Amid our worldwide bedlam, this report is aimed at informing for the purposes of preparation. Whether you find yourself in the midst of government affairs, technology management, or business operations, the state of rising factors impacts nearly every country, either directly or indirectly, and provides a ripe setting for cyberattacks to thrive. Based upon research conducted and shared amongst our various practices in DevSecOps, Offensive Security, Governance-Risk-Compliance, Threat Intelligence, and Research, we have completed our overall analysis to focus on the following evolving threats as we navigate through 2022.

Service providers are undergoing a technological revolution, transforming their networks and computing infrastructure to dramatically change the user experience and support new services in an app-driven world tailored to industry and business objectives. To do so, service providers are embracing ultra-low-latency designs, fully automated software delivery and increased levels of operating efficiency.

In this report, we examine 10 prolific banking trojans targeting Android mobile apps of users worldwide, detailing their features and capabilities. We also detail what makes each malware family different highlighting the unique and advanced malicious features that make each banking trojan family unique. A complete list of all 639 financial applications covering banking, investment, payment, and cryptocurrency services and the different banking trojan families targeting each is provided in Appendix A.

This report investigates the trends, pioneered by the Maze ransomware group, of double extortion. In particular, we examine the contents of initial data disclosures intended to coerce victims to pay ransoms. Rapid7 analysts investigated 161 separate data disclosures between April 2020 and February 2022 and identified a number of trends in the data.

As these ransomware gangs and RaaS operators find new ways to remove technical barriers and up the ante, ransomware will continue to challenge organizations of all sizes in 2022. As a result, ransomware has become one of the top threats in cybersecurity and a focus area for Palo Alto Networks. This report provides the latest insights on established and emerging ransomware groups, payment trends, and security best practice.

The Blackberry 2022 Threat Report is not a simple retrospective of the cyberattacks of 2021. It is a high-level look at issues affecting cybersecurity across the globe, both directly and indirectly. It covers elements of critical infrastructure exploitation, adversarial artificial intelligence (Al), initial access brokers (IABs), critical event management (CEM), extended detection and response (XDR), and other issues shaping our current security environment.

Arctic Wolf’s 2022 Security Trends Report provides insight into the current and future state of these cybersecurity teams as they attempt to move their security programs forward while dealing with an ever-evolving threat environment. Our research findings show that ransomware, phishing and vulnerabilities don’t just monopolize headlines, they’re taking up security professionals’ headspace, too. Defending an increasing number of threats from attackers with far more resources feels like a lost cause too many businesses.

This survey report focuses on the current trends in cybersecurity workforce development, staffing, cybersecurity budgets, threat landscape and cyber-maturity. The survey findings reinforce past reporting and, in certain instances, mirror prior year data. Staffing levels, ease of hiring and retention remain pain points across the globe, and declining optimism about cybersecurity budgets reversed course this year.

This report was created by the ConnectWise Cyber Research Unit (CRU) - a dedicated team of ConnectWise threat hunters that identifies new vulnerabilities, researches them, and shares what they find for all to see in the community. The CRU monitors ransom leak sites and malicious botnets for new threats, uses OSINT resources, and utilizes data from the ConnectWise SIEM powered by Perch to help create content and complete research.

In 2021, the industry saw a transition into threat actor separation of duties, with an increase in groups focused on obtaining and selling access to victims (Initial Access Brokers). In observing this trend, Deepwatch has taken note of the proliferation of Initial Access Brokers and how it correlates with a shift in focus, away from specific industries and towards attacks of opportunity. As this trend continues, more emphasis must be placed on risk management of organizations’ internet exposure.

At Nuspire, we’re still witnessing threat actors using malicious files and cashing in on newly announced vulnerabilities. Threat actors are opportunistic for the most part and seek the easiest access for the least amount of effort. We explore these ideas and cover some of the most prevalent ways we’ve see threat actors attempt to breach the gates. After we dig into the data, we’ll provide you with actionable takeaways you can apply to your network to harden your defenses.

This study offers the kind of insights CISOs have long been asking for - to benchmark their situation and experience against others; to learn from what their peers are doing and planning to do ; and to validate ideas and obtain solid data to justify investments in these areas.

A recent Authentication Security Strategy survey by Enzoic and Redmond magazine revealed insights into the way that passwords are currently being used in various organizations, and what the future looks like regarding this ubiquitous authentication method.

For this, our 15th anniversary installment, we continue in that same tradition by providing insight into what threats your organization is likely to face today, along with the occasional look back at previous reports and how the threat landscape has changed over the intervening years.

The Red Report 2021 reveals an increase in the number of average malicious actions per malware. Another key finding of the report is that T1059 Command and Scripting Interpreter is the most prevalent ATT&CK technique, utilized by a quarter of all the malware samples analyzed. This report also reveals that five of the top ten ATT&CK techniques observed are categorized under the TA005 Defense Evasion tactic.

Now in its seventh year, Sonatype’s 2021 State of the Software Supply Chain Report blends a broad set of public and proprietary data to reveal important findings about open source and its increasingly important role in digital innovation.

For the State of Cloud Security 2021, we surveyed 300 cloud professionals, including cloud engineers, cloud security engineers, DevOps, and cloud architects, to better understand the risks, costs, and challenges they are experiencing managing cloud security at scale.

Based on Arete case data, the commonly observed techniques and vulnerabilities of 2021 will likely not change through most of 2022. In the Arete Annual Crimeware Report, we will discuss: notable tactics and techniques observed in threat actor campaigns, notable negotiation insights gleaned from ransomware cases, how law enforcement has changed its games and how the threat landscape will evolve in 2022.

For many cybersecurity community, the past several months have been a dumpster fire. We’ve analyzed and tracked definitive data from more than 1,500 incident response and forensic cases over 12 months to provide unique visibility into the state of ransomware.

From Q2 to Q3 2021, ransomware gained increasing attention. In Q3 2021, threat actors also continued mass exploitation of vulnerabilities in systems, including those in Microsoft Exchange.

The State of Pentesting: 2020 report assesses which web application security vulnerabilities can be found reliably using machines and which require human expertise to manually identify. The scope of his exploration is black-box penetration testing (“humans”) against dynamic scanning and out-of-band testing (“machines”) for web applications.