Phishing attacks have become the primary hacking method used against organizations. In the past, there was a tendency to blame the user, but attacks have evolved to appear so genuine that even the most security-savvy recipient can be fooled. Phishing attacks have recently experienced newfound success with the proliferation of SaaS in the workplace. This paper discusses what a company can do to deal with this new reality.

This Quarterly report offers key takeaways from the second Quarter of 2016. Those takeaways come from Email, Exploit Kits, Web-Based Attacks, and Social Media and Domain Research.

This report focuses on software vulnerabilities, software vulnerability exploits, malware, and unwanted software. It is the hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users.

This paper is the presentation of data found through a survey administered in November and December of 2015.

This Threat report details some early 2018 threats like cryoticurrency mining, hardware vulns, and government sponsored cyber threats.

“2017 was a huge year for mobile security. Malicious actors returned with a vengeance and cyber attacks grew rapidly in sophistication. Ransomware outbreaks like WannaCry and Petya hit enterprises globally causing unparalleled disruption, new vulnerabilities like BlueBorne were discovered and malware variants grew more aggressive and prevalent by the day. This report will summarise the key mobile security trends that emerged in 2017, and summarise thoughts for the mobile threat landscape for the year ahead.”

This book takes a look at “whaling” scams. Or largescale phishing attacks. It offers some analysis and insight into how these scams can be avoided.

This is an annual report that discusses the latest malware and hacking trends in compromised websites.

In this report, they describe FIN10’s activities and tactics, techniques and procedures (TTPs), and provide a glimpse into how they execute their operations.

Aaron Higbee, Co-founder and CTO, PhishMe, (now CoFense) discusses the future of phishing defence and asks which side of the fence the future of defence against phishing attacks lies: human or machine?

This White Paper is a report regarding The Callisto Group. The Callisto Group is an advanced threat actor whose known targets include military personnel, government officials, think tanks, and journalists in Europe and the South Caucasus. Their primary interest appears to be gathering intelligence related to foreign and security policy in the Eastern Europe and South Caucasus regions.

“Enterprises rely on custom applications to perform business-critical functions. Any downtime could halt operations. Our survey found that while enterprises have confidence in the security of IaaS providers’ underlying infrastructure compared with their own datacenters, data in custom applications is exposed to a wide range of threats independent of the platform. That includes accounts compromised by third parties—via phishing or another method. There are a growing number of examples such as Code Spaces where attackers have held data ransom and in some cases permanently deleted enterprise data in these applications. This report summarizes the scale of custom applications deployed today, where they are deployed, how they are secured, and who is responsible for securing them.”

In this whitepaper, they explore the growing threat of ransomware and what you can do to keep your organization secure.

This paper discusses the new threat vector that has been created by bringing an enterprise into the mobile age.

Researchers built a number of scanning devices using Raspberry Pi minicomputers and, by taking them out to athletic events and busy public spaces, found that tracking of individuals was possible.

This monthly threat report takes a look at the month of September 2017. More specifically, it takes a look at VULNS, Apache Exploits, and the Equifax breach.

This paper seeks to provide guidance in understanding the best ways to train employees so that the don’t forget important information.

This short e-Book takes a look at the unique problems that are caused by mobile access in the cloud era.

This is a Quarterly Report that looks at Cyber security issues in New Zealand and around the world.

This Quarterly report offers key takeaways from the first Quarter of 2016. Those takeaways come from Email, Exploit Kits, Web-Based Attacks, and Social Media and Domain Research.

This report focuses on software vulnerabilities, software vulnerability exploits, malware, and unwanted software. It is the hope that readers find the data, insights, and guidance provided in this report useful in helping them protect their organizations, software, and users.