Whether it’s referred to as threat hunting or hunt teaming, companies are increasingly taking a proactive approach to security by looking for evidence of threats that are already in their environments. Organizations have realized that waiting for antivirus, SIEMs and other security solutions to trigger an alert is not a practical approach to detecting sophisticated and stealthy adversaries since they know how to evade these tools. Hunting enables security teams to proactively answer the question “Am I under attack?”

This threat advisory offers insight into the ROPEMAKER Email Exploit.

This paper takes a look at the best way to prevent breaches, by detecting and mitigating leaks.

This is a threat advisory for the Tiscali App.

This paper is intended to give a high-level view on the insider threat for those looking to implement a defensive programme. It considers the types of attack that may take place and some of the common weaknesses that aid insider attacks. It also covers some of the policies and controls that can be implemented to detect, deter or defend against the insider threat. This paper is intended to be a summary, however, the final section details further reading and resources that provide more in-depth information.

This report provides statistics on attacks performed against web applications during the fourth quarter of 2017.

This paper discusses the top 20 Center for Internet Security (CIS) Critical Security Controls (CSC) come into play, providing organizations with 20 key controls that they can implement to mitigate some of the threats they are facing.

This resource is designed to help you see the importance of people-focused solutions to cybersecurity risk mitigation. Here they’ve collected 17 statistics to help make the point that, “a cybersecurity budget isn’t complete until you’ve allocated money to building your human capacity to identify and respond to cybersecurity risk.”

Verizon’s annual report on all data breaches in 2015

The object of this report is to answer the question, what will happen in 2018?

This paper was written for one purpose: To serve as a useful guide for Chief Information Security Officer (CISO) teams.

This report examines key trends across the threat landscape and application usage, including topics on how organizations can educate users and utilize controls to effectively reduce the attack surface available to an adversary, the potential effects of non-standard network activity, the reuse of legacy attack tactics, and the benefits of open threat intelligence sharing.

This whitepaper presents 15 best practices for making users a powerful layer of phishing defense.

This report discusses why it is important to protect medical device apps “in the wild”.

This paper seeks to help mitigate serious crimes related to mobile security and credential fraud.

This report takes a look at the DDoS threats that occurred in the fourth quarter of 2016.

This e-book takes a look at what a good CDN should do.

The Appthority Enterprise Mobile Security Pulse Report is based on millions of mobile security scans Appthority performs each quarter for its enterprise customers. The report includes app, device and network data as well as their proprietary Mobile Threat Risk Score which measures the highest risk from thousands of data points during our deep app analysis.

This report offers some significant predictions of phishing attacks in 2018.

EY’s Global Information Security Survey investigates the most important cybersecurity issues facing businesses today. It captures the responses of 1,755 participants around the globe and across sectors, and our findings and conclusions are based on those insights and on our extensive global experience working with clients to help improve their cybersecurity.

This monthly threat report takes a look at the month of October 2017. More specifically, it takes a look at the shift in Phishing campaigns, the WIFI WPA Security VULN, and a variety of other threats.