SurfWatch
Research
Get Insights on the Latest Cybersecurity Risks and Trends

THREAT PROFILE: IOT_REAPER BOTNET

The IoT_reaper botnet, discovered in October 2017, is expanding at a rapid rate. This botnet exploits vulnerabilities in IoT devices to drop the IoTroop malware. Millions of additional devices are being gathered and queued into the IoTroop C2 servers to have the malicious code injected that will join the devices to the botnet.

Download Now
Threat profile iot reaper botnet

CYBER RISK ALERT: KRACK WIFI ATTACK

KRACK, or Key Reinstallation Attack, leverages the 4-way handshake carried out within WPA2. It allows for Man-in-the-Middle (MiTM) attacks to be carried out and forces users on the protected network to reinstall an encryption key used for protecting WPA2 traffic, allowing attackers to capture sensitive information.

Download Now
Cyber risk alert krack 1

THREAT PROFILE: DRAGONFLY

DragonFly is considered to be a sophisticated and well-resourced group with a history of campaigns focused on cyber espionage against business computers and industrial control systems. Campaigns are carried out over an extended period of time while using infection vectors that are difficult to both detect and mitigate.

Download Now
Threat profile dragonfly

2017 MID-YEAR SURFWATCH CYBER RISK REPORT

Learn about the latest cyber threat trends from the first half of 2017 including the rise of leaked exploits, cybercrime trade, extortion and more.

Download Now
1h 2017 thumbnail

Actor Profile: DarkHotel

Read this report to learn more about DarkHotel including their motivation, common targets, tactics, techniques and procedures, IOCs and more.

Download Now
Darkhotel

Actor Profile: Equation Group

Learn about this sophisticated threat actor with strong ties to the NSA, including their motivation, target history and tactics and procedures.

Download Now
Actor profile equation group

ACTOR PROFILE: AXIOM GROUP

Learn about Axiom, a highly sophisticated and well-resourced threat group with strong links to Chinese intelligence.

Download Now
Axiom group

Threat Profile: EITest

Learn about this threat campaign, which redirects victims to landing pages hosting a variety of exploit kits with the goal of stealing sensitive personal and banking information.

Download Now
Eitest

Threat Profile: Shamoon Malware

Learn about the latest variant of Shamoon, including what it targets, its delivery methods and its effects, and gain best practice recommendations to mitigate cyber risk from Shamoon malware.

Download Now
Shamoon malware

Threat Profile: RDP Attacks

Learn about RDP attacks, how they work, how cybercriminals are selling information stolen on the Dark Web and recommended courses of action.

Download Now
Rdp attacks

RANSOMWARE ACTORS SHIFT GEARS

Learn how ransomware is evolving from encrypting data to disrupting business services and gain recommendations on how to protect your organization.

Download Now
Ransomware report march 2017 thumbnail

THE EXTORTION EPIDEMIC

Learn about the latest extortion campaigns and how to better defend against these types of threats.

Download Now
Extortion epidemic

Threat Profile: Password Reuse Attacks

Learn how compromised credentials from older data breaches are used to establish trust and legitimacy in social engineering campaigns that led to new breaches.

Download Now
Threat profile password reuse attacks jan 2017 1

THREAT PROFILE: HIGH-PROFILE BOTNETS OF 2016

Learn about several of the most prominent botnets of 2016 and gain insights into how they work, along with tips from SurfWatch Labs analysts on how to mitigate the threat.

Download Now
Threat profile high profile botnets of 2016 jan 2017 1 thumbnail

Cybercrime Trends from 2016: Rise of IoT Botnets Showcases Cybercriminals’ Ability to Find New Avenues of Attack

Learn about the most impactful cyber threat trends our intelligence analysts observed over the course of the year and understand practical actions that can be taken to reduce your cyber risk.

Download Now
Rise of iot botnets cybercrime trends report for 2016

Threat Profile: RIG Exploit Kit

RIG is a weaponized malware kit designed to compromise a victim's system and deliver its payload. Learn how RIG works and the recommended course of action.

Download Now
Rig exploit kit

Actor Profile: New World Hackers

Learn about the group claiming to be behind the DDoS attack on a DNS hosting provider, understand their tools, tactics and procedures and their motivations.

Download Now
New world hackers

Threat Profile: Locky Ransomware

Learn how Locky ransomware is delivered, what it targets, how it works and the steps you can take to protect your business from this malware.

Download Now
Locky ransomware

Cybercrime Gets Political: Automated Tools and Growing Reach Empowers Hacktivists

Learn about hacktivists, the impact their attacks are having on the government sector, and what steps can be taken to minimize threats driven by these malicious actors.

Download Now
Cybercrime gets political

Actor Profile: TheDarkOverlord

Read this Actor Profile report on TheDarkOverlord, who has been associated with numerous data breaches.

Download Now
Actor profile darkoverlord cover

2016 mid-year SurfWatch cyber risk report

Learn about the latest cyber threat trends from the first half of 2016, including the top cybercrime targets, effects and practices.

Download Now
1h2016cybertrendsreport cover

Dark Web Situational Awareness Report

The Dark Web provides cybercriminals with a place to sell items and information with a high level of anonymity. This report examines the impact of the Dark Web on an unnamed company's sensitive information and is a good example of what SurfWatch Labs can provide through its Dark Web Intelligence Service.

Download Now
Dark web situational awareness report 462w

SurfWatch Cyber Risk Reports

Quickly grasp the latest cybersecurity trends and potential impact to your business by reading this cyber risk report which includes insights and commentary from SurfWatch data analysts.

Download Now
Consumer goods report card 462w