In our Underground Threat Activity report, you will find detailed analyses of cyberforum activities that we have observed over the past year, from emerging trends and cybercrime statistics to TTPs employed by TAs across several industries. You can also find our recommendations to mitigate the impact of these attacks, as well as our predictions from the evolution of the threat landscape and emerging threats that we may see in the future.

The cybercrime industry is very dynamic and develops and morphs daily. As a result, new trends keep on emerging that demand us to be on top of things in order to keep our organizations safe and secure. This report will focus on all the major and relevant security trends of 2022 that we can learn from, as well as what can we conclude and predict about how these threats could reveal themselves and change in 2023.

In this report, we have examined the existing gaps in MITRE repositories and how they inhibit security teams from understanding their true threat context. We also introduce Securin’s Vulnerability Risk Score (VRS), an vulnerability ranking system that can help organizations prioritize vulnerabilities based on their risk factors, threat associations, exploitability, and criticality.

The annual report surveys the threat landscape of 2022, summarizing a year of intelligence produced by Recorded Future’s threat research team, Insikt Group. We analyze global trends and evaluate significant cybersecurity events, geopolitical developments, vulnerability disclosure, and more, providing a broad, holistic view of cyber landscape in 2022.

Tenable Research takes that approach to equip our customers and the industry at large with the tools, awareness and intelligence to effectively reduce risk. To further those goals, SRT has complied this 2020 Threat Landscape Retrospective, which offers both a macro look at the trends that shaped the year as well as the detailed compendium of key vulnerabilities. The insights and data provided in these pages are designed to help cyber defenders learn from the past in order to build cybersecurity strategies that protect critical infrastructures, supply chains and data while respecting privacy.

Our goal with this report is to help demystify the ransomware ecosystem by exploring the key players involved, as well as the techniques and tactics utilized by ransomware operations and their affiliates to infiltrate organizations and distribute ransomware payloads. We also provide a list of the most common vulnerabilities likely to be exploited as part as a ransomware attack, to help security practitioners prioritize remediation.

The study, conducted by Opinion Matters on behalf of Tenable, surveyed 1,500 professionals representing roles in cybersecurity, DevOps and IT engineering. The study offers insights into what organizations perceive as the greatest risks and reward of investing in the metaverse and the level of development required to take such as major step safely.

Tenable’s Security Response Team (SRT) continuously monitors the threat landscape throughout the year, putting us at the forefront of trending vulnerabilities and security threats. From this vantage point, we complied and categorized our data from this annual report. In a year marked by tense geopolitics, hacktivism, ransomware and attacks targeting critical infrastructure - all alongside a turbulent macroeconomic environment - organizations struggled to keep pace with the demands on their cybersecurity teams and resources.

The report shows that security must parallel the slope of technology innovation. As technology matures, security has to mature and match the innovation of the technology running our organizations. The same thing can be said for the adversary. With every innovation we achieve, we can expect the adversary to actively seek ways to exploit it. From the cloud to Kubernetes, from Al to applications and more, as technology gets more complex and provides tremendous operational gains, security must evolve to protect the productivity we gain.

Rapid7’s Vulnerability Intelligence Report examines notable vulnerabilities and high-impact attacks from 2022 in order to highlight exploitation trends, explore attackers use cases, and offer a framework for understanding new security threats as they arise. Our aim is the contextualize the vulnerabilities that introduce serious risk to a wide range of organizations. The report examines 50 vulnerabilities that pose considerable risk to organizations of all sizes. In total, this report includes 45 vulnerabilities that were exploited in the wild 2022, of which 44% arose from zero-day exploits.

In this report, sponsored by F5 Labs, we take a step back and examine the universe of vulnerabilities (defined by the CVE) and how it’s changed in the last 20 years. As you will see, we will find some surprising things along the way.

In this report, we analyze data from Dark Reading’s survey that shows how security teams are struggling to keep up with the transformational changes to their business model and infrastructure. Many are partnering with security service providers, but they often struggle to get the most value from these partnerships. We show how organizations can optimize - and get the most out of - the relationships with their security solution provider partners.

The 2023 SonicWall Cyber Threat Report provides critical insights and actionable intelligence needed to safeguard your organization from new and emerging cyber threats. The bi-annual report includes key threat intelligence, trend analysis and changes in cybercriminal tactics - al in one in-depth resource.

This research paper is a joint effort between Trend Micro and Waratah Analytics, a data-modeling, risk-analysis, and exposure management services provider. It analyzes the modern ransomware ecosystem using data-science approaches and leverages information collected from network-based and host-based telemetry, underground forums, bitcoin and financial transactions, and chat logs - together with a deep analysis of criminal business processes - to find trends, new developments, and choke points in the ransomware ecosystem.

In its 8th edition this year, the 2023 “Open Source Security and Risk Analysis” (OSSRA) report delivers our annual in-depth look at the current state of open source security, compliance, licensing, and code quality risks in commercial software. We share these findings with the goal of helping security, legal, risk, and development team better understand the open source security and license risk landscape.

As 2021 progressed through its second quarter and into the third, cyber criminals introduced new - and updated - threats and tactics in campaigns targeting prominent sectors. Ransomware campaigns maintained their prevalence while evolving their business models to extract valuable data and millions in ransoms from enterprises big and small. REvil/Sodinokibi topped our list of ransomware detection in Q2 of 2021.

As we look ahead in this new year, we must acknowledge a threatscape that left us all exhausted from a particularly challenging end to 2021. In our new company’s first threat report, we acknowledge the issue that dominated not only headlines, but the focus of defenders and enterprise security teams. We also look back at the third and fourth quarters of 2021, but let’s first detail our weather of resources available to help you combat Log4j.

The first quarter of 2022 in cybersecurity was more about evolution than revolution. The techniques and prevalence of ransomware attacks advanced while Russian cyberattacks continues a slow-building evolution fed by the continuing conflict in Ukraine. Our latest Trellix Threat Report includes our findings from Q1 2022 and other vital research included the evolution of Russian cybercrime, ransomware in the United States, and email security trends. We also share our team’s recent research into vulnerabilities found in building access control systems, and risks unquie to connected healthcare.

Radware’s 2022 Global Threat Analysis Report reviews the year’s most important cybersecurity events and provides detailed insights into the attack activity of 2022. The report leverages intelligence provided by Radware’s Threat Intelligence Team, and network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network and Threat Research team.

In T2 2022, we saw the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, which likely continued to lose their steam due to the Russia-Ukraine war, along with the post- COVOD return to offices and overall improved security of corporate environments. Even with declining numbers, Russia IP addresses continued to be responsible for the large portion of RDP attacks.

Last year, we made several predictions about how the threat landscape would evolve, ranging from attackers spending more effort on pre-attack activities to an increasing number of attack attempts impacting operational technology (OT). Lets look at how some of our predictions fared and how we expect these threats to evolve as we plan for 2023.