Teaming up with leading researchers at UC Berkeley and UC San Diego, Barracuda researchers uncovered a new and growing type of account takeover attack: lateral phishing.

The second Abnormal Security Quarterly BEC Report examines the business email compromise (BEC) threat landscape during what may be the most tumultuous quarter in modern business history: the first full quarter of the COVID-19 pandemic.

A review of lessons learned over the past year from Rapid7’s penetration testing services. Combined with survey day on social engineering and red team simulations of 206 engagements.

This paper compiles observations as well as predictions on the state of cybersecurity in 2020.

The Threat Intelligence Executive Report by Secureworks is a report designed to analyze security threats and help organizations protect their systems. In this report, they look into Iranian espionage operations in 2020, Customized Magecart attacks, and China based threat groups targeting NGOs and Asian government networks.

A review of cybersecurity breach trends affecting public companies from 2011 through 2019. Use the breach database compiled and maintained by Audit Analytics.

This report goes in-depth on the most popular fraud techniques and how to prevent fraud attacks on your business.

Year end report from AppRiver using telemetry from the AppRiver security products and events observed by the AppRiver Security Analysts.

The annual report on trends in malware and hacked website from the incident response and malware research teams at GoDaddy Security /Sucuri.

An annual report derived from the Proofpoint customer base and the emails processed by the Proofpoint email security platform. Focuses on the “human factor” of organizational cyber security.

A survey of 166 US health information security professionals. Discusses the prevalence of significant security events (primarily e-mail based), positive advances in healthcare security, the threat of complacency when managing programs, and area where there are control gaps.

A combination of data from RiskIQ’s internet telemetry network and thought analysis, this report covers changes related to the COVID-19 pandemic, organization’s public attack surface, mobile threats, and the importance of JavaScript as an attack vector.

Covers the long tail of vulnerability patching, whereby vulnerabilities that are not fixed soon after detection can linger for months or more before being addressed. Makes the case for better prioritization mechanisms.

The second annual application protection report (APR) from F5 Labs combines data from F5’s global customer base with network telemetry from Baffin Bay to catalog and analyze the major threats facing application security practitioners. Includes recommendations for appsec professionals.

Verizon’s 2020 edition of the keystone DBIR. Covering breaches and attack trends across the previous year.

Trend Micro looks into the email security threat landscape, looking into threat types, number of threats, etc.

In this report, we’ll dig deeper into the survey results and present our own understanding of these statistics, as well as analysis from Dr. Gonzalez, insights from cybersecurity experts, real-world phishing stories from our customers and partners, and tips on how to stay safe from phishing threats.

Wakefield Research partnered with Webroot to conduct an online quantitative research study among U.S. consumers to:

• Better understand attitudes, perspectives, and behaviors related to cyber hygiene
• Based on this data, create a risk index (“Cyber Hygiene Risk Index”) to assess the risks associated with susceptibility to cybercrime in each state, ranking the states to determine the riskiest and least risky states in the U.S.
• Further analyze respondents’ susceptibility to risk by using a series of custom demographic and psychographic metrics to get a more nuanced understanding of what is behind cyber-hygiene levels

As people settle into the new way of working with many organizations working from home, it comes as no surprise that attention now turns to being productive as well as secure. In a recent survey, Barracuda found that almost half (46%) of global businesses have encountered at least one cybersecurity scare since shifting to a remote working model during the COVID-19 lockdown. What’s more, an astounding 49 percent say they expect to see a data breach or cybersecurity incident in the next month due to remote working.

This report focuses on the changes in security threats and the effect that COVID-19 has on the overall landscape.

This survey of 3500 people (conducted by a 3rd party survey research company) examines attitudes and knowledge of various security concepts. The survey is mainly focused on the Western World, the US, Western Europe, and Australia, with Japan being the only Asian country included.