The Blackberry 2022 Threat Report is not a simple retrospective of the cyberattacks of 2021. It is a high-level look at issues affecting cybersecurity across the globe, both directly and indirectly. It covers elements of critical infrastructure exploitation, adversarial artificial intelligence (Al), initial access brokers (IABs), critical event management (CEM), extended detection and response (XDR), and other issues shaping our current security environment.

Arctic Wolf’s 2022 Security Trends Report provides insight into the current and future state of these cybersecurity teams as they attempt to move their security programs forward while dealing with an ever-evolving threat environment. Our research findings show that ransomware, phishing and vulnerabilities don’t just monopolize headlines, they’re taking up security professionals’ headspace, too. Defending an increasing number of threats from attackers with far more resources feels like a lost cause too many businesses.

At Nuspire, we’re still witnessing threat actors using malicious files and cashing in on newly announced vulnerabilities. Threat actors are opportunistic for the most part and seek the easiest access for the least amount of effort. We explore these ideas and cover some of the most prevalent ways we’ve see threat actors attempt to breach the gates. After we dig into the data, we’ll provide you with actionable takeaways you can apply to your network to harden your defenses.

For this, our 15th anniversary installment, we continue in that same tradition by providing insight into what threats your organization is likely to face today, along with the occasional look back at previous reports and how the threat landscape has changed over the intervening years.

This 2022 Cloud Security Report, based on a comprehensive global survey of cybersecurity professionals, reveal these security challenges and offers insights on the state of the cloud and cloud security today. The study reviews organizations’ choices and responses as they try to gain more confidence in securing their cloud environments.

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. This report also reveals that five of the top ten ATT&CK techniques observed are categorized under the TA005 Defense Evasion tactic.

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation.

For the State of Cloud Security 2021, we surveyed 300 cloud professionals, including cloud engineers, cloud security engineers, DevOps, and cloud architects, to better understand the risks, costs, and challenges they are experiencing managing cloud security at scale.

The goal of this survey was to understand the current state of SaaS security and misconfigurations. The survey was conducted online by CSA from January to February 2022 and received 340 responses from IT and security professionals from various organization sizes and locations. CSA’s research team performed the data analysis and interpretation for this report.

From Q2 to Q3 2021, ransomware gained increasing attention. In Q3 2021, threat actors also continued mass exploitation of vulnerabilities in systems, including those in Microsoft Exchange.

The State of Pentesting: 2020 report assesses which web application security vulnerabilities can be found reliably using machines and which require human expertise to manually identify. The scope of his exploration is black-box penetration testing (“humans”) against dynamic scanning and out-of-band testing (“machines”) for web applications.

This 2021 State of Phishing and Online Fraud Report highlights the key trends that drove digital scams using data gathered from analyzing more than one billion sites. A multitude of factors drove record growth in fraud campaign activity in 2020 with an increase of 185% from what was observed in 2019.

The findings in this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events observed in live production environments around the world.

The Fortinet Threat Landscape Index (TLI) was developed to provide an ongoing barometer of overall malicious activity across the internet. The TLI is based on the premise that the cyber landscape gets more threatening as more of our sensors detect a wider variety of threats at a higher volume.

The threat intelligence, trends and details presented in the 2021 Webroot BrightCloud Threat Report are based on data continuously and automatically captured by the Webroot Platform, which is the proprietary machine learning-based architecture that powers all of our Webroot protection and BrightCloud services.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During November and December 2020, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.

This report is an in-depth analysis of tens of thousands of threats detected across our customers’ environments, this research arms security leaders and their teams with a unique understanding of the threats they’re facing.

This report is a technical overview of the IsaacWiper malware reported by ESET. The malware was primarily delivered to Ukrainian organizations coincident with the Russian invasion of Ukraine.

This report will give a snapshot of 2020’s mobile threat landscape and dive into emerging trends we anticipate carrying into 2021.

In this report, we have researched the detected new round of offensive and destructive cyberattacks directed against Ukraine’s digital infrastructure and its alliances.

This report is the Claroty Biannual ICS Risk & Vulnerability Report: 1H 2021. This report is a resource for OT security managers and operations, delivering not only data about vulnerabilities that are prevalent in industrial devices, but also the necessary context around them to assess risk within their respective environments.