The IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns we observed and analyzed from our data - drawing from billions of datapoints ranging from network and endpoint detection devices, incident response (IR) engagements, domain name tracking and more. This report represents the culmination of that research based on data collected from January to December 2021.

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan. In the course of our research, we were able to identify over a dozen of attacked organizations. An analysis of information obtained during our investigation indicates that cyberespionage was the goal of this series of attacks.

This report is to share notable trends and investigations to help inform our community’s understanding of the evolving security threats we see. During some quarters, our reporting may focus more on a particular adversarial trend or tactics we see emerge across different threat actors. During other quarters, we may dive into an especially complex investigation or walk through a novel policy application and relate threat disruptions.

The 2022 Unit 42 Incident Response Report sheds light on the risks and threats that organizations are facing. It provides insights into threat actors and their methods that can then be used to help organizations identify potential gaps in their defenses and areas to focus on to improve their cybersecurity stance going forward.

In the first half of 2022 SonicWall Capture Labs threat researchers recorded 2.8 billion malware hits globally, an 11% increase year to date over 2021. The amounts to an average of 8.240 malware attempts per customer. Based on data collected, the true culprits behind the rise in malware have been crypto-jacking and loT malware, which have risen 30% and 77% respectively, year to date.

However, 2021 is most likely to be remembered as the year that ransomeware epidemic isn’t over, and it may not even have peaked, but the threat it poses to businesses, supply-chains and critical infrastructure is no longer in doubt, and the forces arrayed against it have never been so formidable.

This report takes an in-depth look at lloT/OT security projects, implementation challenges, security incidents, technology investments, and a variety of issues related to cybersecurity risks.

The 2022 Attack Surface Management Maturity Report has been produced by Cybersecurity Insiders, the 500,000 member online community of information security professionals, to explore the current state, exposures, and priorities that organizations need to consider to fortify their security posture.

The 2022 SIEM Report is based on a survey of 348 cybersecurity professionals and represents one of the industry’s most comprehensive annual studies on SIEM, exploring the latest trends, key challenges, and solution preferences in this market.

In this white-paper, we address both high-level concepts: With respect to ransomware, what are the current adversary trends, and then what can organizations do to defend themselves (or better defend themselves)? The basic concept of ransomeware remains the same: Encrypt data and demand money for decryption.

The goal of the SANS 2022 Cloud Security Survey is to provide additional insight into how organizations are using cloud today, the threats security teams are facing in the cloud, and what we are doing to improve security posture in the cloud, as well. This year, we again had several hundreds respondents, who represented a number of industries.

The goal of the SANS 2021 Cloud Security Survey is to provide additional insights into how organizations are using the cloud today, the threats security teams are facing in the cloud, and what they’re doing to improve security posture in the cloud.

Weak passwords abound, and ATO is interrupting services critical to every aspect of online life: working, streaming, ordering, paying, and just plain connecting. Raising security awareness of this topic can certainly help; but the ATO threat will remain endemic until the problems inherent to password use are resolved.

The CDR is the most geographically comprehensive, vendor-agnostic study of IT security decision makers and practitioners. Rather than compiling cyberthreat statistics and assessing the damage caused by data breaches, the CDR surveys the perceptions of IT security professionals, gaining insights into how they see the world.

Amid our worldwide bedlam, this report is aimed at informing for the purposes of preparation. Whether you find yourself in the midst of government affairs, technology management, or business operations, the state of rising factors impacts nearly every country, either directly or indirectly, and provides a ripe setting for cyberattacks to thrive. Based upon research conducted and shared amongst our various practices in DevSecOps, Offensive Security, Governance-Risk-Compliance, Threat Intelligence, and Research, we have completed our overall analysis to focus on the following evolving threats as we navigate through 2022.

In this report, we examine 10 prolific banking trojans targeting Android mobile apps of users worldwide, detailing their features and capabilities. We also detail what makes each malware family different highlighting the unique and advanced malicious features that make each banking trojan family unique. A complete list of all 639 financial applications covering banking, investment, payment, and cryptocurrency services and the different banking trojan families targeting each is provided in Appendix A.

This report investigates the trends, pioneered by the Maze ransomware group, of double extortion. In particular, we examine the contents of initial data disclosures intended to coerce victims to pay ransoms. Rapid7 analysts investigated 161 separate data disclosures between April 2020 and February 2022 and identified a number of trends in the data.

As these ransomware gangs and RaaS operators find new ways to remove technical barriers and up the ante, ransomware will continue to challenge organizations of all sizes in 2022. As a result, ransomware has become one of the top threats in cybersecurity and a focus area for Palo Alto Networks. This report provides the latest insights on established and emerging ransomware groups, payment trends, and security best practice.

The Blackberry 2022 Threat Report is not a simple retrospective of the cyberattacks of 2021. It is a high-level look at issues affecting cybersecurity across the globe, both directly and indirectly. It covers elements of critical infrastructure exploitation, adversarial artificial intelligence (Al), initial access brokers (IABs), critical event management (CEM), extended detection and response (XDR), and other issues shaping our current security environment.

This survey report focuses on the current trends in cybersecurity workforce development, staffing, cybersecurity budgets, threat landscape and cyber-maturity. The survey findings reinforce past reporting and, in certain instances, mirror prior year data. Staffing levels, ease of hiring and retention remain pain points across the globe, and declining optimism about cybersecurity budgets reversed course this year.

This report was created by the ConnectWise Cyber Research Unit (CRU) - a dedicated team of ConnectWise threat hunters that identifies new vulnerabilities, researches them, and shares what they find for all to see in the community. The CRU monitors ransom leak sites and malicious botnets for new threats, uses OSINT resources, and utilizes data from the ConnectWise SIEM powered by Perch to help create content and complete research.