The 2022 Cloud Security Report is based on a comprehensive survey of 775 cybersecurity professionals conducted in January 2022, to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications, and best practices IT cybersecurity leaders are prioritizing in their move to the cloud. The respondents range from technical executives to IT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

The report surfaces the most significant data we’re seeing in our threat detection and response effort, curates that data into trends that can impact your cybersecurity posture, and offers resilience recommendations to protect your organization.

These reports provide data and insights on the attack we’re seeing, how to spot them, and the top ways you can protect your organization. These trends are based on incidents our security operations center (SOC) identifies through investigations into alerts, emails submissions, and threat hunting leads in the second quarter (Q2) of 2022. We analyzed incidents across our customer base, spanning organizations of various shapes, sizes, and industries, from April 1, 2022 to June 30, 2022.

Radware’s first half of 2022 threat report reviews the most important cybersecurity events, and provides detailed insights into the attack activities for the first six months of 2022. The report leverages intelligence provided by Radware’s Threat Intelligence Team, network and application-attack activity sourced from Radware’s Cloud and Managed Services, Radware’s Global Deception Network, and Radware’s Threat Research team.

As organizations adopt modern software development processes leveraging cloud platforms, they are looking to incorporate security processes and controls into their software development lifestyle (SDLC) processes.

First, the bad - adversaries continued to innovate and alter strategies aimed at taking down DDoS protections with direct-path DDoS attacks and high-powered server-class botnets. Meanwhile, a little good news came in the way of a decrease in some reflection/amplification vectors, floating overall DDoS attack number down. Despite this decrease, the bad news tells us we must remain vigilant to combat ever-changing attacker methodologies and tactics.

This report will look at how ransomware caused gas shortages on the east coast, why a Justin Bieber tour might have put on the phone with a malware distributor, and what an increase in SMS phishing means for mobile security. We’ll also explore the evolving relationship between malware distributors and one of the world’s most successful ransomware gangs, and how legitimate cloud services now provide the infrastructure for a majority of malicious activity.

In this, our eighth annual State of the Phish report, we explore user vulnerabilities from multiple angles. We look at issues driven by poor cyber hygiene and those that could result from a lack of knowledge and clear communication. We discuss ways organizations can become more attuned to their risks. And we outline opportunities to build and sustain engaging security awareness training initiatives in the challenging climate.

The IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns we observed and analyzed from our data - drawing from billions of datapoints ranging from network and endpoint detection devices, incident response (IR) engagements, domain name tracking and more. This report represents the culmination of that research based on data collected from January to December 2021.

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan. In the course of our research, we were able to identify over a dozen of attacked organizations. An analysis of information obtained during our investigation indicates that cyberespionage was the goal of this series of attacks.

This report is to share notable trends and investigations to help inform our community’s understanding of the evolving security threats we see. During some quarters, our reporting may focus more on a particular adversarial trend or tactics we see emerge across different threat actors. During other quarters, we may dive into an especially complex investigation or walk through a novel policy application and relate threat disruptions.

Get the latest Cortex Xpanse “Attack Surface Threat Report” to understand the risks, and learn how automation can help security teams stop chasing a moving post and reduce risks. The Cortex Xpanse research team studied the global attack surface by monitoring scans of 50 million IP addresses associated with 100+ global enterprises and discovered that the attack surfaces of all industries continue to grow. As security teams struggle to keep up, the constant stream of new issues becomes an ever-expanding backlog of exposure - misconfigured RDP, exposed admin portals, insecure Apache Web servers or Microsoft Exchange servers, and more.

The 2022 Unit 42 Incident Response Report sheds light on the risks and threats that organizations are facing. It provides insights into threat actors and their methods that can then be used to help organizations identify potential gaps in their defenses and areas to focus on to improve their cybersecurity stance going forward.

The 2022 Attack Surface Management Maturity Report has been produced by Cybersecurity Insiders, the 500,000 member online community of information security professionals, to explore the current state, exposures, and priorities that organizations need to consider to fortify their security posture.

Evolving security threats, exponential data growth, increased complexity, and a continuing cybersecurity shill shortage has given rise to a new category of security solutions called Extended Detection and Response (XDR). Red Piranha and Cybersecurity Insiders conducted a comprehensive survey to reveal the latest XDR trends and challenges in managing XDR, what XDR might replace, and how organizations select security technologies and providers.

In this report, you will find details about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries.

The goal of the SANS 2021 Cloud Security Survey is to provide additional insights into how organizations are using the cloud today, the threats security teams are facing in the cloud, and what they’re doing to improve security posture in the cloud.

In this report, you will find further detail about security, compliance, services, alerting, and Kubernetes usage patterns. This information can be useful for determining the real-world state of security and usage for container environments at companies around the world, from a broad range of industries.

Weak passwords abound, and ATO is interrupting services critical to every aspect of online life: working, streaming, ordering, paying, and just plain connecting. Raising security awareness of this topic can certainly help; but the ATO threat will remain endemic until the problems inherent to password use are resolved.

Service providers are undergoing a technological revolution, transforming their networks and computing infrastructure to dramatically change the user experience and support new services in an app-driven world tailored to industry and business objectives. To do so, service providers are embracing ultra-low-latency designs, fully automated software delivery and increased levels of operating efficiency.

In this report, we examine 10 prolific banking trojans targeting Android mobile apps of users worldwide, detailing their features and capabilities. We also detail what makes each malware family different highlighting the unique and advanced malicious features that make each banking trojan family unique. A complete list of all 639 financial applications covering banking, investment, payment, and cryptocurrency services and the different banking trojan families targeting each is provided in Appendix A.