The Microsoft Vulnerabilities Report has garnered over 16,000 downloads and helped thousands of users leverage its detailed data analysis and expert findings to improve their cyber defenses. This year’s edition of the report not only dissects the 2023 Microsoft vulnerabilities data, but also assesses how these vulnerabilities are being leveraged in identity-based attacks. The report also spotlights some of the most significant CVEs of 2023, breaks down how they are leveraged by attackers, and explains how they can be mitigated.

In this report, we’ll delve into insights drawn from an analysis of over 16 billion authentications in the last year (and over 44B in the last 4 years), spanning nearly 52 million different browsers, on 58 million endpoints and 21 million unique phones across regions. Authenticator apps like Duo mobile appeal to both demand for higher security and ease-of-use. Last year, access to remote access applications fell to nearly 25% of authentications after peaking in 2020.

This is the sixth year in a row Tidelift has conducted a survey about open source and the third time it focused exclusively on the maintainers who create and maintain the open source projects we all depend on. The most cited stat from that previous survey was that 60% of maintainers described themselves as unpaid hobbyists. We asked the same question again this year to see if things had changed.

This report is based on the summary statistical analysis of over 10,000 cyber claims for incidents that occurred during the five-year period 2019–2023. We see enormous variances in the magnitude of loss data. The smallest claims were less than $1,000; the largest were over $500M. The numbers of records exposed ranged from 1 to over 140M.

This report focuses on the security of deployed AI models in cloud services and environments. Our research indicates that more than half of organizations have adopted AI models for custom applications. More than half of organizations are deploying their own AI models. Default AI settings are often accepted without regard for security.

Non-human identities (NHIs) such as bots, API keys, service accounts, OAuth tokens, and secrets are indispensable for automating tasks, enhancing efficiency, and driving innovation within organizations. The survey provides insights into their opinions about their current NHI security, the obstacles they’re facing, and the strategies and tools they’re using. The aim is to shed light on the current state of NHI security and identify areas for improvement.

This report presents the main findings with respect to the current state of CISOs. This duality became evident during our recent discussions with about 100 prominent CISOs from across the U.S. and Canada. The new SEC cyber rules and landmark cases that the agency brought against CISOs point to new legal and liability exposure.

IANS and Artico Search conducted their fifth annual CISO Compensation and Budget Research Study. Our analysis of the key drivers behind security budget growth reveals significant increases are often triggered by incidents or breaches, or by rising risks such as those associated with AI adoption.

The 2024 edition of the DNSFilter Security Report is about LLM’s, AI, ChatGPT, threats by region, predictions for the upcoming year and more. In December of 2023, we even launched a Generative AI category to assist our customers in blocking these types of sites for better protection over PII and plagiarism.

ThreatLabz found that ransomware attacks increased by 17.8% year-overyear based on blocked attempts in the Zscaler cloud, while ransomware attacks identified through data leak site analysis surged by 57.8%. The findings presented in this report underscore the need for organizations to prioritize protection against the relentless tide of ransomware. The insights and strategies in the report serve as a crucial guide for improving your ransomware defenses.

OWASP MASVS sets a minimum bar for mobile app developers to follow when building apps securely and provides security teams with the ideal testing strategy as part of the organization’s proof of controls. NowSecure benchmark mobile application security testing analysis shows 95% of nearly 6,500 leading mobile apps fail at least one of the seven OWASP MASVS categories.

This year’s research shows that, while most businesses have a ransomware strategy in place, many are incomplete. They’re either missing a documented plan or the right people to execute it. As a result, we see that many organizations are paying the ransom. Likewise, whilst many have cyber insurance, too many simply don’t know if or to what degree it covers them for ransomware attacks.

In the ever-evolving landscape of cybersecurity, the significance of security testing cannot be overstated. As we delve into the 2023 trends, it’s clear that penetration testing remains the cornerstone of a robust security strategy. we’ve observed a substantial 31% increase in manual pentest engagements, highlighting a growing reliance on this building block of security.

To understand the current state of software supply chain security (SSCS) we surveyed 900 AppSec professionals in US, Europe and APAC based organizations across a wide range of industries. The findings show an increased sense of awareness with more than half of respondents acknowledging that SSCS is a top or significant area of focus. However, only 7% have already purchased and implemented an SSCS-specific product.

This report looks back at the major cyber security events of 2023, offering insights and analysis to help understand and prepare for the challenges ahead. Our goal is to provide valuable information to organizations, policy makers, and cyber security professionals, helping them to build stronger defenses in an increasingly digital world. Check Point Research reports that threat actors in hacking forums have started making use of AI tools like ChatGPT, in order to create malware and attack tools such as info-stealers and encryptors.

Blackpoint observed attempts to gain initial access and move laterally through an organization, specifically targeting endpoint devices, constituted 95% of the threat landscape seen on these devices. A common thread you will find throughout our threat report is the subject of initial access. Initial access covers the various methods a threat actor may use to gain unauthorized entry into a computer network or system. It is where a threat actor begins, and, when up against Blackpoint’s 24/7 Security Operations Center (SOC), is detained.

This study delivers the latest insights into the threat landscape of workplace collaboration and the opportunities presented by the fastest-growing dataset across the enterprise today. As the leading AI data platform for employee listening, Aware analyzes the state of risk across collaboration platforms such as Slack, Teams, Zoom and Workplace from Meta to create awareness around both the risks and opportunities that lie within digital workplace conversations.

This year’s report introduces results from the Attack Path Validation (APV) and Detection Rule Validation (DRV) products on the Picus platform, offering deeper observations into organizational preparedness against automated penetration tests and the effectiveness of detection rules in SIEM systems. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

The 2024 edition of the Blue Report provides key findings and practical recommendations for cybersecurity professionals by evaluating the effectiveness of current detection and prevention practices. The Blue Report 2024 serves as a crucial resource for cybersecurity professionals and decision-makers. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

Alto’s methodology employs a data-first approach with the objective of supporting experts and practitioners establish an evidence-based understanding of the complex, multivariate nature of extremism and radicalization online and its multi-layered relationship with: the vulnerabilities linked to certain narratives and ideologies that constitute a part of public discourse and can be weaponized with specific aims. this report does highlight specific domains, channels and other digital spaces to aid practitioners in understanding the mechanics of the digital spaces analyzed.

This research report provides a comprehensive analysis of ransomware incidents and binaries recorded and gathered globally, offering insights into trends, attacker profiles, ransomware families, and the implications for cybersecurity defenses. Ransomware knows no borders and neither do the groups unleashing it. Rather than picturing these groups as a collection of individuals in hoodies, we must extend our collective imagination to fathom the international business model that delivers the end product — ransomware — to our doorsteps.