In our report, we investigate the cyberthreats that have been launched on the automotive industry in 2021 and 2022. We dig into the most prominent attacks, point out high-risk areas that could be targeted in the future, and give our security recommendations and predictions for 2023.

For the 2020 Duo Trusted Access Report, our data shows that more organizations across all industries are enabling their workforces to work from home now, and potentially for an extended period of time. They’re also implementing the appropriate security controls to ensure secure access to applications. In this report, we’ll look at how companies are currently securing remote work and what makes a solid and secure remote access strategy.

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. This report also reveals that five of the top ten ATT&CK techniques observed are categorized under the TA005 Defense Evasion tactic.

From Q2 to Q3 2021, ransomware gained increasing attention. In Q3 2021, threat actors also continued mass exploitation of vulnerabilities in systems, including those in Microsoft Exchange.

This report is an in-depth analysis of tens of thousands of threats detected across our customers’ environments, this research arms security leaders and their teams with a unique understanding of the threats they’re facing.

This report is based on in-depth analysis of roughly 20,000 confirmed threats detected across our customers’ environments, this research arms security leaders and their teams with actionable insights into the malicious activity and techniques we observe most frequently.

This report looks at the entire history of active applications, not just the activity associated with the application over one year. By doing so, we can view the full life cycle of applications, which results in more accurate metrics and observations. Aside from looking at the past, this report also imagines the future by considering practices that might help improve application security.

This annual report looks at changes in internet of things security.

This article offers a glimpse into the inner workings of the Interplanetary Storm botnet, provides an exhaustive technical analysis of the Golang-written binaries along with an overview of the protocol internals and finally, some attribution information.

This is a report based on a 2020 survey of remote workers. It emphasizes the disconnect between the company and the worker associated with remote work.

An extension of the Prioritization to Prediction series, this report uses a sample of over 40 manufacturing sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 30 healthcare sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 100 finance sector firms to better understand the means and metrics of vulnerability management with the sector.

An extension of the Prioritization to Prediction series, this report uses a sample of approximately 70 technology services to better understand the means and metrics of vulnerability management with the sector.

The 2020 OSSRA includes insights and recommendations to help security, risk, legal, and development teams better understand the open source security and license risk landscape.

A deep dive into the state of deploying the latest TLS version (v1.2) and the use of this signal for correlating with broader public-facing risk surfaces and characteristics of firms.

A survey of 166 US health information security professionals. Discusses the prevalence of significant security events (primarily e-mail based), positive advances in healthcare security, the threat of complacency when managing programs, and area where there are control gaps.

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

Covers the long tail of vulnerability patching, whereby vulnerabilities that are not fixed soon after detection can linger for months or more before being addressed. Makes the case for better prioritization mechanisms.

A look at the unique threat and risk landscape of the manufacturing industry. Discussing the challenges brought about by Industry 4.0, and recommends measures and best practices for securely reaping the benefits of connected production. We also reiterate that securing the manufacturing industry requires regular risk assessments and a resilient cybersecurity framework that is able to detect, respond to, and protect against a variety of security holes.

We built our 2020 Threat Insights Report on this foundation, to help guide you in protecting against what’s to come. Because moving forward, the right combination of protections is not a difference between one cybersecurity solution or another; it’s the difference between being protected against tomorrow’s threats or becoming their prey.