In releasing our annual M-Trends report, we aim to provide some of that same critical intelligence to the greater security community. M-Trends 2023 continues our tradition of offering details on the evolving cyber landscape, mitigation recommendations, and a wide variety of security incident-related metrics.

The following report provides a detailed look into the incidents that led to claims from our policyholders over the second half of 2021. In addition to the data, we share a thoughtful analysis of the current trends and predictions for 2022.

The Google Cloud Threat Horizons Report brings decision-makers strategic intelligence on threats to cloud enterprise users and the best original cloud-relevant research and security recommendations from throughout Google’s intelligence and security teams.

This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity Platform in 2022. This is an analysis of vulnerabilities detected in the systems of hundreds of organizations across a wide range of industries – from the Fortune 500 to medium and small businesses.

The analysis in this report was conducted by the PwC Threat Intelligence practice, which is distributed across Australia, Italy, Germany, Netherlands, Sweden, United Kingdom, and the United States. It is based on our in-house intelligence datasets on cyberattacks and targeting from a wide variety of threat actors, intelligence gleaned from PwC’s incident response engagements around the world, and our managed threat hunting services, as well as publicly available information.

Throughout 2022, the cyber threat landscape reflected real world events and geopolitical tensions, with much of the year impacted by the Russian invasion of Ukraine. Log4Shell ushered in a chaotic start to 2022 and highlighted the positive impact of industry collaboration, as well as the criticality of patching and understanding the footprint of widely used software in environments.

Our annual cybersecurity report sheds light on the major security concerns that surfaced and prevailed in 2022. We also discuss how cybercriminals, specifically ransomware actors, are taking their cue from legitimate organizations when it comes to diversifying their portfolios and rebranding their image, and the top vulnerabilities that malicious actors have abused last year.

MSPs have unique cybersecurity challenges to secure their businesses and customers. The “2023 MSP Threat Report” addresses these challenges specifically, using threat intelligence, insights, and predictions from the ConnectWise Cyber Research Unit (CRU). The report covers the following: Major MSP-focus hacks in 2022, emerging and continuing cyberattack trends, top ransomware methods of threat actors, and action items for MSPs in 2023.

In this Report, Qualys explores the most common ways adversaries exploit vulnerabilities and render attacks. With analysis performed by TRU throughout 2022, this report provides security teams with data-backed insights that help them gain victory without battle now and into the future.

The reported results are based on the anonymized aggregated data of simulated attack scenarios and campaigns performed with the Cymulate Platform across a global user base. Cymulate uses a proprietary scoring method based on known industry standards including the MITRE ATT&CK Framework, NIST Special Publication 800-50, and other benchmarks. The weighted averages used in this report compensate for the divergence in the relative usage of specific vectors.

In the 2023 Unit 42 Ransomware Threat Report explores recent incident response cases, as well as our threat intelligence analysts’ assessment of the larger threat landscape. It also offers predictions for how we believe threat actors will use ransomware and extortion tactics going forward. As of late 2022, threat actors engaged in data theft in about 70% of cases on average, Compare this to mid-2021, and we saw data theft in only about 40$ of cases on average. Threat actors often threaten to leak stolen data on dark web leak sites, which are increasingly a key component of their efforts to extort organizations.

This report is based on in-depth analysis of nearly 40,000 threats detected across our 800+ customers’ endpoints, networks, cloud workloads, identities, and SaaS applications over the past year. This report provide you with a comprehensive view of this threat landscape, including new twists on existing adversary techniques, and that our team has observed as adversaries continue to organize, commoditize, and ratchet up their cybersecurity operations.

The Evolution of DDoS: Return of the Hacktivists is a joint report by FS-ISAC and Akamai to educate our community on the new and evolving threat of DDoS, the business risks it poses, and best practices on mitigation for the sector to better combat these attacks.

In the new Cybereason survey, 1,203 cybersecurity professionals from eight countries and a dozen industries were asking to describe the challenges currently faced by their SOCs and how they impact their plans for modernization. Nearly half of the respondents (49%) said ransomware is the most common incident type they deal with daily, followed closely by supply chain attacks (46%). Thirty-seven percent said daily alerts consumed most of their time, and 31% identified targeted attacks as a top daily concern.

In H2 2022, the most significant change among all countries in the percentage of ICS computers on which malicious objects were blocked was observed in Russia, where that percentage increased by 9 p.p.

In our new State of Cyber Threat Intelligence, we examine the factors that contribute to these two themes: the converging nature of cyber threats as well as the perpetual cycles in which they exist. Plus, we explore the big-picture impact of cyber attacks on organizations across a variety of industries globally and provide guidance on how to fight back.

The focus on resilience is changing the role of security leaders in their organizations. These discussions vary based on many factors, most notably the maturity level of the organization. Long-established legacy orgs have a harder time adopting a new approach, be it A-driven automation, a zero trust framework or DevSecOps practices, while fresh-face startups may have never done it any other way.

Unit 221B assessed Deep Instinct’s claims that their Endpoint Protection Platform (EPP) product can automatically prevent unknown threats by using deep learning to identify patterns indicative of malicious behavior prior to execution on the endpoint.

This report represents Deep Instinct’s current view of the threat landscape and trends seen between the period January – June 2021 and provides concrete data to verify the credibility of these developments. The information was sourced from our repositories which are routinely analyzed as we continuously protect our customers from unending and varied attacks.

This report represents Deep Instinct’s current view of the threat landscape. The report discusses trends seen during 2020 and provides concrete data to verify the credibility of these developments. The information was sourced from our data repositories which are routinely analyzed as part of protecting our customers from ceaseless attacks.

This report represents Deep Instinct’s current view of the threat landscape, showcasing trends seen throughout the course of the past year and providing concrete, actionable data to verify the credibility of these developments. The information was sourced from our data repositories, which are routinely analysed as part of protecting our customers from ceaseless attacks.