This book provides excellent research and an in-depth study of cybercrime criminals and money.

From the report, “AED is an acronym we‘ve coined, short for “Acquire, Enrich, Detect.” It describes the process we use internally to collect threat intelligence and actualize our ability to identify when networks are under attack. We do this in the shortest possible time, with the highest degree of confidence, by looking ONLY at the raw network traffic.”

This paper examines the struggle that Universities and Campuses have with students and the Interent Of Things.

This report looks at data from the mobile estates of global asset management and investment firms; providing analysis, benchmarking and best practice guidance on keeping mobile devices secure and managing data consumption.

This paper is subtitled “Discover the ideal technology dor detecting unknown, zero-day mobile threats.

From the report, “When it comes to the increasing cybersecurity risk faced by commercial companies, leaders in government, private enterprise and academia express varying opinions. However, a common thread is a shared sense that leaders feel overwhelmed by the growing threats and see a lack of focus and commitment to basic — but often difficult — principles across their operations. Many people, including those at organizations’ highest levels, assume cybersecurity has become a problem we cannot fix. But we can.”

Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. Because Synology is one of the top manufacturers of NAS devices, this paper chose to analyze a Synology DS215j. In doing so it identifies a number of exploitable security flaws. In this paper, they discuss in detail the analysis performed, methodologies used, and vulnerabilities found during the summer of 2015.

This very well put together report takes a look at phishing attacks and how they can be avoided.

Here are some quick facts about this report and what they tell us about the issues that the healthcare industry as a whole needs to address: 58% of incidents involved insiders—healthcare is the only industry in which internal actors are the biggest threat to an organization. Medical device hacking may create media hype but the assets most often affected in breaches are databases and paper documents. Ransomware is the top malware variety by a wide margin. 70% of incidents involving malicious code were ransomware infections. Basic security measures are still not being implemented. Lost and stolen laptops with unencrypted PHI continue to be the cause of breach notifications.

This Quarterly report offers key takeaways from the first Quarter of 2018. Those takeaways come from Email, Exploit Kits, Web-Based Attacks, and Social Media and Domain Research.

This report from September 2016 takes a look at Firewall VULNS, RIG Popularity, diversified ransomware, POS System attacks, and a few other specific threats.

Drama, intrigue and exploits have plagued 2016 and, as we take stock of some of the more noteworthy stories, we once again cast our gaze forward to glean the shapes of the 2017 threat landscape. Rather than thinly-veiled vendor pitching, we hope to ground these predictions in trends we’ve observed in the course of our research and provide thought-provoking observations for researchers and visitors to the threat intelligence space alike.

This report takes a look at the Waterbug Attack Group and their impact in 2016.

This article provides exclusive insight into North Korea’s Anti-Virus program.

Veracode’s intention is to provide security practitioners with tangible AppSec benchmarks with which to measure their own programs against. They’ve sliced and diced the numbers to offer a range of perspectives on the risk of applications throughout the entire software lifecycle. This includes statistics on policy pass rates against security standards, the statistical mix of common vulnerability types found in applications, flaw density and average fix rate.

This infographic provides an analysis of the types of events that occurred in 2017 for this particular Endpoint Security provider.

Are businesses ready today to face cyber threats head on? To find out, Ponemon Institute, with sponsorship from Resilient, an IBM Company, surveyed 623 IT and IT security practitioners about their organizations’ approach to becoming resilient to security threats. The findings are presented in this study.

Don’t let Hollywood fool you: carrying out an attack doesn’t resemble the plot of an action movie. Attackers don’t automatically breach a network, immediately locate the information they want and then swiftly exit the organization. Attacks are complicated operations that unfold over multiple steps and take time, weeks and oftentimes months to achieve the desired goals.

This report seeks to answer the following question, “Is cybercrime, cyber espionage, and other malicious cyber activities what some call “the greatest transfer of wealth in human history,” or is it what others say is a “rounding error in a fourteen trillion dollar economy?””

This report examines the broadest platform data set available and explains why organizations like General Motors, Starbucks, Uber, the U.S. Department of Defense, Lufthansa, and Nintendo have embraced continuous, hacker-powered security.

With the limits of both hard military power and soft power in mind, we set out to explore the space in between: nonmilitary ways of coercing, deterring, weaken- ing, and punishing those that threaten peace, security, and U.S. inter- ests. This examination was part of a project for the Army Quadren- nial Defense Review Office called Hard Security. This report presents alternate approaches to securing U.S. interests that complement hard security and potentially make it more effective.