The second Abnormal Security Quarterly BEC Report examines the business email compromise (BEC) threat landscape during what may be the most tumultuous quarter in modern business history: the first full quarter of the COVID-19 pandemic.

The inaugural threat report from the AWS Shield managed security service. Primarily covers volumetric statistics seen on the AWS Shield platform.

This is a report put out by Impervia based on their 2019 DDoS attack study. Their analysis of attacks is based on data from 3,643 network layer DDoS attacks on websites using Imperva services from January 1, 2019 through December 31, 2019, and on 42,390 application layer attacks on websites using Imperva services from May 1, 2019 through December 31, 2019,

For the fourth time, White Ops and the ANA have partnered to measure bot fraud in the digital advertising ecosystem. Previous studies measured bot fraud in the digital advertising ecosystem in August/September 2014, August/September 2015, and November/December 2016. This one studies November/December 2019.

Imperva outlines trends in the DDoS threat landscape in 2017, including that the number of attacks has doubled, that crypto-currency continues to be targeted, and that persistent attacks are growing more common.

Agari recently surveyed 305 senior European IT security professionals to better understand the region’s email threat landscape from the perspective of those fighting on the front lines against business email compromise (BEC), spear phishing, and other targeted email attacks. What emerges is a snapshot of a continent plagued by frictionless email scams that evade technical security controls and successfully hack the human psyche.

The LexisNexis® Risk Solutions Cybercrime Report is based on cybercrime attacks detected by the LexisNexis® Digital Identity Network® from January – June 2019, during real-time analysis. It covers the digital identity network, and attacks on “high-risk” transactions.

From the report, “BEC is a specific type of phishing email that operates without links and without attachments (two of the standard markers that perimeter defenses look for). However, instead of taking over a computer or stealing data, BEC hackers impersonate an executive (a known CEO, CFO or other CxO), and persuade the recipient (an employee) to perform some action – like wiring money or attaching information to an email. " Read on to learn more.

This report presents data gathered between October–December 2018, along with previously collected data for historical comparisons. We examine which employees and organizational departments receive the most highly targeted email threats. Then we explore how they’re being attacked, analyzing attackers’ techniques and tools. Based on these findings, we recommend concrete steps organizations can take to build a defense that focuses on their people.

To shine a light on the availability of SSL/TLS certificates on the dark web, the Evidence-based Cybersecurity Research Group at the Andrew Young School of Policy Studies at Georgia State University and the University of Surrey spearheaded a research program, sponsored by Venafi. This report details the preliminary findings of the research and outlines the volume of SSL/TLS certificates for sale on the dark web, including information on how they are packaged and sold to attackers. These certificates can be used to eavesdrop on sensitive communications, spoof websites, trick consumers and steal data. The long-term goal of this research is to gain a more thorough understanding of the role SSL/TLS certificates play in the economy of the dark web as well as how they are being used by attackers.

This report offers information on Mobile Phishing from data researched in 2018.

This quarterly threat report offers insight into the DDoS attacks that occurred in the 4th quarter of 2018.

This report explores Brexit-related Twitter activity occurring between December 4, 2018 and February 13, 2019. Using the standard Twitter API, researchers collected approximately 24 million tweets that matched the word “brexit” published by 1.65 million users.

This infographic provides insight into the cyber security worries of Smart Cities.

This report offers advice for what to do when the barbarians are at your door…

Scott Adams has been at the front lines fighting fraud in the world of online games as former Vice-Chair Merchant Board at Payments Ed Forum, and former Director of Fraud and Risk Management at Riot Games. For nearly four years, he led his group to greatly reduce fraud and increase account security for the millions of people who play League of Legends worldwide. Scott’s experience and expertise includes Payment Processing, Anti-Fraud/Chargeback Management, and Connecting the Marketing/Business Departments with Customer Service and Information Technology Departments (Cross-Departmental Communications). Kount asked him to share his industry expertise and insights for combating card-not-present (CNP) fraud in the Online Games market.

This is a handy guide that provides information useful for understanding online fraud.

Fraudulent accounts run rampant on social media. But what are they up to, what cyber attacks are they launching? ZeroFOX Research investigates 40,000 fake accounts to find out.

The DataVisor Fraud Index Report: Q1 2018 is based on attacks that were detected by the DataVisor UML Engine from January through March of 2018, analyzing 40 billion events and 680 million user accounts. This report provides unprecedented insights into the attack techniques that bad actors use to engage in malicious activities and evade detection.

This infographic provides a brief overview of data presented in the ThreatMetrix Q2 2018 Cybercrime Report.

The ThreatMetrix Payment Processor Cybercrime Report is based on actual cybercrime attacks last year that were detected by the ThreatMetrix Digital Identity Network (the Network) during real-time analysis and interdiction of fraudulent online payments, logins and new account applications.