This report will explore the requirements and challenges of creating a secure, reliable and resilient smart city. It will consider how administrations and the overall city ecosystems will need to provide innovative, resilient ‘smart’ solutions that leverage digital information while protecting against malicious violations, unintentional damage and natural disasters.

The “Trends For 2015 – Targeting the Corporate World” report by the ESET LATAM Research Lab invites you to review some of the most significant cases that affected computer security in 2014, and to consider and present the challenges and threats expected for 2015. This report will try to address the different types of threats and security incidents we have witnessed during the year classified by catego- ry in order to answer the following questions: what will we find during 2015 in terms of IT security? And how, therefore, can companies and individual users prepare themselves to get through next year in safe- ty?

This paper takes a look at the cities of the US, and the cyber threats that occurred there.

The 2015 Internet Security Threat Report (ISTR) provides an overview and analysis of the year in global threat activity. (aggregating and collecting data collected from Symantec devices and customers)

Readers are encouraged to use this report to get a better understanding of the current threat landscape, including trends specific to different contexts like region, time of day, industry, and more, in order to better fine-tune defenses for meeting the security needs of their unique environments.

This report includes insights and recommendations intended to help organi- zations and their security, risk, legal, and development teams better understand the open source security and license risk landscape as they strive to improve their application risk management processes.

In this report, they review malicious activity that SophosLabs analyzed and protected their clients from in 2017. They take that data and project what can be expected from 2018.

Today’s threat landscape is rapidly evolving, which means it is simply not enough for organizations to roll out an annual security training program and then pat themselves on the back for a job well done. Companies need to consistently invest in training and keep their employees updated on the latest vulnerabilities.

This paper lays out the 5 steps necessary for the foundation of an effective cyber risk management program.

From the report, “In this report we provide a broad view of the 2015 threat landscape, ranging from industry-wide data to a focused look at different technologies, including open source, mobile, and the Internet of Things. The goal of this report is to provide security information leading to a better understanding of the threat landscape, and to provide resources that can aid in minimizing security risk.”

How much does it cost technically proficient adversaries to conduct successful attacks, and how much do they earn? In this report, they look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.

In this white paper, they aim to define generations of machine learning and to explain the maturity levels of artificial intelligence (AI) and machine learning (ML) that are being applied to cybersecurity today. In addition, the paper seeks to explain that while a great deal of progress has been made in the evolution of machine learning’s application to cybersecurity challenges, there remains an immense amount of opportunity for innovation and advancement in the field, and they expect the sophistication of applications of machine learning to continue to evolve over time.

This report takes a look at the mobile threat events for the last quarter of 2017.

This monthly threat report takes a look at the month of July 2017. More specifically, it takes a look at why the GDPR matters, observations from the Cyber Kill Chain, and buffer flow VULNS.

This report begins with the following statement, “Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers, intent on exploiting vulnerabilities in their insecure and antiquated networks in order to exfiltrate patient health records.” The paper then goes on to discuss the IT struggles of the healthcare sector.

From the report, “While I call this document a ‘getting started guide,’ regardless of your program’s maturity I think you’ll find some helpful hints regarding the people, process, and technology that can elevate your mobile app security program to the next level.”

Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. Because Synology is one of the top manufacturers of NAS devices, this paper chose to analyze a Synology DS215j. In doing so it identifies a number of exploitable security flaws. In this paper, they discuss in detail the analysis performed, methodologies used, and vulnerabilities found during the summer of 2015.

This report discusses Ransomware’s Stronghold on Healthcare, the Impact on HIPAA Compliance, and Taking the Offensive: What You Need to Know

This report from September 2016 takes a look at Firewall VULNS, RIG Popularity, diversified ransomware, POS System attacks, and a few other specific threats.

Veracode’s intention is to provide security practitioners with tangible AppSec benchmarks with which to measure their own programs against. They’ve sliced and diced the numbers to offer a range of perspectives on the risk of applications throughout the entire software lifecycle. This includes statistics on policy pass rates against security standards, the statistical mix of common vulnerability types found in applications, flaw density and average fix rate.

This infographic provides an analysis of the types of events that occurred in 2017 for this particular Endpoint Security provider.