The industrial cyber threat landscape is constantly changing with new adversaries, vulnerabilities, and attacks that put operations and safety at risk. The 6th annual Dragos Year in Review summarizes what you need to know about your threats and benchmark your OT cybersecurity posture.

This report, based on VMware’s experience with a diverse customer base, offers a comprehensive look at Linux-based malware threats to multi-cloud environments. It highlights the unique characteristics of this class of threats and provides guidance on how combining endpoint detection and response (EDR) and network detection and response (NDR) solutions can help organizations stay ahead of the threats Linux-based malware poses.

The following report provides a detailed look into the incidents that led to claims from our policyholders over the second half of 2021. In addition to the data, we share a thoughtful analysis of the current trends and predictions for 2022.

The analysis in this report was conducted by the PwC Threat Intelligence practice, which is distributed across Australia, Italy, Germany, Netherlands, Sweden, United Kingdom, and the United States. It is based on our in-house intelligence datasets on cyberattacks and targeting from a wide variety of threat actors, intelligence gleaned from PwC’s incident response engagements around the world, and our managed threat hunting services, as well as publicly available information.

Our annual cybersecurity report sheds light on the major security concerns that surfaced and prevailed in 2022. We also discuss how cybercriminals, specifically ransomware actors, are taking their cue from legitimate organizations when it comes to diversifying their portfolios and rebranding their image, and the top vulnerabilities that malicious actors have abused last year.

In the 2023 Unit 42 Ransomware Threat Report explores recent incident response cases, as well as our threat intelligence analysts’ assessment of the larger threat landscape. It also offers predictions for how we believe threat actors will use ransomware and extortion tactics going forward. As of late 2022, threat actors engaged in data theft in about 70% of cases on average, Compare this to mid-2021, and we saw data theft in only about 40$ of cases on average. Threat actors often threaten to leak stolen data on dark web leak sites, which are increasingly a key component of their efforts to extort organizations.

Everstream’s proprietary risk scoring model incorporates historic, present, and future risk across more than 20 major categories. Using human and artificial intelligence, we predict overall risk exposure, probability, severity, and relevance for our individual clients and end users. Every day Everstream identifies relevant events that help our clients avoid disruption, including these from 2022.

The focus on resilience is changing the role of security leaders in their organizations. These discussions vary based on many factors, most notably the maturity level of the organization. Long-established legacy orgs have a harder time adopting a new approach, be it A-driven automation, a zero trust framework or DevSecOps practices, while fresh-face startups may have never done it any other way.

Unit 221B assessed Deep Instinct’s claims that their Endpoint Protection Platform (EPP) product can automatically prevent unknown threats by using deep learning to identify patterns indicative of malicious behavior prior to execution on the endpoint.

This report represents Deep Instinct’s current view of the threat landscape and trends seen between the period January – June 2021 and provides concrete data to verify the credibility of these developments. The information was sourced from our repositories which are routinely analyzed as we continuously protect our customers from unending and varied attacks.

This report provides insights into the causes and impacts of those stresses and also lays out some practical solutions that forward-looking organizations can adopt in to improve their security postures and cyber readiness.

This report represents Deep Instinct’s current view of the threat landscape and trends seen between the period January - September 2022 and where possible provides concrete data to verify the credibility of these developments. The information was sourced from our repositories which are routinely analyzed as we protect our customers from incessant and ever evolving attacks on an ongoing basis.

In our Underground Threat Activity report, you will find detailed analyses of cyberforum activities that we have observed over the past year, from emerging trends and cybercrime statistics to TTPs employed by TAs across several industries. You can also find our recommendations to mitigate the impact of these attacks, as well as our predictions from the evolution of the threat landscape and emerging threats that we may see in the future.

In this report, we have examined the existing gaps in MITRE repositories and how they inhibit security teams from understanding their true threat context. We also introduce Securin’s Vulnerability Risk Score (VRS), an vulnerability ranking system that can help organizations prioritize vulnerabilities based on their risk factors, threat associations, exploitability, and criticality.

Our goal with this report is to help demystify the ransomware ecosystem by exploring the key players involved, as well as the techniques and tactics utilized by ransomware operations and their affiliates to infiltrate organizations and distribute ransomware payloads. We also provide a list of the most common vulnerabilities likely to be exploited as part as a ransomware attack, to help security practitioners prioritize remediation.

The 2023 SonicWall Cyber Threat Report provides critical insights and actionable intelligence needed to safeguard your organization from new and emerging cyber threats. The bi-annual report includes key threat intelligence, trend analysis and changes in cybercriminal tactics - al in one in-depth resource.

This research paper is a joint effort between Trend Micro and Waratah Analytics, a data-modeling, risk-analysis, and exposure management services provider. It analyzes the modern ransomware ecosystem using data-science approaches and leverages information collected from network-based and host-based telemetry, underground forums, bitcoin and financial transactions, and chat logs - together with a deep analysis of criminal business processes - to find trends, new developments, and choke points in the ransomware ecosystem.

As 2021 progressed through its second quarter and into the third, cyber criminals introduced new - and updated - threats and tactics in campaigns targeting prominent sectors. Ransomware campaigns maintained their prevalence while evolving their business models to extract valuable data and millions in ransoms from enterprises big and small. REvil/Sodinokibi topped our list of ransomware detection in Q2 of 2021.

As we look ahead in this new year, we must acknowledge a threatscape that left us all exhausted from a particularly challenging end to 2021. In our new company’s first threat report, we acknowledge the issue that dominated not only headlines, but the focus of defenders and enterprise security teams. We also look back at the third and fourth quarters of 2021, but let’s first detail our weather of resources available to help you combat Log4j.

In this report, we share our industry-leading lineup of which threat actors, families, campaigns, and favorite techniques were prevalent during the last quarter. But there’s more. We’ve also expanded our sources to glean data from ransomware leak sites, and security industry reports. And as Trellix resources grow, so do the categories of threat research including new content covering Network Security, Cloud Incidents, Endpoint Incidents, and Security Operations.

In the third quarter of 2022, Trellix delivered a new, powerful resource to support the future of extended detection and response (XDR) and cybersecurity. The first Threat Report presented by the Trellix Advanced Research Center, showcases the rapid research and real-time intelligence resources with notable data and findings from Q3 2022 including: Increased threats to Transportations and Shipping sectors, Increased threats to Germany and The proliferation of old CVEs from 2016, 2017, 2018 - as the most commonly exploited in 2022.