This report takes a look at the dangers of weaponized malware and provides a case study of Zombie Zero behavior.

The 2019 SIEM Survey Report represents one of the most comprehensive surveys on SIEM to date, designed to explore the latest trends, key challenges, and solution preferences for SIEM.

From the report, “In this SPIE, we shine a spotlight on the phishing prevention approaches of one start-up company, Area 1 Security; and one long-tenured cybersecurity vendor, IBM. Although complete elimination cannot be promised, each is taking steps that reduce the potential of their business clients (Area 1’s Horizon) and their clients’ clients (IBM Trusteer Rapport) from becoming victims. Secondarily, by removing the burden of phishing defense from employees and consumers, employees’ productivity is positively affected, and consumers’ trust in online activities is strengthened.”

From the report, “To put the relentlessness of attacks and the attackers perpetrating them into perspective, it has been reported that the global cybercrime economy generates an annual profit of $1.5 trillion or roughly the same as Russia’s GDP. To use an old cybersecurity adage, attackers only need to succeed once to compromise your network, defenders need to succeed every time. These facts and the events of Q1 2018 reinforce the reality that threat actors have no intention of scaling back their attacks. It is important not to be distracted by coverage given to one attack vector or class of attack – distraction has been a powerful tool in the arsenals of attackers for centuries… just think about why malware trojans are so named.”

CISOs Investigate: User Behavior Analytics (UBA) includes interviews with 11 security leaders who have deployed or are looking to deploy third-party solutions. This report replaces the ad hoc, often informal and time-consuming processes of personally gathering peer insight. Spanning verticals, the CISO contributors share real-world use cases and provide guidance.

From the one page report, “From trade secrets to client information, legal services and law firms have an ethical and legal obligation to protect privileged data. To help you understand the common attack types and trends facing the legal industry, we’ve compiled the following observations based on real data from across our client base.”

From this one page report, “Healthcare organizations possess some of the most valuable information exchanged on the black market, including social security numbers, patient records, financial information and intellectual property. To help you understand the common attack types and trends facing the healthcare industry, we’ve compiled the following observations based on real data from across our client base.”

This one page report offers the following, “Whether it’s account data or trading and investor information, financial firms hold a wealth of information that can be quickly turned into monetary gain. To help you understand the common attack types and trends facing the finance industry, we’ve compiled the following observations based on real data from across our client base.”

This quarter saw a dramatic increase in attacks targeting consumer-grade routers, increasing 539% from Q4, 2017. The majority of hostile detections on the eSentire threat detection surface pertain to perimeter threats: Information Gathering, Intrusion Attempts, and Reputation Blocks. eSentire Threat Intelligence assesses with medium confidence that these detections originate, largely, from automated scanning and exploitation attempts. Threats beyond the perimeter, such as Malicious Code (+35%) and Phishing (+39%) both saw increases in the frst quarter of 2018.

For this report, Menlo Security’s researchers analyzed the top 100,000 domains as ranked by Alexa to understand the risks inherent in using the world’s most popular websites. We found widespread evidence that cybercriminals are successfully exploiting long-held measures of trust, such as a particular site’s reputation or the category in which the site is included, to avoid detection and increase the effectiveness of their attacks.

Insider threats, such as those associated with the Marriott breach, are considered one of the top concerns in IT security due to the devastating impact on business, reputation, loss of sensitive data, and significant fines. Security solutions that rely on allow lists / block lists and signature files fall far short in their attempt to mitigate this threat. Machine learning and behavioral analysis are uniquely suited to immediately identifying anomalies that indicate an insider threat before any data is lost.

This paper is a theoretical study looking at three famous cases of insider attacks that occurred over the past six years. The paper defines the facts of the attacks and information on the attackers. It then theorizes how a behavioral analytics engine could have been used to detect and prevent these attacks. Although theoretical, the analysis is focused on technical facts rather than on opinions, so that objectivity is maintained. All facts referenced in this document are publically available. No confidential or classified data is used in this document.

From the report, “Trojans are still winning. Out of the 12 Threat Reports over Q3, six were trojans. While the results from the Threat Report quarterly from Q2 2018 were pretty even in terms of the volume of threats being spread out between APTs, ransomware and trojans, Q3 2018 showcased the depth and breadth of trojan diversity and malicious innovation.”

From the report, “Threat actors are increasing their use of fileless malware for one simple reason: most organizations aren’t prepared to detect it. Education is the first step in determining what threat these new attacks pose and what IT and security teams can do to detect and stop fileless malware attacks. READ THIS PAPER to understand how fileless malware is quickly evolving to avoid detection, the techniques currently employed to prevent infection and the strategies security teams need to consider when determining how to stop future fileless breaches.”

This report offers some insight into Health Information Technology and the cybersecurity issues that plague that area.

From the report, “The large-scale attacks and disastrous outcomes in this paper underscore the fact that targeted phishing is the overwhelming cause of nearly all breaches. Phishing attacks cost companies an incalculable amount of money, prestige, goodwill, confidential data, and competitive advantage, as well as brand identity and integrity. The Verizon Data Breach Investigations report supports the overwhelming impact of phishing, which targets businesses consistently across email, web, and network traffic. Siloed approaches lead only to siloed and ineffective protection. Partial, reactive defenses such as employee education, perimeter protection, and spam filtering simply don’t work against today’s phishing threats.”

On September 7th, 2017 Equifax disclosed the occurrence of data breach that occurred between May 2017 and July 2017. Equifax discovered the breach in July 2017. Initial estimates suggest that up to 143 million people could be affected. Credit card information of approximately 209,000 cardholders and personally identifiable information of 182,000 consumers was also compromised. Given past history with similar such breaches, additional impact is likely to be uncovered over time.

From the report, “During the last few months, global corporations have been extremely busy with implementing the needed changes in order to be compliant with the upcoming GDPR regulation. While this happens, cyber-threat actors are preparing themselves for the possible consequences, without a clear picture of whether GDPR will hurt them or benefit them. According to the General Data Protection Regulation (GDPR) any company that handles European Union consumer personal data is obligated to take tangible steps to ensure the information’s security. This means the EU sees any organization that uses EU citizens’ data of any kind, responsible to protect it, whether the organization is headquartered inside EU territory or not. It will, of course, affect the way global corporations handle consumer data encryption, but in even more basic terms, it will affect what kind of information is permitted to be stored and passed along to other users.”

The 2019 SIEM Survey Report represents one of the most comprehensive surveys on SIEM to date, designed to explore the latest trends, key challenges, and solution preferences for SIEM.

This report takes a look at the healthcare industry and seeks to provide insight into the cyber security issues that remain in that industry.

On an ongoing basis, Visa tracks global breach trends affecting retailers and other merchants. In 2017, research confirmed that the U.S. and Europe were the top two regions for payment data breaches. This report offers insight specific to Visa and their unique due diligence in the cyber threat universe.