From the report, “As the hype and soaring price of cryptocurrency has drawn in thousands of new players worldwide, generating a single bitcoin takes a lot more servers than it used to. It is becoming an arms race amongst miners for access to CPUs, GPUs and even electricity. As a result, we are starting to see a cryptojacking epidemic and hackers aren’t sparing anyone; they are targeting everyone from consumers to large multinational organizations.”

This report measures the difference in days between when an exploit for a vulnerability becomes publicly available (Time to Exploit Availability) and when a vulnerability is first assessed (Time to Assess). A negative delta indicates that the attacker has an opportunity to exploit a vulnerability before the defender is even aware of the risk. The sample set used for this analysis is based on the 50 most prevalent vulnerabilities from nearly 200,000 unique vulnerability assessment scans.

In this report we analyze real-world end-user vulnerability assessment (VA) behavior using a machine learning (ML) algorithm to identify four distinct strategies, or “styles.” These are based on five VA key performance indicators (KPIs) which correlate to VA maturity characteristics. This study specifically focuses on key performance indicators associated with the Discover and Assess stages of the five-phase Cyber Exposure Lifecycle. During the first phase – Discover – assets are identified and mapped for visibility across any computing environment. The second phase – Assess – involves understanding the state of all assets, including vulnerabilities, misconfigurations, and other health indicators. While these are only two phases of a longer process, together they decisively determine the scope and pace of subsequent phases, such as prioritization and remediation. The actual behavior of each individual enterprise in the data set, in reality, exhibits a mixture of all VA Styles. For the purposes of this work, enterprises are assigned to the specific style group with which they most closely align. We provide the global distribution of VA Styles, as well as a distribution across major industry verticals.

This report offers 14 tips to fortify your public cloud environment. From the report, “This edition of RedLock’s Cloud Security Trends marks the report’s one year anniversary, and it’s been a sobering year in terms of public cloud breaches, disclosures and attacks. This report highlights key learnings from these incidents along with research by the RedLock Cloud Security Intelligence (CSI) team to shed light on the trends that we can expect this year.”

This report is based on the results of a comprehensive online survey of 437 cybersecurity professionals conducted from June through August 2018 to gain deep insights into the latest application security threats faced by organizations and the solutions to prevent and remediate them. The respondents range from executives to managers and IT security practitioners. They represent organizations of varying sizes across many industries.

This infographic provides brief insight into the corresponding 2019 Threat and Vulnerability Trends report.

This report takes a look at the threat intelligence of organizations surveyed in 2018. Among the key findings of the report are that organizations are leveraging threat intelligence data for a number of use cases, and many rate themselves fairly competent in their use of threat intelligence to identify and remediate cyber threats.

In 2016, Rapid7 Labs launched the National Exposure Index in order to get a measurable, quantitative answer to a fairly fundamental question: What is the nature of internet exposure—services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet—and where, physically, are these exposed services located? Now in our third year, we continue this ongoing investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the continuing changes involving these exposed services. We’ve also added a third dimension for exposure, “amplification potential,” in the wake of the disastrous memcached exposure uncovered in 2018.

From the report, “This quarter’s report covers three main areas of concern for the modern IT defender: • First, credential theft, reuse, and subsequent suspicious logins are—today— the most commonly reported significant incident we’re seeing across both small (<1,000 endpoints) and large organizations (≥1,000 endpoints). • Second, the DDoS landscape just got a lot more interesting with the debut of a new technique using misconfigured—and plentiful—memcached servers. • Finally, we take a look at the increasing levels of SMB and Cisco SMI attacker probes and attacks, where the former continues to define the “new normal” level of background malicious behavior around Windows networking, and the latter begins to bring shape to this relatively new attack vector targeting core router infrastructure.” Read on to find out more.

Synopsys and SAE International partnered to commission this independent survey of the current cybersecurity practices in the automotive industry to fill a gap that has existed far too long—the lack of data needed to understand the automotive industry’s cybersecurity posture and its capability to address software security risks inherent in connected, software-enabled vehicles. Ponemon Institute was selected to conduct the study. Researchers surveyed 593 professionals responsible for contributing to or assessing the security of automotive components.

From the report, “With its customer base of over 4,000 organizations, Alert Logic has first-hand insight into the state of threat detection and response. Drawing from more than a billion security anomalies, millions of security events, and over a quarter million verified security incidents from April 2017 to June 2018, our research has identified five key insights that every business leader, IT leader, and IT practitioner should be aware of: 1. The initial phases of the cyber killchain are merging to accelerate targeted attacks 2. Industry and size are no longer reliable predictors of threat risk 3. Attack automation and “spray and pray” techniques are aiming at everything with an IP address 4. Cryptojacking is now rampant 5. Web applications remain the primary point of initial attack” Read on to find out more.

From the report, “Over the past few year’s attackers have exploited this opportunity, and as documented in our Anatomy of an Attack (AOA) report, have compromised a wide variety of manufacturing control systems. This report documents five case studies which show how cyber attackers could gain access to manufacturing and utility facilities. We also detail the progression of the attacks which in some cases disabled operations for an extended period. In one of our case studies, losses were catastrophic with the impacted entity suffering losses of over 800,000 euro per day. This report will explain how the attacks happen, and once established, how the attackers can extend these command and control points to breach the institution’s records, blackmail and extort funds, or worse, disable ongoing operations of the facility over an extended period.” Read on to find out more.

From the report, “We live in incredible times, where we trust more of our lives to machines that are becoming ever more powerful. We cannot leave the doors to our “digital kingdoms” wide open. Adversaries, both nation-states and for-profit malicious actors, have access to a seemingly unlimited supply of “all access keys”. Our responsibility is to revoke and disable these keys or to at least make that access as difficult as possible through thoughtful defense-in-depth security controls. These controls should not just rely solely on the “next gen” version of a well-known technology. Truly different types of protection and detection technologies need to be layered in order to create the strongest possible defense.” Read on to find out more.

From the report, “With endpoint security products continuing to be at the tip of the spear of cyber defenses for years to come, the question is how to ensure the best possible security posture. No matter which way an endpoint security buyer turns, there is no one magic bullet. It is likely that a layered approach with multiple different technologies working together is required.” Read on to find out why.

From the report, “For security teams, the sheer depth and breadth of what they need to defend may seem daunting, but thinking about the Internet from an attacker’s perspective —a collection of digital assets that are discoverable by hackers as they research their next campaigns— can put the massive scope of their organization’s attack surface into perspective. In this report, we’ll highlight five areas that we feel help to better frame the challenges faced in keeping the Internet a safe environment, all of which underline a need to broaden awareness of the potential risks involved to foster a more informed approach to cyber defense.”

This quarter saw a dramatic increase in attacks targeting consumer-grade routers, increasing 539% from Q4, 2017. The majority of hostile detections on the eSentire threat detection surface pertain to perimeter threats: Information Gathering, Intrusion Attempts, and Reputation Blocks. eSentire Threat Intelligence assesses with medium confidence that these detections originate, largely, from automated scanning and exploitation attempts. Threats beyond the perimeter, such as Malicious Code (+35%) and Phishing (+39%) both saw increases in the frst quarter of 2018.

For this report, Menlo Security’s researchers analyzed the top 100,000 domains as ranked by Alexa to understand the risks inherent in using the world’s most popular websites. We found widespread evidence that cybercriminals are successfully exploiting long-held measures of trust, such as a particular site’s reputation or the category in which the site is included, to avoid detection and increase the effectiveness of their attacks.

The DataVisor Fraud Index Report Q2 2018 is based on attacks that were detected by the DataVisor UML Engine from April through June 2018 with additional recent attack trend data. This report provides unprecedented insights into the evolving attack trends and characteristics of fraud attacks across a number of industries including social platform, e-commerce, financial services, and mobile gaming.

This report offers some insight into Health Information Technology and the cybersecurity issues that plague that area.

On September 7th, 2017 Equifax disclosed the occurrence of data breach that occurred between May 2017 and July 2017. Equifax discovered the breach in July 2017. Initial estimates suggest that up to 143 million people could be affected. Credit card information of approximately 209,000 cardholders and personally identifiable information of 182,000 consumers was also compromised. Given past history with similar such breaches, additional impact is likely to be uncovered over time.

On an ongoing basis, Visa tracks global breach trends affecting retailers and other merchants. In 2017, research confirmed that the U.S. and Europe were the top two regions for payment data breaches. This report offers insight specific to Visa and their unique due diligence in the cyber threat universe.