In 2021, the industry saw a transition into threat actor separation of duties, with an increase in groups focused on obtaining and selling access to victims (Initial Access Brokers). In observing this trend, Deepwatch has taken note of the proliferation of Initial Access Brokers and how it correlates with a shift in focus, away from specific industries and towards attacks of opportunity. As this trend continues, more emphasis must be placed on risk management of organizations’ internet exposure.

At Nuspire, we’re still witnessing threat actors using malicious files and cashing in on newly announced vulnerabilities. Threat actors are opportunistic for the most part and seek the easiest access for the least amount of effort. We explore these ideas and cover some of the most prevalent ways we’ve see threat actors attempt to breach the gates. After we dig into the data, we’ll provide you with actionable takeaways you can apply to your network to harden your defenses.

The intent of the exercise was to assess public and private sector-wide communications and information-sharing mechanisms, crisis management protocols, and decision-making, as well as legal and regulatory considerations as exercise participants responded to and recovered from significant ransomeware attacks targeting the financial sector. The scenario emphasized global cross-jurisdiction information sharing among financial firms, central banks, regulatory authorities, trade associations and information-sharing organizations.

For this, our 15th anniversary installment, we continue in that same tradition by providing insight into what threats your organization is likely to face today, along with the occasional look back at previous reports and how the threat landscape has changed over the intervening years.

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. This report also reveals that five of the top ten ATT&CK techniques observed are categorized under the TA005 Defense Evasion tactic.

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation.

Based on Arete case data, the commonly observed techniques and vulnerabilities of 2021 will likely not change through most of 2022. In the Arete Annual Crimeware Report, we will discuss: notable tactics and techniques observed in threat actor campaigns, notable negotiation insights gleaned from ransomware cases, how law enforcement has changed its games and how the threat landscape will evolve in 2022.

From Q2 to Q3 2021, ransomware gained increasing attention. In Q3 2021, threat actors also continued mass exploitation of vulnerabilities in systems, including those in Microsoft Exchange.

This report provides an analysis of the DNS queries blocked by Protective DNS, finds commonalities among the end users that are protected, and uses a financial model to estimate the value of the threat prevention provided by Protective DNS to the UK economy.

Our latest Trellix Threat Lab Research Report includes our findings from Q4 2021, our identification of a multi-stage espionage attack on high-ranking government officials, and our recent analysis of cyberattacks targeting Ukraine and the newly identified HermeticWiper during Q1.

The findings of this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events each day observed in live production environments around the world.

The findings in this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events observed in live production environments around the world.

This report primarily analyzes threat data from millions for Fortinet devices across the internet.

The Fortinet Threat Landscape Report Q2 2018 features a healthy dose of international intrigue, major disruptions, global infections, innovative malware, clever heists, and more.

The Fortinet Threat Landscape Index (TLI) was developed to provide an ongoing barometer of overall malicious activity across the internet. The TLI is based on the premise that the cyber landscape gets more threatening as more of our sensors detect a wider variety of threats at a higher volume.

As ransomware operators were attacking state and municipal networks alongside hospitals and schools, a global pandemic response to COVID-19 necessitated a move to remote work for a significant portion of the economy. Many security teams were forced to suspend wide-ranging analyses around the adoption of remote work policies and instead focus on a supply chair attack from a trusted platform.

M-Trends provides an inside look at the evolving cyber threat landscape directly from global incident response investigations and threat intelligence analysis of high-impact attacks and remediations around the globe.

The threat intelligence, trends and details presented in the 2021 Webroot BrightCloud Threat Report are based on data continuously and automatically captured by the Webroot Platform, which is the proprietary machine learning-based architecture that powers all of our Webroot protection and BrightCloud services.

Cybercriminals have always been opportunists, and the 2020 COVID-19 pandemic offered more proof of this than perhaps any other event before it.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vendors.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During September and October 2021, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.