In this report, CrowdStrike OverWatch threat hunters distilled their findings into hundreds of new behavior-based preventions over the past 12 months. As a result, the team’s front-line findings directly augment the Falcon platform’s ability to detect and prevent the latest threats. This data specifically focuses on interactive intrusions — attacks where adversaries establish an active presence within a target network, often engaging in hands-on-keyboard activities to achieve their objectives.

In today’s dynamic threat landscape, our customers rely on us more than ever to protect their sensitive data, systems and operations from increasingly sophisticated cyber threats. From ransomware attacks to malware to crypto-jacking, the adversaries we confront are relentless and evolving, requiring us to be continuously vigilant and proactive. we’ve added some new perspectives that feature feedback from our 24/7, 365 SOC analysts, market insight provided by a reputable cybersecurity insurance provider and even included the voices of some of our partners.

Our research was conducted to understand how the adoption of new AI is affecting the threats stakeholders face, how they are responding, and AI’s role in prevention, threat detection, incident response, and recovery workflows. AI’s effects on the threat landscape are already being felt. A majority of survey participants (74%) report their organizations are seeing significant impacts from AI-powered cyber threats. An even greater majority (89%) believe that AI-powered threats will continue to trouble their organizations well into the future.

This annual report is the result of the CRU’s research and analysis of nearly half a million alerts reviewed by the ConnectWise team, which is filtered into key takeaways and action items that affect MSPs the most. The information in this report is built to help MSPs protect their SMB customers. Our goal is to help you understand and prepare for the threats you and your customers are likely to face so you can focus your time, energy, and money on defenses that will impact your customers.

In this report, cybercriminal landscape remained diverse, comprising both lone actors and criminal networks offering a wide range of expertise and capabilities. Some cybercriminals targeting the EU were based within the EU, while others preferred to operate from abroad, concealing their illicit operations and funds in third countries. The use of deepfakes is another area of concern as this is a powerful addition to the cybercriminal toolbox.

This report provides insights into the current state of enterprise cyber risk and the role of AI in it. AI is revolutionizing business and has the potential to significantly improve cybersecurity outcomes. Many already have plans to use integrated AI in cyber tools, especially for inferencing, data analysis, and GenAI conversational systems.

This report nearly coincided with one of the most disruptive cyber attacks in the history of healthcare. The massive payment disruptions for U.S. healthcare providers resulting from the February 2024 BlackCat ransomware attack on Change Healthcare was an extreme yet highly illustrative example of the third-party risks stemming from high interdependence among healthcare organizations. This paper aims to help healthcare organizations and their partners reduce such risks.

In this report, he have to caveat by saying that these figures are lower bound estimates based on inflows to the illicit addresses we’ve identified today. One year from now, these totals will almost certainly be higher, as we identify more illicit addresses and incorporate their historic activity into our estimates. 2023 was a year of recovery for cryptocurrency, as the industry rebounded from the scandals, blowups, and price declines of 2022.

The Google Cloud Cybersecurity Forecast 2024 report predicted that cyber criminals and nation-state cyber operators will more heavily leverage server-less technologies within the cloud because it offers greater scalability, flexibility, and can be deployed using automated tools. The report focuses on recommendations for mitigating risks and improving cloud security for cloud security leaders and practitioners.

Unit 42 analyzed several petabytes of public internet data collected by Cortex Xpanse — the Palo Alto Networks attack surface management solution — in 2022 and 2023. This report outlines aggregate statistics about how attack surfaces worldwide are changing and drills down into particular risks that are most relevant to the market. Today’s attackers have the ability to scan the entire IPv4 address space for vulnerable targets in minutes.

This report leverages N2K’s analytical strengths to map WiCyS members’ skills directly to the NICE Workforce Framework, categorizing capabilities into functional areas that highlight the unique strengths and potential growth opportunities for WiCyS members. By conducting thorough diagnostics and focused analyses, this partnership identifies the capabilities of WiCyS members and aligns them with industry standards to ensure that their skills are recognized and utilized to the fullest.

This report offers insights onto the threats and suspicious activity across those flows. It also provides strategic, tactical, and operational information on all traffic in all directions utilizing the MITRE ATT&CK framework. In additional, the report highlights the applications, protocols, and tools running on these networks.

We chose to analyze four recent ransomware attacks. These ransomware attacks resulted in significant business disruption and financial impact, and in some cases, continue to result in collateral damage. While details are often sparse on how the attacks happened, the nature of the attack can be examined to determine the degree to which basic ransomware controls impact organizational outcomes. Many ransomware attacks are not technically sophisticated, but instead take advantage of controllable gaps and lapses that organizations do not actively seek to identify and remediate.

This Index provides a comprehensive view of what organizations need to be ready to tackle the security challenges of the modern world, and more importantly where companies across the globe are lacking. It provides a detailed point of reference and serves as a guide on what organizations need to do to improve their cybersecurity resilience.

This is the fifth report in the series which plots the use of vulnerability disclosure in consumer markets with the introduction of enterprise starting in 2021. For consumers, knowing that a manufacturer has the requisite systems in place to receive, and remedy, known security flaws is a welcome form of assurance. Indeed, we have said many times that the lack of an easily identifiable method for reporting security issues could be likened to a canary in the coal mine – it’s a good health indicator as to how serious they are about security.

This report will help users to understand the nature, scope and impact of the threats they face, and will help security teams tailor their program and messaging accordingly. A security awareness program should be an essential component of any organization’s security strategy, but by itself it isn’t enough. Our data shows that 96% of people who took a risky action knew that what they were doing might be risky, so it seems that key information is getting through. However, knowing what to do and doing it are two different things. The challenge is now not just awareness, but behavior change.

This analyst report contains information about cyberattacks investigated by Kaspersky in 2023. Kaspersky provides a wide range of services — incident response, digital forensics, malware analysis, etc. — to help organizations affected by information security incidents. The data used in this report is derived from working with organizations that have sought assistance with responding to incidents or conducted professional events for their internal incident response teams.

This report serves as a beacon of insight, offering a comprehensive analysis of the emerging trends, evolving techniques, varied motivations and techniques employed by threat actors from January 2023 to March 2024. Curated by our globally diverse intelligence team, this report is a testament to Intel 471’s collective commitment to understand your adversaries, expose their tactics and empower you to win the fight against them.

This report presents key insights drawn from hundreds of thousands of attack path assessments conducted through the XM Cyber Continuous Exposure Management (CEM) platform during 2023. These assessments uncovered over 40 million exposures affecting 11.5 million entities deemed critical to business operations. Data gathered from the XM Cyber platform were anonymized and provided to Cyentia Institute for independent analysis to generate the insights.

This report represents organizations that are proactively integrating tools like Veracode into their AppSec programs. Organizations without scanning integrated into their development processes will likely have a higher prevalence of security flaws than shown here. The results do show a steady downward trend over the last eight years. We’re particularly encouraged to see that the prevalence of high-severity flaws has dropped to half of what it was back in 2016.

This year, the report is delving deeper into the pathway to breaches in an effort to identify the most likely Action and vector groupings that lead to breaches given the current threat landscape. The cracked doorway on the cover is meant to represent the various ways attackers can make their way inside. The opening in the door shows the pattern of our combined “ways-in” percentages, and it lets out a band of light displaying a pattern of the Action vector quantities. The inner cover highlights and labels the quantities in a less abstract way.