Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Zero-Day

Below you will find reports with the tag of “Zero-Day”

image from 2023 Microsoft Vulnerabilities Report

2023 Microsoft Vulnerabilities Report

This 10-year anniversary edition of the report dissects the 2022 Microsoft vulnerabilities data and highlights some of the key shifts since the inaugural report. This report will spotlight some of the most significant CVEs of 2022, break down how they are leveraged by attackers, and explain how they can be prevented or mitigated. The way Microsoft classifies the severity rating for a vulnerability is distinct from the likelihood of exploitation.

(more available)
Added: October 15, 2024
image from 2024 Microsoft Vulnerabilities Report

2024 Microsoft Vulnerabilities Report

The Microsoft Vulnerabilities Report has garnered over 16,000 downloads and helped thousands of users leverage its detailed data analysis and expert findings to improve their cyber defenses. This year’s edition of the report not only dissects the 2023 Microsoft vulnerabilities data, but also assesses how these vulnerabilities are being leveraged in identity-based attacks. The report also spotlights some of the most significant CVEs of 2023, breaks down how they are leveraged by attackers, and explains how they can be mitigated.

(more available)
Added: October 15, 2024
image from 2024 State of Software Supply Chain Security

2024 State of Software Supply Chain Security

To understand the current state of software supply chain security (SSCS) we surveyed 900 AppSec professionals in US, Europe and APAC based organizations across a wide range of industries. The findings show an increased sense of awareness with more than half of respondents acknowledging that SSCS is a top or significant area of focus. However, only 7% have already purchased and implemented an SSCS-specific product.

(more available)
Added: August 21, 2024
image from 2024 State of Malware Report

2024 State of Malware Report

To reflect the shift from malware to threats we have evolved our State of Malware report once again. We asked our experts what resource constrained IT teams should pay attention to in the year ahead. They have chosen six threats that illustrate some of the most serious cybercrime tactics we’ve seen on Windows, Mac, and Android. It is not an exhaustive list, but if you are equipped to handle these then you are well placed to deal with anything the cybercrime ecosystem can throw at you.

(more available)
Added: August 20, 2024
image from 2023 Ransomware Report with Q1 + Q2 2024 Analysis

2023 Ransomware Report with Q1 + Q2 2024 Analysis

In this report, the IT-ISAC tracked 18 new ransomware groups in 2023, reflecting that financial gain continues to be one of the top motivating factors behind cyberattacks. As long as the chances of making money is high and the risk of getting caught is low, ransomware will continue. Despite government and law enforcement efforts to take down malicious infrastructure, new ransomware strains continue to emerge.

(more available)
Added: August 6, 2024
image from Global Third-Party Cybersecurity Breaches Report

Global Third-Party Cybersecurity Breaches Report

This report comes at a time when top organizational risks, such as supply chain, cybersecurity, and third-party risks cut across large parts of all organizations. Stopping supply chain attacks requires understanding their causes and the variables that contribute to them. SecurityScorecard threat researchers assist in that effort by helping organizations gauge their overall risk levels and set priorities for vendor vetting.

(more available)
Added: July 23, 2024
image from Redefining Resilience: Concentrated Cyber Risk in a Global Economy

Redefining Resilience: Concentrated Cyber Risk in a Global Economy

SecurityScorecard researchers identified not only a pool of 150 top vendors – based on their detectable market share of products and customers – but also a subset of 15 “heavy hitters” with an even higher market share concentration. In today’s interconnected world, concentrated cyber risk threatens national security and global economies. Much like a precarious house perched on a cliff’s edge, the reliance on a handful of vendors shapes the foundation of our global economy.

(more available)
Added: July 2, 2024
image from runZero Research Report Vol. 1 May 2024

runZero Research Report Vol. 1 May 2024

In this report we share runZero’s observations from our unique perspective as an applied security research team. Our goal is to provide insight into how the security landscape is changing, and recommendations on what you can do to get ahead of these changes.

(more available)
Added: May 14, 2024
image from Concentrated Cyber Risk in a Global Economy

Concentrated Cyber Risk in a Global Economy

In the wake of the Change Healthcare incident, companies are doubling down on efforts to bolster supplier oversight and cybersecurity measures. Every organization must scrutinize its data security practices, assess third- and fourth-party access to sensitive data, and identify critical vendors essential to revenue.

(more available)
Added: May 7, 2024
image from M-Trends 2024 Special Report

M-Trends 2024 Special Report

In the M-Trends 2024 report it features data and other security metrics that readers have come to expect, highlights zero-day use by espionage and financially-motivated attackers, and dives deep into evasive actions conducted particularly by Chinese espionage groups. we share our learnings with the greater security community, building on our dedication to providing critical knowledge to those tasked with defending organizations. The information in this report has been sanitized to protect the identities of victims and their data.

(more available)
Added: April 23, 2024
image from Utilizing counterfactual analysis to understand cyber risk

Utilizing counterfactual analysis to understand cyber risk

This paper explores the benefits of counterfactual analysis for cyber (re)insurers and provides a framework that can help exposure risk managers, actuaries, and catastrophe modelers incorporate it into their standard suite of risk assessment tools. The paper also contains some worked examples of cyber counterfactual analysis that Gallagher Re has conducted in collaboration with CyberCube.

(more available)
Added: April 18, 2024
image from A Year in Review of Zero-Days Exploited In-the-Wild in 2023

A Year in Review of Zero-Days Exploited In-the-Wild in 2023

This report presents a combined look at what Google knows about zero-day exploitation, bringing together analysis from TAG and Mandiant holistically for the first time. The goal of this report is not to detail each individual exploit or exploitation incident, but look for trends, gaps, lessons learned, and successes across the year as a whole. As always, research in this space is dynamic and the numbers may adjust due to the ongoing discovery of past incidents through digital forensic investigations.

(more available)
Added: April 6, 2024
image from 2024 Cyber Threat Landscape

2024 Cyber Threat Landscape

With this report, we want to promote open sharing on cyber threats and incidents and give the industry a public and relevant cyber threat picture anchored on a solid, well-documented basis. The report and knowledge base are the product of a collaborative community effort with our members and the Nordic TIBER Cyber Teams (TCTs) at the centre, with contributions from Nordic government entities.

(more available)
Added: February 29, 2024
image from Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017-2023

Patterns and Targets for Ransomware Exploitation of Vulnerabilities: 2017-2023

Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by only a few groups and those widely exploited by several. Each category necessitates different defense strategies. Groups targeting specific vulnerabilities tend to follow particular patterns, enabling companies to prioritize defenses and audits. To defend against unique exploitation, understanding the likely targets and vulnerability types is crucial. Looking ahead to 2024, advancements in generative AI may lower the technical barrier for cybercriminals, facilitating the exploitation of more zero-day vulnerabilities.

(more available)
Added: February 26, 2024
image from 2024 Sonic Wall Cyber Threat Report

2024 Sonic Wall Cyber Threat Report

Cyberattacks increased two or threefold across nearly every tracked metric in 2023, as cybercriminals continued to ramp up and diversify their attacks. To give the world’s defenders the actionable threat intelligence needed to safeguard against this relentless surge in cybercrime, we’ve compiled our research into the 2024 SonicWall Cyber Threat Report.

(more available)
Added: February 26, 2024
image from DDoS Mitigation Q3 2023 Report

DDoS Mitigation Q3 2023 Report

Quadrant Knowledge Solutions’ ‘SPARK MatrixTM: DDoS Mitigation, 2023’ research includes a detailed analysis of the global market regarding short-term and long-term growth opportunities, emerging technology trends, market trends, and future market outlook. This research provides strategic information - for technology vendors to better understand the existing market, support their growth strategies, and for users to evaluate different vendors’ capabilities, competitive differentiation, and market position.

(more available)
Added: September 18, 2023
image from Ransomware on the Move: Evolving Exploitation Techniques and the Active Pursuit of Zero-Days

Ransomware on the Move: Evolving Exploitation Techniques and the Active Pursuit of Zero-Days

We lay out the ransomware landscape in this State of the Internet (SOTI) report by exploring some of the most effective attack techniques and tools that ransomware groups are utilizing to achieve initial access through exfiltration. We also provide an extensive list of safeguarding techniques and recommendations. It is crucial that both industries and individuals protect themselves from the new wave of ransomware attacks, and this report will help provide insights for better defense and risk management of this growing concern.

(more available)
Added: August 11, 2023
image from Threat Intelligence Summary April 2023

Threat Intelligence Summary April 2023

The April 2023 report details a continued rise in Russian state-sponsored threat actors, the shutdown of a widely used hacker marketplace, “shadow ban” attacks against Twitter users, and the emergence of several new high and critical vulnerabilities, including a zero-day exploit against Google Chrome. It also provides updates to the metrics and information on the most impactful vulnerabilities and malware strains in the wild today and includes information on some of the top phishing sites observed over the month.

(more available)
Added: May 18, 2023
image from Active Cyber Risk Modeling

Active Cyber Risk Modeling

This report explores the critical distinctions between natural and cyber catastrophes, why cyber requires an entirely different approach, and how Active Insurance can mitigate cyber risk. We also provide an in-depth look at how we construct our model and explain why Coalition remains confident that cyber risk is insurable and that cyber insurance can play an essential role in the modern economy.

(more available)
Added: April 11, 2023
image from 2022 Cyber Threat Landscape Report

2022 Cyber Threat Landscape Report

This report represents Deep Instinct’s current view of the threat landscape, showcasing trends seen throughout the course of the past year and providing concrete, actionable data to verify the credibility of these developments. The information was sourced from our data repositories, which are routinely analysed as part of protecting our customers from ceaseless attacks.

(more available)
Added: March 7, 2023
image from 2022 Annual Report

2022 Annual Report

The annual report surveys the threat landscape of 2022, summarizing a year of intelligence produced by Recorded Future’s threat research team, Insikt Group. We analyze global trends and evaluate significant cybersecurity events, geopolitical developments, vulnerability disclosure, and more, providing a broad, holistic view of cyber landscape in 2022.

(more available)
Added: March 7, 2023
  • ««
  • «
  • 1
  • 2
  • 3
  • 4
  • »
  • »»
© Cyentia Institute 2025
Library updated: June 21, 2025 00:08 UTC (build b1d7be4)