

RiskRecon studied 1,000 publicly reported destructive ransomware events that occurred between January 2016 and November 2022. These publicly reported events were identifies through internet keyword searches, monitoring of event disclosure sites, dark web sites, and 8K SEC filings. Events in which the impact was limited to data theft were excluded.