This year’s Internet Crime Report highlights the IC3’s efforts to monitor trending scams such as Business Email Compromise (BEC), Ransomware, Elder Fraud, and Tech Support Fraud. As the report indicates, in 2019, IC3 received a total of 467,361 complaints with reported losses exceeding $3.5 billion. The most prevalent crime types reported were Phishing/Vishing/Smishing/Pharming, Non-Payment/Non-Delivery, Extortion, and Personal Data Breach. The top three crime types with the highest reported losses were BEC, Confidence/Romance Fraud, and Spoofing. More details on each of these scams can be found in this report.

A focused subset of Cisco’s 2018 full Cyber Security Report, focusing on cloud security practices.

X-Force Incident Response and Intelligence Services (IRIS) compiled IBM Security software and security services analyses from the past year, which show that 2019 was a year of reemerging old threats being used in new ways.

A long form narrative on several threat trends seen in recent months.

2020 edition of the Unit 42 Cloud Threat Report, ourteam of elite cloud threat researchers focused theirattention on the practices of DevOps. The research aimedto uncover where cloud vulnerabilities are surfacing.DevOps teams are shortening the time to productionusing infrastructure as code (IaC) templates. But the IaCtemplates themselves are not the issue. It’s the flawedprocess by which they are being created.

A survey-based report with findings in four major areas: current security posture, perceptions and concerns, current and future investments, and practices and strategies.

This report covers: the security practices for each of the two different core projects, both Angular and React, the state of security of each of the two different module ecosystems, based on an in-depth look at the vulnerabilities contained in each of the ecosystems, the security practices for other common JavaScript frontend framework alternatives such as Vue.js, Bootstrap and jQuery, and the significant security differences between the different alternatives, and particularly between Angular and React

In this special CTNT report on healthcare, wefocus on the top threat categories and familiesthat plagued the medical industry over the lastyear, as well as the most common attack methodsused by cybercriminals to penetrate healthcaredefenses. In addition, we highlight the securitychallenges inherent to organizations, from smallprivate practices to enterprise health maintenanceorganizations (HMOs), as well as the reasons whyhackers look to infiltrate their defenses. Finally,we look ahead to future biotech innovations andthe need to consider security in their design andimplementation.

The Herjavec Group goes over changes to Cybersecurity in 2019, looking at the cyber attack surface, cybersecurity spending, and ransomware rising.

Sonicwall outlines the changes in the threat landscape in 2020 for companies to utilize.

A report by DZone showing trends in the changing AppSec industry.

Most blogs or papers about crypto-ransomware typically focus on the threat’s delivery, encryption algorithms and communication, with associated indicators of compromise (IOCs). This research paper takes a different approach: an analysis of the file system activity or behaviors of prominent crypto-ransomware families (hereafter, simply called ransomware).

A survey of over 250 security professionals on security operations center (SOC) practices and how those practices relate to outcomes.

The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) is a global survey of IT business decision makers, which is now in its ninth year. A total of 4,958 interviews were conducted across 23 countries. Respondents were asked about the state of IT security within their organizations, the types of threats they face and the costs they have to deal with when recovering from attacks. The regions covered consist of LATAM (Latin America), Europe, North America, APAC (Asia-Pacific with China), Japan, Russia and META (Middle East, Turkey and Africa).

This report explores the results of the 2019 (ISC)² Cybersecurity Workforce Study, providing details on the cybersecurity workforce and gap estimates, taking a closer look at cybersecurity professionals and their teams, reviewing key steps on the cybersecurity career path, and discussing insights into immediate and longer-term methods for building qualified and resilient cybersecurity teams now and in the future.

Using data from the Verizon DBIR and other sources, this report reviews the value of DNS in overall organizational security.

An analysis of threat actors and key action patterns based upon CrowdStrike’s threat hunting human analyst team over the first half of 2019.

This publication from Fortinet looks at how the threat landscape has changed in the third quarter of 2018 by doing data-driven analysis with some noteworthy events pulled from Q3 2018 headlines.

This is a quarterly publication from Fortinet that looks at how the threat landscape has changed in the first quarter of 2019.

This is quarterly publication from Fortinet that looks in the current cyber security threats from April 1 to July 1.

The VIPR report (Verizon Incident Preparedness and Response Report) outlines preparations and responses to data breaches. This includes 6 phases, planning and preparation, detection and validation, containment and eradication, collection and analysis, remediation and recovery, and assessment and adjustment.