In the following report, Naikon describes the tactics, techniques, procedures and infrastructure that have been used by the Naikon APT group over the 5 years since the last report, and offer some insight into how they were able to remain under the radar.

The 2020 data breach report from the events managed by the BakerHosteltler incident response team. Trends, timelines, and losses are covered.

Mandiant’s 2019 edition of their threat intel report. Focusing on significant trends in attack TTPs over the past calendar year.

A lot of progress has been made in the past few years around requirements. Next steps in this area include identifying when and why to update intelligence requirements—even ad hoc adjustments can be planned for by identifying the circumstances under which they would need to be changed. It is also clear that there are numerous positive trends in the community, such as more organizations producing intelligence instead of just consuming it. But there are also many challenges, such as getting the appropriate staffing and training to conduct cyber threat intelligence. Tools and data sources are always going to be vital to the process, but the world of intelligence analysis is inherently analyst driven and a focus is rightfully placed there.

We built our 2020 Threat Insights Report on this foundation, to help guide you in protecting against what’s to come. Because moving forward, the right combination of protections is not a difference between one cybersecurity solution or another; it’s the difference between being protected against tomorrow’s threats or becoming their prey.

The BlackBerry® Cylance® 2020 Threat Report contains a broad range of topics vital to the interests of businesses, governments, and end-users. It delivers the combined security insights of BlackBerry, a trailblazer in the Internet of things (IoT) and mobile security, and Cylance, an early pioneer of AI-driven cybersecurity and endpoint security market disruptor, which was purchased by BlackBerry in February 2019.

This report from Cisco proves 10 cyber security myths false.

In this report, we’ll dig deeper into the survey results and present our own understanding of these statistics, as well as analysis from Dr. Gonzalez, insights from cybersecurity experts, real-world phishing stories from our customers and partners, and tips on how to stay safe from phishing threats.

As people settle into the new way of working with many organizations working from home, it comes as no surprise that attention now turns to being productive as well as secure. In a recent survey, Barracuda found that almost half (46%) of global businesses have encountered at least one cybersecurity scare since shifting to a remote working model during the COVID-19 lockdown. What’s more, an astounding 49 percent say they expect to see a data breach or cybersecurity incident in the next month due to remote working.

As software proliferates and DevOps takes hold, we conducted this study to understand the impact of utilizing Pentest as a Service (PtaaS) vs. traditional pentesting services. Within the backdrop of modern software development practices and rising appsec priorities, our study found that DevOps is a driving force for pushing pentest into the cloud and deploying Pentest as a Service. Furthermore, DevOps demands that appsec measures are delivered in a fashion that favors communication, transparency, and collaboration- PtaaS is exactly the evolution that addresses those aspects.

This report goes in depth into the overall changes in data breaches in the first part of 2020. Some highlights are that the number of publicly reported breaches decreased by 42% from 2019. and the number of records exposed grew 273% since last year.

This survey looked at the state of IT departments in 2020 and where their priorities fell. After surveying more than 1,300 IT professionals, it’s clear vendor management and contract negotiation is becoming a time-consuming endeavor. In fact, 50% of IT professionals work with 11 or more vendors and nearly half (48%) spend weeks or months renegotiating their vendor contracts each year.

Q1 2020 was an extremely turbulent time as the world dealt with the spread of COVID-19 and many businesses shifted to a fully remote work environment for the first time. The Threat Stack Security Operations Center has had a first-hand look at the impact this has had on Threat Stack customers through our regular work investigating suspicious behavior, triaging alerts, and providing recommendations on how to proactively reduce risk and remediate incidents.

The 2020 Trustwave Global Security Report is an annual review of the phenomena, trends and statistics affecting computer security and worldwide safety, as observed by Trustwave systems and security analysts throughout 2019. As we enter a new deacade, we take a fresh look at the changing face of the compromise, from the ways in which increasingly sophisticated threat actors adapted in recent years to improvements in threat detection and response and how people in white hats responded.

Against the backdrop of mounting threat in an era of disruption, the most forward-thinking cybersecurity functions can be critical agents of change. But this will require organizations to foster new relationships between CISOs, the board and C-suite, and every function of the business.

As more organizations move to the cloud and public cloud platforms gain more users and offer more services, cybercriminals will find ways to launch attacks and profit from compromise. As we’ve demonstrated in this research, misconfiguration in cloud services opens an organization to risks like cryptojacking, e-skimming, and data exfiltration. Container technologies in the cloud, when exposed, also pose similar risks. Finally, mismanagement of credentials and other secrets have costs that can grow as threats move across the cloud stack.

CyberEdge’s annual Cyberthreat Defense Report (CDR) plays a unique role in the IT security industry. Other surveys do a great job of collecting statistics on cyberattacks and data breaches and exploring the techniques of cybercriminals and other bad actors. Our mission is the provide deep insight into the minds of IT security professionals.

The goal of the study was to provide a state-of-the-market on third-party risk with actionable recommendations that organizations can take to grow and mature their programs.

Akamai’s annual overview of security traffic trends for 2019.

A survey driven report across the US and UK geographies on organization’s SOC capabilities.

An annual review of threat traffic and patterns across geographies as seen by NTT Security.