Iranian cyber espionage against human rights activists, academic researchers and media outlets -and the HBO hacker connection

This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims. We name this technique “tainted leaks.” The report illustrates how the twin strategies of phishing and tainted leaks are sometimes used in combination to infiltrate civil society targets, and to seed mistrust and disinformation. It also illustrates how domestic considerations, specifically concerns about regime security, can motivate espionage operations, particularly those targeting civil society.

This report describes Nile Phish, an ongoing and extensive phishing campaign against Egyptian civil society.

This report reveals a campaign of reconnaissance, phishing, and malware operations that use content and domains made to mimic Chinese language news websites

IBM analysts recently unveiled a first look at how threat actors may have placed Shamoon2 malware on systems in Saudi Arabia. While researching elements in the IBM report, ASERT discovered additional malicious domains, IP addresses, and artifacts that matched preciously disclosed elements of Shamoon2.

This report provides a detailed analysis of survey data that was gathered to provide research findings on best practices and impact.

“To take a look at the cybersecurity health of financial institutions, this September, SecurityScorecard analyzed 2,924 financial institutions in the SecurityScorecard platform to find existing vulnerabilities within banks, investment firms, and other financial firms to determine the cybersecurity performance of the financial sector, especially as compared to other industries. Our team also analyzed the cybersecurity posture of the Top 20 highest performing FDIC-insured banks to understand what security factors pose risks to these financial institutions.”

Since June 2016, the Global Cyber Alliance (GCA) has been working to accelerate adoption of DMARC, an email security standard, by providing a set of easy-to-use tools and campaigns to drive deployment. This paper investigates and measures the economic benefit from that work. Having reviewed the available data, we have chosen to focus on Business Email Compromise (BEC) because it is a rapidly growing issue, with high direct losses, and relevant data is available for analysis from multiple sources. We derive a conservative minimum bar estimate for the loss avoidance tied to GCA’s initiatives and discuss the potential scale of other benefits gained from DMARC.

This is an annual report that discusses the latest malware and hacking trends in compromised websites.

Verizon’s annual report on data breaches in 2018

This report provides a comprehensive list of all the data breaches that have occurred in the spring of 2018.

Given that the most important information resides in databases, organizations are increasingly turning their focus toward databases security technologies. To defend databases from attackers using stolen credentials, the industry is beginning to adopt a new security paradigm based on machine learning and behavior analysis. This white paper discusses that paradigm shift and the issues that go along with it.

This report was produced with a goal of raising awareness and educating senior decision makers about the cybersecurity issues facing the healthcare industry.

This report is the second release of the Dtex Insider Threat Intelligence Report – an initiative started in 2015 to track, analyze, and share the impact of human behavior on enterprises of all sizes and industries.

This blog post takes a look at Metamorfo and how it is impacting Brazilian users, specifically, to install banking trojans.

This is the 22nd edition of the Microsoft Security Intelligence Report. In this report, they have organized data sets into two categories, cloud and endpoint. They are sharing data about a shorter time period, one quarter.

This report is the results of a survey conducted among security professionals to analyze their experiences with phishing.

The Qadars Banking Trojan has been observed globally targeting well-known banks since 2013. The research in this white paper provides a detailed analysis of the banking trojan, discussing the obfuscation techniques, domain generation algorithm (DGA), communication protocols and data formatting, and social engineering techniques employed by the trojan.

This report discusses the idea that there needs to be a paradigm shift in the approach to cybersecurity. It posits that the shift should occur by studing human behavior and interaction with data.

This report discusess malware attacks and data from the year 2016 and makes predictions for 2017.

Root9B’s Vice President of Threat Intelligence, Keith Smith, sat down to highlight the threat of tax related scams using compromised business email accounts. He also offers some proactive steps your business can take to prevent security breaches and protect sensitive information during this year’s tax season.