From the report, “For security teams, the sheer depth and breadth of what they need to defend may seem daunting, but thinking about the Internet from an attacker’s perspective —a collection of digital assets that are discoverable by hackers as they research their next campaigns— can put the massive scope of their organization’s attack surface into perspective. In this report, we’ll highlight five areas that we feel help to better frame the challenges faced in keeping the Internet a safe environment, all of which underline a need to broaden awareness of the potential risks involved to foster a more informed approach to cyber defense.”

This report offers deep insight into the threat actor known as Oilrig.

From the report, “To put the relentlessness of attacks and the attackers perpetrating them into perspective, it has been reported that the global cybercrime economy generates an annual profit of $1.5 trillion or roughly the same as Russia’s GDP. To use an old cybersecurity adage, attackers only need to succeed once to compromise your network, defenders need to succeed every time. These facts and the events of Q1 2018 reinforce the reality that threat actors have no intention of scaling back their attacks. It is important not to be distracted by coverage given to one attack vector or class of attack – distraction has been a powerful tool in the arsenals of attackers for centuries… just think about why malware trojans are so named.”

CISOs Investigate: User Behavior Analytics (UBA) includes interviews with 11 security leaders who have deployed or are looking to deploy third-party solutions. This report replaces the ad hoc, often informal and time-consuming processes of personally gathering peer insight. Spanning verticals, the CISO contributors share real-world use cases and provide guidance.

This quarter saw a dramatic increase in attacks targeting consumer-grade routers, increasing 539% from Q4, 2017. The majority of hostile detections on the eSentire threat detection surface pertain to perimeter threats: Information Gathering, Intrusion Attempts, and Reputation Blocks. eSentire Threat Intelligence assesses with medium confidence that these detections originate, largely, from automated scanning and exploitation attempts. Threats beyond the perimeter, such as Malicious Code (+35%) and Phishing (+39%) both saw increases in the frst quarter of 2018.

By the end of this report, you’ll have a better understanding of today’s approaches to evading detection tools and the trajectory of evasion into the next year. This way, you’ll have a better sense regarding your endpoint security architecture and your plans for maintaining or improving its effectiveness.

For this report, Menlo Security’s researchers analyzed the top 100,000 domains as ranked by Alexa to understand the risks inherent in using the world’s most popular websites. We found widespread evidence that cybercriminals are successfully exploiting long-held measures of trust, such as a particular site’s reputation or the category in which the site is included, to avoid detection and increase the effectiveness of their attacks.

Insider threats, such as those associated with the Marriott breach, are considered one of the top concerns in IT security due to the devastating impact on business, reputation, loss of sensitive data, and significant fines. Security solutions that rely on allow lists / block lists and signature files fall far short in their attempt to mitigate this threat. Machine learning and behavioral analysis are uniquely suited to immediately identifying anomalies that indicate an insider threat before any data is lost.

This paper is a theoretical study looking at three famous cases of insider attacks that occurred over the past six years. The paper defines the facts of the attacks and information on the attackers. It then theorizes how a behavioral analytics engine could have been used to detect and prevent these attacks. Although theoretical, the analysis is focused on technical facts rather than on opinions, so that objectivity is maintained. All facts referenced in this document are publically available. No confidential or classified data is used in this document.

The Q3 2018 Fraud Index Report, produced by the DataVisor Research Team, analyzes recent fraud attacks impacting consumers and organizations for the period July - September 2018.

From the report, “Trojans are still winning. Out of the 12 Threat Reports over Q3, six were trojans. While the results from the Threat Report quarterly from Q2 2018 were pretty even in terms of the volume of threats being spread out between APTs, ransomware and trojans, Q3 2018 showcased the depth and breadth of trojan diversity and malicious innovation.”

From the report, “Threat actors are increasing their use of fileless malware for one simple reason: most organizations aren’t prepared to detect it. Education is the first step in determining what threat these new attacks pose and what IT and security teams can do to detect and stop fileless malware attacks. READ THIS PAPER to understand how fileless malware is quickly evolving to avoid detection, the techniques currently employed to prevent infection and the strategies security teams need to consider when determining how to stop future fileless breaches.”

This report offers some insight into Health Information Technology and the cybersecurity issues that plague that area.

From the report, “The large-scale attacks and disastrous outcomes in this paper underscore the fact that targeted phishing is the overwhelming cause of nearly all breaches. Phishing attacks cost companies an incalculable amount of money, prestige, goodwill, confidential data, and competitive advantage, as well as brand identity and integrity. The Verizon Data Breach Investigations report supports the overwhelming impact of phishing, which targets businesses consistently across email, web, and network traffic. Siloed approaches lead only to siloed and ineffective protection. Partial, reactive defenses such as employee education, perimeter protection, and spam filtering simply don’t work against today’s phishing threats.”

On September 7th, 2017 Equifax disclosed the occurrence of data breach that occurred between May 2017 and July 2017. Equifax discovered the breach in July 2017. Initial estimates suggest that up to 143 million people could be affected. Credit card information of approximately 209,000 cardholders and personally identifiable information of 182,000 consumers was also compromised. Given past history with similar such breaches, additional impact is likely to be uncovered over time.

From the report, “During the last few months, global corporations have been extremely busy with implementing the needed changes in order to be compliant with the upcoming GDPR regulation. While this happens, cyber-threat actors are preparing themselves for the possible consequences, without a clear picture of whether GDPR will hurt them or benefit them. According to the General Data Protection Regulation (GDPR) any company that handles European Union consumer personal data is obligated to take tangible steps to ensure the information’s security. This means the EU sees any organization that uses EU citizens’ data of any kind, responsible to protect it, whether the organization is headquartered inside EU territory or not. It will, of course, affect the way global corporations handle consumer data encryption, but in even more basic terms, it will affect what kind of information is permitted to be stored and passed along to other users.”

This report takes a look at the healthcare industry and seeks to provide insight into the cyber security issues that remain in that industry.

On an ongoing basis, Visa tracks global breach trends affecting retailers and other merchants. In 2017, research confirmed that the U.S. and Europe were the top two regions for payment data breaches. This report offers insight specific to Visa and their unique due diligence in the cyber threat universe.

From the report, “On November 26th, Slovakian Anonymous leader ‘Abaddon’ posted in the deep web message board ‘Hidden Answers’, looking to recruit accomplices for an operation targeting NATO and EU websites. The proposed attacks would potentially arrive by means of XSS (cross-site scripting), SQL injection, or a combination of both. And by DDoS (distributed denial of service), a type of attack that is intended to make an online resource unavailable to its legitimate users by overwhelming it with traffic. It is not yet clear what the motives for the operation are, or what the official name will be.”

The report covers a variety of issues but offers these key findings, Sometimes an “attack” isn’t exactly what it first appears to be, Bots are big money for attackers and they’re constantly evolving, Mental health issues cost U.S. businesses more than $190 billion a year in lost earnings. Read on for more information.

This report offers insight into forged documents online. And how they are traded and used to commit identity fraud or evade authorities.