This is the sixth year in a row Tidelift has conducted a survey about open source and the third time it focused exclusively on the maintainers who create and maintain the open source projects we all depend on. The most cited stat from that previous survey was that 60% of maintainers described themselves as unpaid hobbyists. We asked the same question again this year to see if things had changed.

This report is based on the summary statistical analysis of over 10,000 cyber claims for incidents that occurred during the five-year period 2019–2023. We see enormous variances in the magnitude of loss data. The smallest claims were less than $1,000; the largest were over $500M. The numbers of records exposed ranged from 1 to over 140M.

This report focuses on the security of deployed AI models in cloud services and environments. Our research indicates that more than half of organizations have adopted AI models for custom applications. More than half of organizations are deploying their own AI models. Default AI settings are often accepted without regard for security.

The 2024 edition of the DNSFilter Security Report is about LLM’s, AI, ChatGPT, threats by region, predictions for the upcoming year and more. In December of 2023, we even launched a Generative AI category to assist our customers in blocking these types of sites for better protection over PII and plagiarism.

ThreatLabz found that ransomware attacks increased by 17.8% year-overyear based on blocked attempts in the Zscaler cloud, while ransomware attacks identified through data leak site analysis surged by 57.8%. The findings presented in this report underscore the need for organizations to prioritize protection against the relentless tide of ransomware. The insights and strategies in the report serve as a crucial guide for improving your ransomware defenses.

This year’s research shows that, while most businesses have a ransomware strategy in place, many are incomplete. They’re either missing a documented plan or the right people to execute it. As a result, we see that many organizations are paying the ransom. Likewise, whilst many have cyber insurance, too many simply don’t know if or to what degree it covers them for ransomware attacks.

Security threats are real, they continue to grow, and they are likely to penetrate an organization through email. Organizations simply cannot settle for ‘Good Enough’ email security and sole reliance on a SEG is not enough. As we all know, it only takes one breach to damage a company’s financial status, brand reputation, and/or relationship with its employees and customers. Each day, our analysts see thousands of threats that are bypassing all SEGs on the market.

In the ever-evolving landscape of cybersecurity, the significance of security testing cannot be overstated. As we delve into the 2023 trends, it’s clear that penetration testing remains the cornerstone of a robust security strategy. we’ve observed a substantial 31% increase in manual pentest engagements, highlighting a growing reliance on this building block of security.

To understand the current state of software supply chain security (SSCS) we surveyed 900 AppSec professionals in US, Europe and APAC based organizations across a wide range of industries. The findings show an increased sense of awareness with more than half of respondents acknowledging that SSCS is a top or significant area of focus. However, only 7% have already purchased and implemented an SSCS-specific product.

This report looks back at the major cyber security events of 2023, offering insights and analysis to help understand and prepare for the challenges ahead. Our goal is to provide valuable information to organizations, policy makers, and cyber security professionals, helping them to build stronger defenses in an increasingly digital world. Check Point Research reports that threat actors in hacking forums have started making use of AI tools like ChatGPT, in order to create malware and attack tools such as info-stealers and encryptors.

Blackpoint observed attempts to gain initial access and move laterally through an organization, specifically targeting endpoint devices, constituted 95% of the threat landscape seen on these devices. A common thread you will find throughout our threat report is the subject of initial access. Initial access covers the various methods a threat actor may use to gain unauthorized entry into a computer network or system. It is where a threat actor begins, and, when up against Blackpoint’s 24/7 Security Operations Center (SOC), is detained.

To reflect the shift from malware to threats we have evolved our State of Malware report once again. We asked our experts what resource constrained IT teams should pay attention to in the year ahead. They have chosen six threats that illustrate some of the most serious cybercrime tactics we’ve seen on Windows, Mac, and Android. It is not an exhaustive list, but if you are equipped to handle these then you are well placed to deal with anything the cybercrime ecosystem can throw at you.

This year’s report introduces results from the Attack Path Validation (APV) and Detection Rule Validation (DRV) products on the Picus platform, offering deeper observations into organizational preparedness against automated penetration tests and the effectiveness of detection rules in SIEM systems. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

The 2024 edition of the Blue Report provides key findings and practical recommendations for cybersecurity professionals by evaluating the effectiveness of current detection and prevention practices. The Blue Report 2024 serves as a crucial resource for cybersecurity professionals and decision-makers. It provides perspective into the current state of cybersecurity and recommends Continuous Threat Exposure Management (CTEM) for those working to adopt a holistic approach.

This research report provides a comprehensive analysis of ransomware incidents and binaries recorded and gathered globally, offering insights into trends, attacker profiles, ransomware families, and the implications for cybersecurity defenses. Ransomware knows no borders and neither do the groups unleashing it. Rather than picturing these groups as a collection of individuals in hoodies, we must extend our collective imagination to fathom the international business model that delivers the end product — ransomware — to our doorsteps.

In this report, CrowdStrike OverWatch threat hunters distilled their findings into hundreds of new behavior-based preventions over the past 12 months. As a result, the team’s front-line findings directly augment the Falcon platform’s ability to detect and prevent the latest threats. This data specifically focuses on interactive intrusions — attacks where adversaries establish an active presence within a target network, often engaging in hands-on-keyboard activities to achieve their objectives.

The 2024 Ransomware Risk Report reveals concerning statistics for business, IT, and security leaders. This report reveals that 74% of victims were attacked not once, but multiple times. Certain countries and industries were more likely to experience subsequent attacks. But overall, more than half the companies we surveyed were successfully breached two or more times — sometimes within the same day.

In this report, the IT-ISAC tracked 18 new ransomware groups in 2023, reflecting that financial gain continues to be one of the top motivating factors behind cyberattacks. As long as the chances of making money is high and the risk of getting caught is low, ransomware will continue. Despite government and law enforcement efforts to take down malicious infrastructure, new ransomware strains continue to emerge.

In this report, the term security awareness program is used to describe a structured effort to engage, train, and secure your workforce and build a strong security culture. However, many organizations refer to such efforts using different terms, including security behavior and culture, security engagement and influence, security training and education, security communications, or human risk management.

In today’s dynamic threat landscape, our customers rely on us more than ever to protect their sensitive data, systems and operations from increasingly sophisticated cyber threats. From ransomware attacks to malware to crypto-jacking, the adversaries we confront are relentless and evolving, requiring us to be continuously vigilant and proactive. we’ve added some new perspectives that feature feedback from our 24/7, 365 SOC analysts, market insight provided by a reputable cybersecurity insurance provider and even included the voices of some of our partners.

Our research was conducted to understand how the adoption of new AI is affecting the threats stakeholders face, how they are responding, and AI’s role in prevention, threat detection, incident response, and recovery workflows. AI’s effects on the threat landscape are already being felt. A majority of survey participants (74%) report their organizations are seeing significant impacts from AI-powered cyber threats. An even greater majority (89%) believe that AI-powered threats will continue to trouble their organizations well into the future.