This paper discusses the issues that are caused by, “technology innovation and spearheaded by a generation that expects a seamless customer experience, the financial services landscape is undergoing fundamental change, which will no doubt influence the industry’s future cyber security considerations.”

Discover why the entertainment and media industries are valuable targets for APT groups and hacktivists seeking influence.

There is currently very little published research discussing the cybersecurity threats against ITS. In this paper, we first explored real-world ITS cyberattacks and their impact. As cyberattacks and attackers go hand-in-hand, we discussed the most likely perpetrators and their goals and motivations for attacking ITS. We then applied our knowledge of current cyberattacks to develop and analyze future cyberattack scenarios against ITS and Smart Roads.

From the report, “This research provides a comprehensive and objective review of 2015 cyber-attacks from both a business and a technical perspective. It offers best practice advice for organizations to consider when planning for cyber-attack protection in 2016."

This monthly threat report takes a look at the month of December 2017. Specifically, it looks at insights into Coinhive, intellectual property theft via Iranian hackers, and North Korea’s new cyberattack tools.

This report takes a look at a threat that specifically attacks Android users.

This “Just in Time” research is in response to recent discussions on the EDUCAUSE Higher Education Information Security Council (HEISC) discussion list about data breaches in higher education. Using data from the Privacy Rights Clearinghouse, this research analyzes data breaches attributed to higher education. The results from this review will be used to inform EDUCAUSE research, programs, products, and services.

How do you ensure secure and compliant access to cloud services without losing the agility and cost benefits that these services provide? This report gives you an overview of the market for Cloud Access Security Brokers and a compass to help you to find the product that you need.

In this quarterly threats report, they highlight three Key Topics: They broadly examine evasion techniques and how malware authors use them to accomplish their goals. They explore the very interesting topic of steganography in the digital world. They examine Fareit, the most famous password-stealing malware.

This paper discusses what organizations fear and what security measures they are taking to mitigate risks. To find out, they commissioned independent research, surveying more than 600 mobility professionals. The results were eye-opening.

System designers have long struggled with the challenge of determining how to control when untrusted applica- tions may perform operations using privacy-sensitive sen- sors securely and effectively. Current systems request that users authorize such operations once (i.e., on install or first use), but malicious applications may abuse such authorizations to collect data stealthily using such sensors. Proposed research methods enable systems to infer the op- erations associated with user input events, but malicious applications may still trick users into allowing unexpected, stealthy operations. To prevent users from being tricked, we propose to bind applications’ operation requests to the associated user input events and how they were ob- tained explicitly, enabling users to authorize operations on privacy-sensitive sensors unambiguously and reuse such authorizations.

This is Rapid7’s Quarterly Threat Report. In this report they sought to make a less chaotic picture of the events of the 3rd quarter of 2017.

This report from May 2016 takes a look at a variety of threat events, and provides insight and solutions for those issues.

The Internet of Things is becoming and area of danger for security risks. This paper discusses the cyber security issues related to the internet of things, and discusses how people should be taking action to protect their devices.

This report provides data to help understand the need of helping employees understand PCI compliance in the retail industry.

This blog post takes a look at a specific Chinese threat that is impacting Engineering and Maritime corporations.

This is exclusive research into the cyber threat that is Scan4You. It discusses the history and current outcomes of this unique threat.

From the report, “We are pleased to present the findings of The State of Malware Detection & Prevention sponsored by Cyphort. The study reveals the difficulty in preventing and detecting malware and advanced threats. The IT function also seems to lack the information and intelligence necessary to update senior executives on cybersecurity risks.”

This Threat Report takes a look at some of the events of late 2017. Specifically, it looks at self-propagating malware, a specific Microsoft Office vuln, and multiple espionage campaigns that target energy utility companies.

This report continues Fortinet’s excellent threat report. It discusses operational technology, Zero-day markets, malware, cryptojacking, the hacking event at the winter olympics, the rise of botnets, and Adromeda. Read On!

Advice in this report ranges from the tactical to the strategic. Recognize the importance of solutions that can provide specific benefits yet work as part of a unified security posture. They claim that their security recommendations will provide actionable information and guidance, while taking into account the need for organizations to grow and innovate at the same time.