PlexTrac sponsored research with CyberRisk Alliance to better understand how cybersecurity teams are using emerging strategies like adversary emulation and purple teaming to combat growing ransomware threats. This report details the findings of a survey of 315 IT and cybersecurity decision-makers and influencers.

A cyberthreat intelligence brief informed by the latest Microsoft threat data and research. This content offers an expert perspective into the current threat landscape, discussing trending tactics, techniques and strategies used by the world’s most prolific threat actors.

This report describes how money laundering is typically performed in the context of large-scale cyber heists. It illustrates key parts of the typical processes used by cyber criminals with examples to help better inform readers on areas they should focus on to better prevent, detect and respond to money laundering. In addition, the report offers perspectives on areas in which controls could be further improved and how money laundering techniques may evolve

CISOs aren’t alone in recognizing the need for new threat detection and response strategies. In fact, security technology providers are championing a new technology initiative dubbed eXtended Detection and Response (XDR). XDR tools are intended to solve many threat detection and response issues by providing an integrated security architecture, advanced analytics, and simplified operations. Despite this innovation, however, users remain confused about XDR and where it could fit into their security programs. This report answers “what is XDR and which are the most important XDR requirements?”

We do two very important and timely things in this report. We first explore ways to measure exploitability for individual vulnerabilities—and far more importantly—entire organizations. Second, we create a simulation that seeks to minimize organizational exploitability under varying scenarios combining vulnerability prioritization strategies and remediation capacity. Bottom line: If you’re looking for proven ways to squeeze the most risk reduction from your vulnerability management (VM) efforts, this report is for you.

This report incorporates not only the malware zoo, but new analysis for what is being detected in the wild. Also added: statistics detailing the top MITRE ATT&CK techniques observed in Q4 2020 from Criminal/APT groups.

Takes a look back at the top trends in cloud attacker activities and cloud data risks from 2021 compared to 2020.

This report shares seven key lessons learned by breach victims. Each lesson includes simple recommendations and tips, many of which do not require organizations to purchase any tools.

Sophos’ annual threat report drawn from incident response engagements with customers.

A review of domain registration, hosting, and content-related data on attack patterns and trends.

This is the ninth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape that identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes relevant mitigation measures.

The data used in this report comes from Cisco Umbrella, Cisco’s cloud delivered security service that includes DNS-layer security, secure web gateway, firewall, cloud access security broker (CASB) functionality, and threat intelligence.

A review of trends in e-commerce security and attacks based upon a variety of sources collected via Impreva Research labs.

Using governmental reports of bank secrecy act (BSA) data, this report evaluate the threat patterns and magnitudes in ransomware events over the first half of 2021. A historical view of trends in financial reports, both frequency and magnitudes, is included.

A survey of recent breaches occurring over the past year as identified and classified via AuditAnalytic’s commercial database of breach information. Include firmographic and case study information.

The regular update to this threat intelligence series. Focuses on changes in attacker behaviors in the first half of 2021, with particular focus on DDOS activity, ransomware actions, supply chain attacks, and COVID-19 related patterns.

A continued look at “ripple events” - multi-party security events - examining the size and frequency of these events, firmographics, as well as the velocity of spread of such events.

A review of the principals behind ransomware attacks and the key trends in this attack class, as presented in the claims information collected by Corvus.

This is the threat landscape report from Fortinet for the first half of 2021. It covers threat detection changes and attack changes from January to July.

Using Proofpoint deployments across the globe over 2020, this report reviews the email messages, URLs, and attachments being communicated and what these mean for email and cyber security. An additional 300 customers provided information on privilege abuse concerns for a section of this report.

Using Unit 42’s threat intelligence and incident response teams, this report reviews the state of ransomware, focusing on the prevalence, size of payments, techniques, and firmographics of recent events.