This paper answers questions about what the deserialization vulnerability is, and what the challenges are to solving it.

This is a threat advisory for Bluclub.

This threat report takes a look at some of the events of spring 2017. Specifically, it looks at the NICKEL GLADSTONE threat group, the Iranian COBALT GYPSY threat group, third party risks, limiting native operating system admin tools.

This report takes a look at how cyberattacks impact the utility industry.

Subtitled “Cyber Attacks: Can the Market Respond?”

In 2013, ISMG and FireEye teamed up to survey security leaders about advanced threats and breach response. Among the findings: Only 20 percent of respondents rated their incident response programs “very effective,” and they were most concerned about their abilities to detect and contain APT/malware quickly and completely.

This is an in depth presentation of the data breaches that occurred in the first half of 2015. It contains very detailed graphics, charts, and analysis.

This is a yearly report based on the activities of CERT Polska for the year 2015. Polish authorities, well aware of the dangers, commissioned this report containing proposals for the organization of the defenses system of the syberspace of the Republic of Poland.

This report can help you learn how to become more resilient to new attacks and compete more safely in the digital age.

This study, analyzes cyber threats from the years 2014 through 2016.

This is an annual report that discusses the latest malware and hacking trends in compromised websites.

This report, based on responses from nearly 200 IT and security practitioners surveyed, explores the current state of vulnerability risk management, the challenges that directly impact the remediation process, and the outlook for improvement in the coming year. In addition, compliance drivers and executive awareness of information security threats are considered to demonstrate their influence on effective vulnerability risk management.

This report discusses the Security Operations Center and how it is being architected in organizations with some consensus on what should be done. The paper details the issues and problems that need to be resolved as this area of expertise continues to grow.

The issues presented in this 2018 report are Targeted Intrusions, Criminal and Hacktivist Activity, and 2018 Predictions

The purpose of this report is to provide insight on significant industry trends, tools, and techniques being used by threat actors to carry out phishing attacks. It also sheds light on why shifts are occurring and what to expect in the coming year.

This guide provides some thoughts about implementing a Vulnerability Disclosure Program.

This is an infographic that details things every CISO should know about Open Source Security.

This is an infographic that summarizes the Redlock report of the same name.

This blog post discusses APT32 and it’s targetting of global corporations for destruction.

This paper looks at the cyber insurance market, the need for expert advice and the steps that organizations can take to ensure that they fully understand their own data risks and security vulnerabilities before taking out a policy.

This report tackles security issues related to the Internet Of Things.