Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Operating System

Below you will find reports with the tag of “Operating System”

image from The Red Report 2025

The Red Report 2025

The Red Report 2025 focuses on the top ten most frequently observed MITRE ATT&CK techniques, presenting a roadmap for organizations to use to understand and prioritize their defenses. From process injection and credential theft to impairing defenses and data exfiltration over encrypted channels, these techniques represent the core strategies employed by todayʼs attackers to achieve their objectives.

(more available)
Added: February 12, 2025
image from 2023 Microsoft Vulnerabilities Report

2023 Microsoft Vulnerabilities Report

This 10-year anniversary edition of the report dissects the 2022 Microsoft vulnerabilities data and highlights some of the key shifts since the inaugural report. This report will spotlight some of the most significant CVEs of 2022, break down how they are leveraged by attackers, and explain how they can be prevented or mitigated. The way Microsoft classifies the severity rating for a vulnerability is distinct from the likelihood of exploitation.

(more available)
Added: October 15, 2024
image from 2022 Microsoft Vulnerabilities Report

2022 Microsoft Vulnerabilities Report

The report has delivered a holistic annual view of the vulnerabilities within Microsoft’s platforms and products, and has established an undeniable business case for the importance of removing admin rights to reduce risk. In this report, we will examine how these vulnerability trends, along with cloud security adoption, collectively influence how we should think about cybersecurity and risk management in 2022 and beyond.

(more available)
Added: October 15, 2024
image from Microsoft Vulnerabilities Report 2021

Microsoft Vulnerabilities Report 2021

In its 8th year, the Microsoft Vulnerabilities Report has proven to be a valuable asset for many organizations who wish to gain a holistic understanding of the evolving threat landscape. The report provides a 12-month, consolidated view and analysis of Microsoft Patch Tuesdays, as well as exclusive insights from some of the world’s top cybersecurity experts. This analysis not only reveals evolving vulnerability trends, but also identifies the Critical vulnerabilities that could be mitigated if admin rights were removed.

(more available)
Added: October 15, 2024
image from The 2024 Duo Trusted Access Report

The 2024 Duo Trusted Access Report

In this report, we’ll delve into insights drawn from an analysis of over 16 billion authentications in the last year (and over 44B in the last 4 years), spanning nearly 52 million different browsers, on 58 million endpoints and 21 million unique phones across regions. Authenticator apps like Duo mobile appeal to both demand for higher security and ease-of-use. Last year, access to remote access applications fell to nearly 25% of authentications after peaking in 2020.

(more available)
Added: September 30, 2024
image from GreyNoise 2022 Mass Exploitation Report

GreyNoise 2022 Mass Exploitation Report

That is the purpose of this report is to show you the hours saved, the data aggregated, and the research methodologies laid bare. you’ll find several sections covering some of the bigger mass exploitations of 2022, also known as celebrity vulnerabilities.

(more available)
Added: June 5, 2024
image from runZero Research Report Vol. 1 May 2024

runZero Research Report Vol. 1 May 2024

In this report we share runZero’s observations from our unique perspective as an applied security research team. Our goal is to provide insight into how the security landscape is changing, and recommendations on what you can do to get ahead of these changes.

(more available)
Added: May 14, 2024
image from H2 2022 State of the Cybersecurity Attack Surface

H2 2022 State of the Cybersecurity Attack Surface

The report stated that “Equifax lacked a comprehensive IT asset inventory, meaning it lacked a complete understanding of the assets it owned. This made it difficult, if not impossible, for Equifax to know if vulnerabilities existed on its networks. If a vulnerability cannot be found, it cannot be patched.” The Equifax case is one example of an existential and underreported cybersecurity issue: the vast majority of organizations do not have comprehensive visibility of every asset they need to secure.

(more available)
Added: April 6, 2024
image from A Year in Review of Zero-Days Exploited In-the-Wild in 2023

A Year in Review of Zero-Days Exploited In-the-Wild in 2023

This report presents a combined look at what Google knows about zero-day exploitation, bringing together analysis from TAG and Mandiant holistically for the first time. The goal of this report is not to detail each individual exploit or exploitation incident, but look for trends, gaps, lessons learned, and successes across the year as a whole. As always, research in this space is dynamic and the numbers may adjust due to the ongoing discovery of past incidents through digital forensic investigations.

(more available)
Added: April 6, 2024
image from Picus Red Report 2024

Picus Red Report 2024

Marking its fourth year of publication, the Red Report 2024 provides a critical dive into the evolving threat landscape, presenting a detailed analysis of adversaries’ most prevalent tactics, techniques, and procedures (TTPs) used throughout the past year. Conducted by Picus Labs, this annual study examines over 600,000 malware samples and assesses more than 7 million instances of MITRE ATT&CK techniques. It gives security teams invaluable insights into the techniques that pose the most critical cyber risk to organizations.

(more available)
Added: February 14, 2024
image from 2023 Elastic Global Threat Report

2023 Elastic Global Threat Report

The 2023 Elastic Global Threat Report is a summary of more than a billion data points distilled down to a small number of distinct categories. We describe the tools, tactics, and procedures of threats from the perspective of endpoints and cloud infrastructure — the most common enterprise attack surfaces — so readers with varying priorities can determine the best course of action to take next.

(more available)
Added: October 19, 2023
image from The State of Cyber Assets Report 2023

The State of Cyber Assets Report 2023

In the 2023 State of Cyber Assets Report (SCAR), we analyzed over 291 million cyber assets and attributes across organizations of all sizes. These findings will help you to understand how security teams discover cyber assets, understand asset relationships, and secure their attack surfaces.

(more available)
Added: June 19, 2023
image from Identify and Mitigate Risks of Privilege Escalation on Windows and Linux Endpoints

Identify and Mitigate Risks of Privilege Escalation on Windows and Linux Endpoints

In this white paper, you’ll learn how to combat unwanted privilege escalation by reverse engineering the tactics that cybercriminals use. By seeing the world through the eyes of a hacker you’ll be able to identity the red flags of privileged-account attacks. And, you’ll know which techniques and tools to use to mitigate them.

(more available)
Added: June 6, 2023
image from 2023 Enterprise Bot Fraud Benchmark Report

2023 Enterprise Bot Fraud Benchmark Report

The annual HUMAN Enterprise Bot Fraud Benchmark Report provides insights into automated attack trends across enterprise use cases, including account takeover, brute forcing, carding, credential stuffing, inventory hoarding, scalping, and web scraping.

(more available)
Added: May 8, 2023
image from Technical Threat Report 2021

Technical Threat Report 2021

This report, based on VMware’s experience with a diverse customer base, offers a comprehensive look at Linux-based malware threats to multi-cloud environments. It highlights the unique characteristics of this class of threats and provides guidance on how combining endpoint detection and response (EDR) and network detection and response (NDR) solutions can help organizations stay ahead of the threats Linux-based malware poses.

(more available)
Added: May 4, 2023
image from Getting cloud initiatives right in 2023

Getting cloud initiatives right in 2023

As digital transformation and workload migration continue at a higher pace than ever, cloud technologies are also rapidly growing in importance. Executive teams are focused on modernisation to meet the new expectations of users and customers while also being positioned to take advantage of new commercial opportunities. Now is the time to ensure your ITAM is well aligned to help these initiatives succeed.

(more available)
Added: April 25, 2023
image from 2022 Annual Cybersecurity Report

2022 Annual Cybersecurity Report

Our annual cybersecurity report sheds light on the major security concerns that surfaced and prevailed in 2022. We also discuss how cybercriminals, specifically ransomware actors, are taking their cue from legitimate organizations when it comes to diversifying their portfolios and rebranding their image, and the top vulnerabilities that malicious actors have abused last year.

(more available)
Added: April 3, 2023
image from Global Threat Intelligence Report

Global Threat Intelligence Report

The mission of this report is to provide actionable intelligence on targeted attacks, cybercrime-motivated threat actors, and campaigns targeting organizations like yours so that you can make well-informed decisions and take prompt effective actions.

(more available)
Added: March 7, 2023
image from The Evolving CVE Landscape

The Evolving CVE Landscape

In this report, sponsored by F5 Labs, we take a step back and examine the universe of vulnerabilities (defined by the CVE) and how it’s changed in the last 20 years. As you will see, we will find some surprising things along the way.

(more available)
Added: March 1, 2023
image from The Red Report 2023

The Red Report 2023

The goal of this report is to share our knowledge about the most commonly used attack techniques and their use cases, so that security teams can adopt a more threat- centric approach and prioritize threat prevention, detection, and response efforts.

(more available)
Added: February 27, 2023
image from Rise in Mobile Phishing Credential Theft Targeting U.S. Public Sector

Rise in Mobile Phishing Credential Theft Targeting U.S. Public Sector

To understand the challenges facing U.S. government agencies, Lookout analyzed data specific to our federal, state and local customers from the Lookout Security Graph. The graph, which includes telemetry and more than 175 million apps, enabled us to identify and break down the most prominent mobile threats agencies face. For this report we specifically reviewed data from 2021 and the first half of 2022.

(more available)
Added: January 11, 2023
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 9, 2025 00:09 UTC (build b1d7be4)