The latest Petya-like outbreak has gathered a lot of attention from the media. However, it should be noted that this was not an isolated incident: this is the latest in a series of similar attacks in Ukraine. This blogpost reveals many details about the Diskcoder.C (aka ExPetr, PetrWrap, Petya, or NotPetya) outbreak and related information about previously unpublished attacks.

Dragos, Inc. was notified by the Slovak anti-virus firm ESET of an ICS tailored malware on June 8th, 2017. The Dragos team was able to use this notification to find samples of the malware, identify new functionality and impact scenarios, and confirm that this was the malware employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation which resulted in electric grid operations impact. This report serves as an industry report to inform the electric sector and security community of the potential implications of this malware and the appropriate details to have a nuanced discussion.

Recommendations for securing and managing privileged credentials used by enterprise applications

This report seeks to provide answers to many questions related to the failures of endpoint security that are occuring even though there has been a shift in technology and strategy.

The goal of this book is to clarify the most frequently encountered concepts of inline security and be a resource as you develop your network security architecture. For each of the 20 terms included, they provide a simple definition, common use cases, and important considerations for deployment.

This eBook gives a detailed breakdown of the current state of the Kubernetes Ecosystem.

This article, edited in 2008, compiles a list of cyber crimes that impacted business in 2005.

This report takes a look at cyberbreach responses and gives guidance as to what might be the best way to respond to a cyberbreach.

To determine real-world costs posed by DDoS attacks in 2014, Incapsula commissioned a survey to gauge real organizations’ experiences with them. By compiling these statistics, they hoped to provide some perspective. Additionally, they wanted to underscore the importance of investing in a truly impenetrable mitigation solution.

This report contains observations from DDoS attack attempts in Q4 2016 and Q1 2017, as well as comparisons against previous quarters. The data represents the frequency and sophistication of DDoS attacks that organizations face today.

This book takes a look at “whaling” scams. Or largescale phishing attacks. It offers some analysis and insight into how these scams can be avoided.

This report takes a look at retail security. It discusses the challenges, and options available to help solve some of the problems involved in defending retail markets.

“Enterprises rely on custom applications to perform business-critical functions. Any downtime could halt operations. Our survey found that while enterprises have confidence in the security of IaaS providers’ underlying infrastructure compared with their own datacenters, data in custom applications is exposed to a wide range of threats independent of the platform. That includes accounts compromised by third parties—via phishing or another method. There are a growing number of examples such as Code Spaces where attackers have held data ransom and in some cases permanently deleted enterprise data in these applications. This report summarizes the scale of custom applications deployed today, where they are deployed, how they are secured, and who is responsible for securing them.”

This report takes a look at the DDoS threats that occurred in the fourth quarter of 2017.

Almost all (99%) surveyed ITDMs say that there is or was at least one driver for their organization moving to the cloud. But for all the exuberance surrounding cloud and SaaS, the majority (94 percent) of ITDMs interviewed have or have had at least one concern about their organization moving to the cloud, the most common being data privacy (61 percent).

There are many reasons to archive data. For too many organizations, “archiving” is immediately presumed to be a cumbersome, unattainable, legacy process that IT had previously deprioritized, while erroneously believing that a “backup copy” held for an extended period of time was a sufficient alternative. Every aspect of that presumption is incorrect—modern archiving is a critical and compelling aspect of nearly every IT organization’s forward-looking strategy.

This report examines the impact that cloud adoption, use of open source software, organizational practices (including outsourcing), and culture all have on software delivery performance.

In August 2017, Cyber adAPT partnered with research and smart data firm Aberdeen Group to conduct a threat detection survey. The results provide critical data and the ability to analyze a variety of detection technology questions and scenarios.

Distributed denial of service (DDoS) attacks continue to grow in frequency, sophistication and bandwidth. Due to a recent SANS survey, 378 security and network managers reveal that they are experiencing more frequent and sophisticated DDoS attacks These and other trends are discussed in the rest of this report.

This report contains the observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign. It represents a unique view into the attack trends unfolding online, including attack statistics and behavioral trends for Q4 2016.

This report offers a guide to understanding the importance of email archiving.