In this report we begin by examining the prevalence of those vulnerabilities across assets to determine which ones are most common. Then we measure how quickly those vulnerabilities are remediated and what factors speed up or slow down that process. We’ll begin our foray into the wilds of the vulnerability landscape by examining the product vendors that shape it. This is important because these technologies are commonly used, thus vulnerabilities affecting them can have a widespread impact on cyber risk posture.

In the second quarter of 2023 GreyNoise researchers observed a substantial change in the behavior of some regular internet scanning idioms. Inventory scans—where both benign and malicious actors perform regular checks for a given technology or specific vulnerability being present—significantly reduced in frequency and scale. These targeted attacks threaten to circumvent existing defense capabilities and expose organizations to a new wave of disruptive breaches. Defenders must evolve in response.

In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from the first half of the year. Most of the statistical indicators dropped accordingly. Yet, there are subtleties we would like to draw attention to, as they highlight dangerous spots on the cyberthreat landscape.

The goal of this report is to help security professionals remain at the forefront of securing organizations, as its content is based on real-world techniques employed by attackers to target cloud-based environments. As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number – a collective effort to safeguard both large enterprises and small businesses alike is key.

In the new Cybereason survey, 1,203 cybersecurity professionals from eight countries and a dozen industries were asking to describe the challenges currently faced by their SOCs and how they impact their plans for modernization. Nearly half of the respondents (49%) said ransomware is the most common incident type they deal with daily, followed closely by supply chain attacks (46%). Thirty-seven percent said daily alerts consumed most of their time, and 31% identified targeted attacks as a top daily concern.

The objective of this report is to reflect on the different vulnerability management phases and their current maturity and trends through a cumulative dashboard view of the United VRM SaaS solution, anonymously accumulating vulnerability and asset data from January 2019 to present date. These cumulative views will reveal trends and considerations about vulnerability management practices and overall program maturity.

The 2021 VPN Risk Report surveyed 357 cybersecurity professionals, providing insight into the current remote access environment, the state of VPN within the enterprise, the rise in VPN vulnerabilities, and the role that zero trust will play in enabling access to apps going forward.

This report is based on the results of a comprehensive online survey of 351 IT and cybersecurity professionals, conducted in June 2022 to identify the latest enterprise adoption trends, challenges, gaps, and solution preferences related to VPN risk. The respondents range from technical executives to IT security practitioners, representing a balanced cross-section of organizations of varying sizes across multiple industries.

This report explores how CISOs are adjusting in the wake of pandemic disruption, adapting strategies to support long-term hybrid work and battling an increasingly sophisticated threat landscape. We also examine how people put organizations at risk and how CISOc change priorities in response.

A survey of CISOs across 1,400 organizations supplemented with interviews of 100 individuals.

This report looks at spear-phishing attacks affecting organizations today. It identifies the 13 biggest threats, and how to defend against them.

This report examines which employees, departments, and industries are the most vulnerable in 2019. It analyzes which ones receive the most targeted threats, and how their privilege might be abused.

This threat report covers traffic and attack trends, with industry and geographical breakdowns, for the first several months of 2020. A special focus on the use of cloud and SAAS providers supporting telework is included.

The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) is a global survey of IT business decision makers, which is now in its ninth year. A total of 4,958 interviews were conducted across 23 countries. Respondents were asked about the state of IT security within their organizations, the types of threats they face and the costs they have to deal with when recovering from attacks. The regions covered consist of LATAM (Latin America), Europe, North America, APAC (Asia-Pacific with China), Japan, Russia and META (Middle East, Turkey and Africa).

This report examines a wide range of cyberattack detections and trends from a sample of 354 Vectra customers with more than 3 million devices and workloads per month from nine different industries. This report takes a multidisciplinary approach that spans all strategic phases of the attack lifecycle.

This report is a discussion of the findings and trends of 169 ransomware incidents affecting state and local governments since 2013.

This report presents data gathered between October–December 2018, along with previously collected data for historical comparisons. We examine which employees and organizational departments receive the most highly targeted email threats. Then we explore how they’re being attacked, analyzing attackers’ techniques and tools. Based on these findings, we recommend concrete steps organizations can take to build a defense that focuses on their people.

This annual report from Symantec offers insights into formjacking, cryptojacking, ransomware, supply chain attacks, targeted attacks, the cloud, IoT, and even discusses Election Interference. As always the facts and figures are intriguing. Read on!

The Black Hat Edition of the Vectra® Attacker Behavior Industry Report provides a first-hand analysis of active and persistent attacker behaviors inside cloud, data center and enterprise environments of Vectra customers from January through June 2018.

The 2018 RSA Conference Edition of the Vectra Attacker Behavior Industry Report provides a first-hand analysis of active and persistent attacker behaviors inside cloud, data center and enterprise environments of Vectra customers from August 2017 through January 2018.

Based on extensive use of CrowdStrike’s next generation endpoint protection platform to detect and prevent sophisticated attacks against large organizations, CrowdStrike’s in house team of security experts, adversary hunters, intelligence analysts and incident responders have pooled their knowledge to produce this valuable guidebook and checklist for proactively enhancing your corporate information security procedures while avoiding common mistakes and pitfalls.