For this year’s report, we have incorporated additional data from previous years to provide an enhanced view of the present threat climate. Additionally, given the prevalence of internal compromises over external, we chose to focus the bulk of our analysis on internal attack vectors, and then compared this data to maturity scores.

Censys maintains the most comprehensive view of assets on the Internet by continuously scanning the public IPv4 address space across the 3,500 most popular ports. This Internet-wide scan data also powers our Attack Surface Management (ASM) product, which comprehensively maps organizations’ Internet exposure. This data allows us to understand broader trends in Internet security and how organizations are exposed across the Internet.

A recent Authentication Security Strategy survey by Enzoic and Redmond magazine revealed insights into the way that passwords are currently being used in various organizations, and what the future looks like regarding this ubiquitous authentication method.

This study was conducted to better understand consumer behavior around internet-connected devices and perceptions of security. It looks into generational differences in perception and behavior changes during COVID-19.

This report analyzes the security of healthcare delivery organizations. It looks at the risks the industry faces and provides effective strategies to reduce cybersecurity risks and defend healthcare networks.

In our 3rd annual Global Password Security Report, we strive to share interestingand helpful insights into employee password behavior at businesses around theworld. We want to help IT and security professionals understand the greatestobstacles employees face when it comes to passwords, learn how to addresschallenges of managing and securing data in today’s digital workplace and enablethem to see how their businesses’ password security practices measure up. Thisyear, we’re bringing even more data points to the table.

Contrary to popular belief, every device is worth hacking when the process is automated. It doesn’t matter who or where you are, if you own a company big or small, or have technology in the home – every device can be monetized by an enterprising criminal. Brute force login attempts are likely occurring on any online device. Yet the speed and scale of the problem can boggle the mind. Criminals are relentless and often competitive with one another to find, take over, and monetize your smart devices. The research you’ll find here, using honeypot devices across the internet, is a first step in attempting to quantify the issue.

How is cyber-resilience defined and measured? How are breach risk and cyber resilience related, and what is the best way to improve cyber-resilience for an enterprise? This paper will answer these questions and shed light on steps you can take to improve the cyber-resilience of your enterprise.

This report describes the Sentry MBA, a credential stuffing attack tool, which has become the most popular cracking tool among threat actors in recent months. Among the reasons for its popularity, the Sentry MBA hacking tool is freely and publicly available, extremely effective, and easy to operate.

This is a threat advisory for betFIRST mobile apps

This is a good report to read if you are interested in learning how to properly, and succesfully, report risks and vulnerabilities to boardmembers and executives.

From the paper, “In terms of the technical roadmap, and considering the great differences between China and international IoT systems and products, this paper mainly analyzes IoT assets in China and describes their exposure. This helps illustrate what IoT devices and services are accessible on the Internet and their potential security problems, with the purpose of raising the public awareness of defending IoT.”

This report takes a look at the SamSam ransomware. A ransomware that unlike most ransomware, goes after specific organizations.

This report offers a breakdown and analysis of the actions and behaviors of Rowdy, a new type of IoT Malware.

This paper examines the struggle that Universities and Campuses have with students and the Interent Of Things.

The Internet of Things is becoming and area of danger for security risks. This paper discusses the cyber security issues related to the internet of things, and discusses how people should be taking action to protect their devices.

This is a report based on a one man’s experience with IoT security.

This paper offers insight into smart cities and the dangers of exposed devices on the network.