With this report, we want to promote open sharing on cyber threats and incidents and give the industry a public and relevant cyber threat picture anchored on a solid, well-documented basis. The report and knowledge base are the product of a collaborative community effort with our members and the Nordic TIBER Cyber Teams (TCTs) at the centre, with contributions from Nordic government entities.

This iteration of the Google Cloud Threat Horizons Report provides a forward-thinking view of cloud security with intelligence on emerging threats and actionable recommendations from Google’s security experts. This report explores top cloud threats and security concerns for 2024, including credential abuse, crypto-mining, ransomware, and data theft.

Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by only a few groups and those widely exploited by several. Each category necessitates different defense strategies. Groups targeting specific vulnerabilities tend to follow particular patterns, enabling companies to prioritize defenses and audits. To defend against unique exploitation, understanding the likely targets and vulnerability types is crucial. Looking ahead to 2024, advancements in generative AI may lower the technical barrier for cybercriminals, facilitating the exploitation of more zero-day vulnerabilities.

This annual report features the work of 37 sophisticated cybersecurity teams working in partnership to advance 29 open-source projects that improve cyber defense for the whole community. This report captures the energy and passion that Center Participants bring to advancing threat- informed defense for all. Use it as a reference and share it with your teams and colleagues to further change the game on the adversary.

Cyberattacks increased two or threefold across nearly every tracked metric in 2023, as cybercriminals continued to ramp up and diversify their attacks. To give the world’s defenders the actionable threat intelligence needed to safeguard against this relentless surge in cybercrime, we’ve compiled our research into the 2024 SonicWall Cyber Threat Report.

In this report, we bring you the insights from that data. It’s part of how we empower organizations to proactively navigate cyber risks, strengthen security approaches, and respond to incidents with unmatched efficiency. This report helps because it gathers real-world information from organizations like yours, so you can learn which threats really a#ect your peers–and how you can face them.

In this year’s report, 500 U.S.-based ITOps professionals express how automation increases their IT agility –reducing costs and enhancing endpoint management capabilities. The report also reveals that less than half (44%) of organizations have high ITOps agility, with the most agile showing mature uses of AI and workflow automation tools.

In this report, Coalition Security Labs’ dedicated security research team dives into data derived from Coalition’s extensive threat collection technologies and provides critical information to help security professionals, brokers, and businesses navigate the current cyber risk landscape. Readers will gain insights into how to prioritize vulnerabilities, understand which technologies threat actors are targeting, and compare cyber hygiene across industries.

Connectivity is continuing to transform the Automotive and Smart Mobility ecosystem, increasing cybersecurity risks as more functionality is exposed. 2023 marked the beginning of a new era in automotive cybersecurity. Each attack carries greater significance today, and may have global financial and operational repercussions for various stakeholders. Upstream’s 2024 Global Annual Cybersecurity Report examines how cybersecurity risks have evolved from experimental hacks into large-scale risks, focusing on safety and trust, operational availability, data privacy, and financial implications.

This report aims, simply, to help you build a proactive defense that anticipates and thwarts tomorrow’s threats. So, for the second year running we rallied the community for the largest predictions survey the cybersecurity awareness community has seen. We’ve harnessed their expertise, experience, and frontline intel.

In our report, we look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on our findings. While most of our recommendations remain consistent with prior years, there were some surprising takeaways, including a shift in the most impactful threats. The most widespread threat to WordPress security in 2023 was Cross-Site Scripting, as techniques for taking over websites by adding malicious administrators and backdoors have become mainstream.

2024 is poised to be a hotbed for new challenges in cybersecurity. As both economic and political terrains continue to undergo digitization, enterprises will increasingly leverage artificial intelligence and machine learning (AI/ML), the cloud, and Web3 technologies. While these innovations are expected to lend a hand to organizations, they also provide opportunities for cybercriminals by promising big returns, more streamlined operations on wider impact zones, and more targeted victims. In this report, we detail the focal points of next year’s threat landscape, along with insights and recommended mitigation measures from our team of cybersecurity experts that are designed to guide decision-makers toward well-informed choices.

In our 11th annual Data Breach Industry Forecast, we looked more broadly than ever before at trends and data on a global scale as data breaches have no borders. This, along with the fact that nationstate-sponsored gangs and attacks are becoming increasingly more strategic and purposeful due to political conflicts or interests, made it fitting to expand our lens. Our predictions come from Experian’s long history of helping companies navigate breaches over the past 21 years. Here’s where we expect to see some hard to believe, but possible developments in the world of data security incidents in 2024.

The Sysdig 2024 Cloud‑Native Security and Usage Report comes at an exciting time after a year of cybersecurity making headlines worldwide. This is indicative of how broad the security landscape has grown in a short amount of time, thanks to the cloud. This report looks at real‑world data to draw conclusions about the state of cloud security. From our perspective, we see that organizations continue to struggle with the shift‑left concept. Although runtime threat prioritization has greatly reduced vulnerabilities, there remains an urgency for powerful and speedy cloud threat detection and response (TDR).

This report is broken into four different threat types: identity, cloud, computer-based, and phishing. Keep in mind, though, that these threats are tightly related. Compromise of user identities can occur through phishing and can impact an organization’s cloud assets and endpoints, or malicious activity on an endpoint may be indicative of an exploited vulnerability. We’ll highlight that interconnectivity throughout.

CompTIA’s 2024 State of Cybersecurity report explores the many variables that must be considered in balancing the cybersecurity equation. As cybersecurity becomes a critical business imperative, every process must be scrutinized for potential vulnerabilities. This practice of risk analysis then drives decisions around workflow, skill-building and technology implementation. With technology trends evolving and attack patterns changing, true equilibrium is impossible to achieve. The balancing act is a full-time job.

To help businesses measure cyber attack readiness, we analyzed performance data from the 982 corporate security teams and 5,117 professionals who participated in our global CTF competition. HTB Business CTF: The Great Escape featured over 30 hacking challenges based on the live threat landscape covering areas such as forensics, blockchain, cloud, and more.

COVID-19 has dramatically changed the workplace and has created new cybersecurity risks and exacerbated existing risks. The purpose of this research, sponsored by Keeper Security, is to understand the new challenges organizations face in preventing, detecting and containing cybersecurity attacks in what is often referred to as “the new normal”. All respondents in this research are in organizations that have furloughed or directed their employees to telework because of COVID-19.

In this report, we’ll discuss three automotive-related cybersecurity emerging risks we’ve identified in 2023, arising from the rapid proliferation of SDVs. Growth in backend attacks allowing access to sensitive vehicle data and controls, the ever-evolving SBOM and the critical role it plays in enhancing automotive threat intelligence and cyber are on the rise in the agriculture, construction, and heavy machinery industries that fare fast to adopt software-defined and autonomous capabilities.

The 7th annual Hacker-Powered Security Report goes deeper than ever before with customer insights, in addition to the opinions of some of the world’s top hackers. We also take a more comprehensive look at the top ten vulnerabilities and how various industries are performing when it comes to incentivizing hackers to find the vulnerabilities that are most important to them.

In this year’s survey, they revisited questions around how organizations are developing effective third-party cyber risk management (C-TPRM) programs with robust technology and services and determining how to best collaborate with third parties on their shared security posture. They also asked some new questions related to how organizations refine their risk management approaches over time. To assure an accurate reflection of industry trends and observations, BlueVoyant commissioned its fourth annual survey undertaken by independent research organization, Opinion Matters, in October 2023. A total of 2,100 respondents represent a variety of executive roles within their organizations, but are all responsible for managing supply chain and cyber risk.