From the Report, “This paper is based on our own research, in which we discovered critical cybersecurity issues in several robots from multiple vendors. While we assist the vendors in addressing the cybersecurity vulnerabilities identified, we want to describe the currently available technology, some of the threats posed by a compromised robot, and the types of cybersecurity issues we discovered. The goal is to make robots more secure and prevent vulnerabilities from being used maliciously by attackers to cause serious harm to businesses, consumers, and their surroundings.”

The purpose of this research is to provide a comprehensive description of the technical details and approach IOActive used to discover vulnerabilities affecting widely deployed radiation monitoring devices. Our work involved software and firmware reverse engineering, RF analysis, and hardware hacking.

This report offers insight into the impact of AI from both the attackers, and the cybersecurity warriors.

From the report, “Welcome to the Monthly Threat Roundup report for Sept 2017. At Paladion CTAC we continuously track emerging threats and vulnerabilities and provide you timely actionable intelligence to stay safe. We provide threat related IOC for auto-download that can be directly integrated with your security devices. We also provide advisories on how to prevent, detect and respond to latest attacker techniques. This report summarizes the key observations and analysis done by the CTAC team. It also includes insights and analysis related to global threats and incidents of the past month. "

From the report, “Welcome to Paladion’s Monthly Threat Report for October 2017. At Paladion CTAC we continuously track emerging threats and vulnerabilities to bring you timely, actionable threat intelligence. We provide this intelligence in machine-readable format from our Threat Intelligence Feeds, which can be directly integrated with your security devices. We also provide advisories on how you can prevent, detect, and respond to the latest threats as they happen. This report summarises the key findings of the stated month. It also contains insights related to threats and incidents that we have analysed.”

Welcome to the Monthly Threat Roundup report for November 2017. At Paladion CTAC we continuously track the emerging threats and vulnerabilities and provide you timely actionable intelligence to stay safe. We provide machine-readable intelligence in the form of IOCs, which can be directly integrated with your security devices. We also provide advisories on how you can prevent, detect and respond to latest attacker techniques. This report summarises the key findings of the stated month. It also contains insights related to threats and incidents that we have analysed.

This third edition of the Hacker’s Playbook Findings Report continues in the tradition of reporting enterprise security trends from the point of view of an attacker. The findings represent anonymized data from many millions of SafeBreach breach methods executed within real production environments. This edition includes existing Hacker’s Playbook Findings Report data and new data from deployments between January 2017 and November 2017, with a combination of over 3,400 total breach methods and almost 11.5 million simulations completed. This report reflects which attacks are blocked, which are successful, and key trends and findings based on actual security controller effectiveness.

From the Report, “This issue of the Rapid7 Quarterly Threat Report takes a deep dive into the threat landscape for 2018 Q4 and looks more broadly at 2018 as a whole. We provide an assessment of threat events by organization size and industry, and examine threat incident patterns identified through guidance from security specialists. We also further explore inbound activity to our honeypot network to identify trends and patterns that reveal rising new threats, such as Android Debug Bridge (ADB) activity, the persistence of old threats such as EternalBlue, and the vulnerability posed by non-novel credentials as revealed to publicly exposed systems. The report concludes with five steps you can take to bolster your organization’s security posture in 2019 and beyond, based on our findings.”

This year, NopSec predicts that the biggest cyber threats will be massive data breaches, ransomware, opportunistic crypto-mining attacks and IoT hacking.

It’s been another headline-grabbing 12 months for cybersecurity. There were many large and damaging compromises affecting retailers, airlines and credit rating companies, to name just a few. Thousands of organizations weren’t prepared and had sensitive data stolen, suffered downtime of key systems or were affected in some other way. Are you ready?

This issue of the Rapid7 Quarterly Threat Report takes a deep dive into the threat landscape for 2018 Q4 and looks more broadly at 2018 as a whole. We provide an assessment of threat events by organization size and industry, and examine threat incident patterns identified through guidance from security specialists. We also further explore inbound activity to our honeypot network to identify trends and patterns that reveal rising new threats, such as Android Debug Bridge (ADB) activity, the persistence of old threats such as EternalBlue, and the vulnerability posed by non-novel credentials as revealed to publicly exposed systems. The report concludes with five steps you can take to bolster your organization’s security posture in 2019 and beyond, based on our findings.

This year’s Global Threat Report: “Adversary Tradecraft and the Importance of Speed,” addresses the quickening pace and increasing sophistication in adversary tactics, techniques and procedures (TTPs) over the past year — and in particular, highlights the critical importance of speed in staying ahead of rapidly evolving threats.

This report reveals findings around the cybersecurity landscape. To inform this report they surveyed ,3,200 security leaders asking questions in three categories, Set Up - how do you set yourself up for success, Architecture - what is your approach to vender/solution selection, and finally Breach Readiness and Response.

From The Report, “What you’re reading are insights culled from a year of security data analysis and hands-on lessons learned. Data analyzed includes the 6.5 trillion threat signals that go through the Microsoft cloud every day and the research and realworld experiences from our thousands of security researchers and responders around the world. In 2018, attackers used a variety of dirty tricks, both new (coin mining) and old (phishing), in their ongoing quest to steal data and resources from customers and organizations. Hybrid attacks, like the Ursnif campaign, blended social and technical approaches. As defenders got smarter against ransomware, a loud and disruptive form of attack, criminals pivoted to the more “stealth”, but still profitable, coin-miners.”

This report examines emerging cyber security challenges and risks that businesses are facing as they embrace cloud services at an accelerating pace. The report provides leaders around the globe and across industries with important insights and recommendations for how they can ensure that cyber security is a critical business enabler. Cyber security leaders and practitioners can use this report to educate lines of business about the real security risks the cloud can present.

Ponemon Institute is pleased to present The Value of Threat Intelligence: Annual Study of North American and United Kingdom Companies, sponsored by Anomali. The purpose of this research is to examine trends in the benefits of threat intelligence and the challenges companies face when integrating threat intelligence with existing security platforms and technologies.

This annual report from Symantec offers insights into formjacking, cryptojacking, ransomware, supply chain attacks, targeted attacks, the cloud, IoT, and even discusses Election Interference. As always the facts and figures are intriguing. Read on!

From July 2017 through June 2018, Secureworks CTU researchers analyzed incident response outcomes and conducted original research to gain insight into threat activity and behavior across 4,400 companies. This report offers answers and insights from their key findings. Read on to learn more.

This brief but important report offers information into the events and data from the holiday shopping season of 2018.

From the report, “It should be another momentous year for mobile security, with cyber attacks growing rapidly in sophistication and distribution. This report will cover the key mobile security trends that emerged last year as well as summarize thoughts for the mobile threat landscape for the year ahead.”

The 2018 Internet Organised Crime Threat Assessment (IOCTA), has been and continues to be one of the flagship strategic products for Europol. It provides a unique law enforcement focused assessment of the emerging threats and key developments in the field of cybercrime over the last year.