This paper exerts that there exists very little data on whether companies are winning the war against cyber crime. It seeks to answer several questions with this survey of 270 IT security professionals in North America.

This guide is designed to help enterprises endpoint security solutions.

This paper provides a helpful checklist for NIST adoption.

This paper navigates decision-makers through the issues surrounding a specific technology or business case, explores the business value of adoption, and recommends the range of considerations and concrete next steps in the decision-making process.

In this edition, we highlight the notable investigative research and trends in threats statistics gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q2 of 2018. Cybercriminals continue to follow the money. Although this statement is familiar, our latest Threats Report clearly shows the migration from certain older attacks to new threat vectors as they become more profitable. Just as in Q1, we see the popularity of cryptocurrency mining continue to rise. In this report we detail recent findings from three McAfee Labs analyses that appeared in Q2. You can read summaries of each on pages 5-7. One area of investigation by our research teams is in digital assistants. In Q2 we analyzed a vulnerability in Microsoft’s Cortana. This flaw allowed an attacker to log into a locked Windows device and execute code. Following our vulnerability disclosure policy, we communicated our findings to Microsoft; the analysis resulted in CVE-2018-8140. We also examined the world of cryptocurrency attacks with an in-depth view of blockchain technology. Our report detailed many of the vulnerabilities being exploited by threat actors looking for a quick return on their investment.

With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications are supporting the most critical business processes for the biggest organizations in the world. This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications. We have concentrated our efforts on the two most widely-adopted solutions across the large enterprise segment, SAP and Oracle E-Business Suite, focusing on the risks and threats organizations should care about.

In 2018, our global Services team focused resources, intelligence and technology to detect and disrupt future attacks. We’ve analyzed the massive amounts of security data collected from every engagement this year and we’ve gained new insights into what challenges organizations face and how they can better prepare for the next wave of threats. This casebook presents some of the findings and recommendations we’ve made in key engagements across a representative sample of the work we performed last year. We dig into: Emerging and notable trends Examples of ill-prepared organizations and the devastating effects of the breaches they suffered Essential recommendations to prevent companies from becoming another statistic of poor security planning and execution This casebook also underscores the expertise of our team and the important work we’re doing at CrowdStrike® Services. As you read the case studies, you will see that CrowdStrike stands shoulder-to-shoulder with our clients as we work together to stop adversaries and repair damage. But this casebook is not just for CrowdStrike clients — we want everyone to become better prepared to overcome their adversaries in 2019.

In this issue of the State of The Internet/Security report, they take a look back at some of the events they were a part of and the research the Akamai teams produced in the past 12 months. They also examine a few of the stories that formed the background in security this year.

In this research, Digital Shadows assessed the sensitive data exposed from some of the most ubiquitous file sharing services across the Internet. We found over twelve petabytes of publicly available data across open Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives.

In the DomainTools Reports, we explore various “hotspots” of malicious or abusive activity across the Internet. To date, we have analyzed such varied markers as top level domain (TLD), Whois privacy provider, domain age, patterns of registrant behavior, and more. In each case, we found patterns across our database of over 300 million (315M+ as of this writing) active domains worldwide; these patterns helped us pinpoint nefarious activity, at a large scale, in ways that are similar to methodologies used by security analysts and threat hunters at smaller scales to expose threat actor infrastructure.

Since the 2016 U.S. presidential election, the term “fake news” has integrated itself frmly into our daily vernacular. However, fake news is used very broadly to describe: disinformation, propaganda, hoaxes, satire and parody, inaccuracies in journalism, and partisanship. Disinformation campaigns are not limited to the geopolitical realm – its use is far more pervasive. The sheer availability of tools means that barriers to entry are lower than ever. This extends beyond geopolitical to fnancial interests that affect businesses and consumers. This paper presents an overview of these different motivations and tools actors can turn to. In Digital Shadows’ Disinformation Campaign Taxonomy, we lay out the stages used in disinformation campaigns. In doing so, it is possible to develop ways to potentially disrupt these efforts and create greater friction for actors involved.

This paper outlines the results of the DomainTools second annual Cybersecurity Report Card Survey. More than 500 security professionals from companies ranging in size, industry and geography were surveyed about their security posture and asked to grade the overall health of their programs.

This report provides a summary of OverWatch’s findings from intrusion hunting during the first half (January through June) of 2018. It reviews intrusion trends during that time frame, provides insights into the current landscape of adversary tactics and delivers highlights of notable intrusions OverWatch identified. OverWatch specifically hunts for targeted adversaries. Therefore, this report’s findings cover state-sponsored and targeted eCrime intrusion activity, not all forms of attacks.

After analyzing the activities of cyber threat actors this year, the DomainTools Research Team has identified four key cybersecurity concerns that security teams, executives, consumers and government officials can expect to encounter next year. From hacked drones with the potential to cause physical harm, to advancing activity from North Korea and Hidden Cobra, this paper connects the dots between the past, present and future to help organizations get ready for the security challenges of 2018.

This report, prepared by CyberInt, summarises the currently known information regarding the recent breach at Deloitte, one of the ‘big four’ accounting firms, and includes a timeline of events, what is known of the breach itself as well as the aftermath.

Long gone are the simple days of malware threats only being associated with the computers on our desks or at our business offices. Today, we’ve all become accustomed to malware infiltrating our homes and pockets across a variety of platforms, be that our telephones, tablets, smart TV or even ‘connected’ devices such as our fridges. Whilst malware can be tailored for different platforms and differ in their abilities or functionality, the overall taxonomy remains very much the same. Back in the ‘halcyon’ days many malware authors released their wares for fun, ‘lulz’ in modern parlance, today most are criminally motivated and driven by financial gain, ideology, revenge and nation state doctrine. The objective of these attacks, and the compromised devices or networks, are typically similar and result in the threat actor gaining access, leading to the theft of confidential and personal information, or disrupting the operations and functionality.

This report takes a look at the “Key Reinstallation Attack” VULN that works against all modern protected Wi-Fi- networks.

This report describes the Sentry MBA, a credential stuffing attack tool, which has become the most popular cracking tool among threat actors in recent months. Among the reasons for its popularity, the Sentry MBA hacking tool is freely and publicly available, extremely effective, and easy to operate.

This report offers information related to an ATM Jackpotting kit for sale on darknet.

Working with some of the world’s leading online brands, CyberInt takes a look at the fraud threats that retailers receive in the cyber world.

This paper offers insight into QR code usage and user interest and suggests that organizations should take time to consider and familiarize themselves with the potential security ramifications.