In this edition, we again focus on concentration of malicious activity by the same six categories we studied in the last edition in the Fall of 2021. We expect that some criteria will remain relevant over the foreseeable future; that is, as datapoints related to domain names, there are unlikely to become less forensically-valuable unless that internets fundamental structure changes. Other datapoints may wax and wane in relevance.

In this white paper, you’ll learn how to combat unwanted privilege escalation by reverse engineering the tactics that cybercriminals use. By seeing the world through the eyes of a hacker you’ll be able to identity the red flags of privileged-account attacks. And, you’ll know which techniques and tools to use to mitigate them.

This report aims to take a look at the times when things did not work as intended—not to point fingers but to help us all learn and improve. In a time where almost everyone, corporations and individuals alike, is looking at ways to do more with less, we believe a close analysis of when our defenses failed can be very beneficial. While times of great change are always challenging, they often also prompt us to take stock of our situation and, if necessary, refocus both our viewpoint and our energies. Such is the case with the DBIR this year. As a team, we decided to take a step back toward the fundamental things that got us where we are, an intense focus on actual data breaches analyzed using our own VERIS Framework. And speaking of VERIS, one of the new goodies this refocusing brings is an even better mapping between VERIS and MITRE ATT&CK through a collaboration with MITRE Ingenuity and the Center for Threat Informed Defense (CTID).

The purpose of this research is to understand the risks created by the cybersecurity gap between the corporate office and executives’ protection at home. According to 42% of respondents, their key executives and family members have already experienced at least one attack by a cybercriminal.

In this report, Perception Point analyzes the most pervasive attacks its advanced threat detection platform detected in 2022, noting a particular increase in account takeover attacks in the latter half of the year as well as an ongoing growth in phishing attacks. This report examines cyber threats through distinct lenses based on the intelligence gathered by Perception Point’s proprietary detection engines and its managed incident response service.

Our annual State of the Phish report explores end-user security awareness, resilience and risk across 15 countries (eight more than in previous years). The report benchmarks understanding of common cyber threats and defensive tactics and reveals how potential gaps in knowledge and cyber hygiene enable the real-world attack landscape. Most attacks target people before they target systems. That’s why helping users build sustainable security habits is crucial.

The April 2023 report details a continued rise in Russian state-sponsored threat actors, the shutdown of a widely used hacker marketplace, “shadow ban” attacks against Twitter users, and the emergence of several new high and critical vulnerabilities, including a zero-day exploit against Google Chrome. It also provides updates to the metrics and information on the most impactful vulnerabilities and malware strains in the wild today and includes information on some of the top phishing sites observed over the month.

The annual HUMAN Enterprise Bot Fraud Benchmark Report provides insights into automated attack trends across enterprise use cases, including account takeover, brute forcing, carding, credential stuffing, inventory hoarding, scalping, and web scraping.

The basis of this report is the Zscaler ThreatLabz research team’s analysis of nearly 6 billion data loss policy violations from November 2021 through July 2022. We’ll look at what and how enterprise data is being shared, where it’s going, which malicious actors are targeting it, and how you can improve your datasharing hygiene so as to mitigate risk without stifling productivity.

This report will help you recognize the social engineering tactics and sophisticated coding used in phishing attacks, so you can prevent costly data breaches. Read on for an in-depth look at the latest phishing trends and observations the ThreatLabz team collected throughout the past year, and get best practices for safeguarding your organization against ever-evolving phishing techniques.

In this threat intelligence spotlight report, eSentire’s Threat Response Unit (TRU) provides a threat analysis of the most common cyber threat detected across our global legal customer base.

This 2023 Cloud Security Report surveyed 752 cybersecurity professionals to reveal key challenges and priorities. In 2023, the cloud is fundamentally delivering on its promised business outcomes, including flexible capacity and scalability, increased agility, improved availability, and accelerated deployment and provisioning.

This report is based on our research and experience from the past year in securing enterprise cloud environments. We chose to focus on novel, notable, and high-impact risks that we believe you should be familiar with and include in your cloud security strategy for 2022.

The report is based on threat intelligence observations from the Threat Analysis Group (TAG), Google Cloud Threat Intelligence for Chronicle, Trust and Safety, and other internal teams. It provides actionable intelligence that enables organizations to ensure their cloud environments are best protected against ever evolving threats. In this and future threat intelligence reports, Google will provide threat horizon scanning, trend tracking, and Early Warning announcements about emerging threats requiring immediate action.

The report outlines the most significant identity attacks of 2022, the weaknesses of MFA, and the IAM hygiene issues that are increasing identity attack surfaces. This report analyzed user data, login information, and information from identity providers including Okta, Azure Active Directory, Duo, and Auth0. In total, the analysis covers more than 500,000 identities from organizations with 1,000+ employees.

A recent ThoughtLab study revealed the top cybersecurity challenges that are top-of-mind for IT leaders. This ebook will discuss how those challenges can poison your ability to protect your business why automating security operations is the antidote, and why 80% of organizations that use automation say they can respond to vulnerabilities in a shorter timeframe.

In 2020, Constella Intelligence’s threat intelligence team detected over 8,500 breaches and leakages circulating in dark markets and underground forums, representing nearly 12 billion records. Constella analyzed a significant portion of the breaches and leakages detected in underground marketplaces in 2020, constituting a 32% increase in the total volume of breaches and leakages analyzed in 2019. Constella’s 2021 Breach Report offers insights into these cyber threats and the impact of malign activities fueled by breach data circulating on the deep and dark web.

In this third volume of the Security Outcomes Report, we break security resilience down into digestible and actionable insights. (Because we’re sure you have enough on your plate without having to crack the code to resilience on your own.) No one report can cover all there is to know about such a colossal subject matter; but we’ve surfaced some highlights for you to consider when building and refining your cybersecurity strategy for the road ahead.

It’s a horror story that many organizations are familiar with - an employee clicks a link or visits a website, and chaos ensues. At best, it’s just a minor disruption. At worst, business continuity is broken, and an organization’s critical infrastructure is at risk. Regardless of the outcome, managing human risk is a major part of business today. In this report, we dive into what makes workers high risk, where those high risk users spend their time, what are their riskiest behaviors, and what that might mean for your organization’s security.

In releasing our annual M-Trends report, we aim to provide some of that same critical intelligence to the greater security community. M-Trends 2023 continues our tradition of offering details on the evolving cyber landscape, mitigation recommendations, and a wide variety of security incident-related metrics.

The following report provides a detailed look into the incidents that led to claims from our policyholders over the second half of 2021. In addition to the data, we share a thoughtful analysis of the current trends and predictions for 2022.