Proofpoint researchers have looked ahead at the trends and events likely to shape the threat landscape in the year to come.

The report is based on data from active WatchGuard Firebox unified threat management appliances and covers the major malware campaigns.

Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.

The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.

Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.

The classic firewall lacked the ability to distinguish between different kinds of web traffic.

“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."

Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.

The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.

DanaBot is a Trojan written in the Delphi programming language that includes banking site web injections and stealer functions.

Ad fraud ring 3eve used botnets to generate nearly 30 million dollars in fraudulent ad revenue.

Today, AV has an alternative, and it is Artificial Intelligence (AI).

The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.

Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).

“Financial organisations regularly handle sensitive, regulated data like home addresses, bank statements and Social Security numbers.”

According to a report published by Kaspersky Lab ICS CERT, RATs are incredibly widespread across all industries.

Xbash is data-destructive; destroying Linux-based databases as part of its ransomware capabilities.

"Organisations moving to the cloud must defend against malware that can infect a business by spreading through personal and corporate devices."

Cybercriminals who use botnets to conduct their attacks are shifting away from single-purpose malware .

Medical staff now carry multiple connected devices with them, including personal devices that lack appropriate security controls.

To limit the risk of being discovered, attackers operated outside of normal business hours and cashout operations were planned for weekends.

By identifying reused code, researchers gained valuable insights about the “ancestral relations” to known threat actors or other campaigns.

The probability of a recipient opening an email increases 12% if the email claims to come from a known individual.

The crime lull may be a continuation of Q1’s drop, but cryptominers, ransomware, and exploits have opted for ‘quality, not quantity’.