Global Threat Intelligence Report
Growing attack surface and threat complexity mixed with reduced staffing and budgets is creating a perfect storm for security professionals
Key Insights from the 2024 Report
In 2023, we witnessed ransomware payments reach an all-time high of over $1 billion after a decline in 2022.
Malware continues to evolve to gain initial access, evade detection, and maintain persistence.
Top Attacked Sectors
Manufacturing, technology, and transport & distribution remained in the top 5 as we continue to see attacks against critical infrastructure and supply chains prioritized by adversaries and facing significant risk.
Ransomware Telemetry
United States and Manufacturing companies top the charts. Lockbit claimed the most victims for the second year in a row. We continue to see small and medium-sized businesses (SMBs) face significant risk, with over 50% of victims having less than 200 employees.
Malware Telemetry
Malware continues to evolve to gain initial access, evade detection, and maintain persistence. The modularization of malware, and the increase in adversaries living off the land, highlights the need for organizations to have more comprehensive protections in place.
Vulnerability Intelligence
Organizations should leverage these insights to assess vendors and limit what is allowed within their environments. Many of the most popular vendors by market share and reputation are also among the highest in announced Common Vulnerabilities and Exposures (CVE) each year.
Exploitation Insights
Last year, we highlighted the rapid integration of exploit code by malware and botnets for high-severity vulnerabilities, often aided by generative AI. We observed threat actors leveraging critical 0days for substantial gains in 2023, aligning with platforms targeted by vendors with the highest CVE volume.
Know the threats. Protect your business.
The cybersecurity landscape is rapidly evolving while security resources remain stagnant or decline, leaving organizations vulnerable to routine threats like exploitation, malware, and escalating ransomware and extortion incidents. Manufacturing suffers the most attacks, while Trojans persist as significant threats. Proactive security measures are urgently needed to counter these challenges.
Legal Data Breaches and How to Avoid Them
We are going to look at some of the most serious legal data breaches to demonstrate the threat to law firms of all sizes. Then, we will talk about how an extended detection and response (XDR) platform can be instrumental in protecting a law firm’s valuable data assets.
Why You Need to Understand SEC Cybersecurity Breach Disclosure Rules
The prevalence of data breaches affecting companies under the purview of the SEC and investors has resulted in the Commission developing new cybersecurity breach disclosure regulations. This post will discuss why you should care about the new regulations.
How Employee Choices Impact Your Business’s Security
In the world of cybersecurity, one of the challenges businesses of all sizes face is the profound influence of employee choices on business security. Buckle up, because we're about to navigate through the twists and turns of this critical issue.
Defending Against Volt Typhoon and Its Kin
Recent advisories from the US government’s Cybersecurity and Infrastructure Security Agency (CISA) have sounded the alarm about a formidable adversary known as Volt Typhoon. Allegedly backed by the People's Republic of China (PRC), they're creating tsunamis of chaos.