These reports provide data and insights on the attack we’re seeing, how to spot them, and the top ways you can protect your organization. These trends are based on incidents our security operations center (SOC) identifies through investigations into alerts, emails submissions, and threat hunting leads in the second quarter (Q2) of 2022. We analyzed incidents across our customer base, spanning organizations of various shapes, sizes, and industries, from April 1, 2022 to June 30, 2022.

This report will look at how ransomware caused gas shortages on the east coast, why a Justin Bieber tour might have put on the phone with a malware distributor, and what an increase in SMS phishing means for mobile security. We’ll also explore the evolving relationship between malware distributors and one of the world’s most successful ransomware gangs, and how legitimate cloud services now provide the infrastructure for a majority of malicious activity.

In this, our eighth annual State of the Phish report, we explore user vulnerabilities from multiple angles. We look at issues driven by poor cyber hygiene and those that could result from a lack of knowledge and clear communication. We discuss ways organizations can become more attuned to their risks. And we outline opportunities to build and sustain engaging security awareness training initiatives in the challenging climate.

The IBM Security X-Force Threat Intelligence Index maps new trends and attack patterns we observed and analyzed from our data - drawing from billions of datapoints ranging from network and endpoint detection devices, incident response (IR) engagements, domain name tracking and more. This report represents the culmination of that research based on data collected from January to December 2021.

In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan. In the course of our research, we were able to identify over a dozen of attacked organizations. An analysis of information obtained during our investigation indicates that cyberespionage was the goal of this series of attacks.

Evolving security threats, exponential data growth, increased complexity, and a continuing cybersecurity shill shortage has given rise to a new category of security solutions called Extended Detection and Response (XDR). Red Piranha and Cybersecurity Insiders conducted a comprehensive survey to reveal the latest XDR trends and challenges in managing XDR, what XDR might replace, and how organizations select security technologies and providers.

Weak passwords abound, and ATO is interrupting services critical to every aspect of online life: working, streaming, ordering, paying, and just plain connecting. Raising security awareness of this topic can certainly help; but the ATO threat will remain endemic until the problems inherent to password use are resolved.

Arctic Wolf’s 2022 Security Trends Report provides insight into the current and future state of these cybersecurity teams as they attempt to move their security programs forward while dealing with an ever-evolving threat environment. Our research findings show that ransomware, phishing and vulnerabilities don’t just monopolize headlines, they’re taking up security professionals’ headspace, too. Defending an increasing number of threats from attackers with far more resources feels like a lost cause too many businesses.

At Nuspire, we’re still witnessing threat actors using malicious files and cashing in on newly announced vulnerabilities. Threat actors are opportunistic for the most part and seek the easiest access for the least amount of effort. We explore these ideas and cover some of the most prevalent ways we’ve see threat actors attempt to breach the gates. After we dig into the data, we’ll provide you with actionable takeaways you can apply to your network to harden your defenses.

A recent Authentication Security Strategy survey by Enzoic and Redmond magazine revealed insights into the way that passwords are currently being used in various organizations, and what the future looks like regarding this ubiquitous authentication method.

This 2021 State of Phishing and Online Fraud Report highlights the key trends that drove digital scams using data gathered from analyzing more than one billion sites. A multitude of factors drove record growth in fraud campaign activity in 2020 with an increase of 185% from what was observed in 2019.

The findings of this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events each day observed in live production environments around the world.

The findings in this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events observed in live production environments around the world.

The threat intelligence, trends and details presented in the 2021 Webroot BrightCloud Threat Report are based on data continuously and automatically captured by the Webroot Platform, which is the proprietary machine learning-based architecture that powers all of our Webroot protection and BrightCloud services.

The Secureworks Counter Threat Unit (CTU) research team analyzes security threats and helps organizations protect their systems. During January and February 2021, CTU researchers observed notable developments in threat behaviors, the global threat landscape, and security trends, and identified lessons to consider.

This report is an in-depth analysis of tens of thousands of threats detected across our customers’ environments, this research arms security leaders and their teams with a unique understanding of the threats they’re facing.

This annual report offers important lessons and recommendations for security teams operating in today’s environment, where visibility and speed are more critical than ever.

This is the Claroty Biannual ICS Risk & Vulnerability Report: 2H 2021. This report brings important context to the unique discipline of ICS vulnerability research and managing that risk.

This report is Meta’s quarterly adversarial threat report that provides a broad view into the risks we see worldwide and across multiple policy violations.

This is the 2022 BrightCloud Threat Report.

A review of mobile device application security, based upon a combination of data from Zimperium’s product and suvey based results.