SERT Quarterly Threat Reports 2012-2015

The Security Engineering Research Team (SERT) Quarterly Threat Reports contain analysis of events identified through global visibility of the client base. Key findings over the past few years include:

  • Q4 2015
    Topics Discussed: Global Threat Analysis; Web Application Attack - Joomla; Application Specific Attack - BASHLITE; Attack Vectors - The Android Platform

  • Q3 2015
    Topics Discussed: Global Threat Observations and Trends; Ashley Madison Breach Analysis; Botnet Deployment Example

  • Q2 2015
    Topics Discussed: Global Threat Visibility; Shellshock is NOT Old News; U.S. Government Office of Personnel Management Breach

  • Q4 2014
    Topics Discussed:  Malware Distribution Analysis; Perl Botnet Compromise Details; Maritime Cybercampaigns and Their Relevance to U.S. Industries 

  • Q3 2014
    Topics Discussed:  Malware Distribution; Threat Landscape: Shellshock and Aftershock; Critical Incident Response; Spear Phishing; Anatomy of a Web-based Botnet

  • Q2 2014
    Topics Discussed:  Malware Distribution; Exploitability of the Heartbleed Bug in OpenSSL; Web Shells; the Node.js Framework

  • Q4 2013
    Topics Discussed:  Malware Distribution; DomaIQ Malware Analysis; Server Vulnerabilities

  • Q3 2013
    Topics Discussed: Hacktivist Activities: OpUSA and OpIsraelReborn, Operation Ababil Phase 4, Spear Phishing; Anomalous ICMP; Tor Activity

  • Q2 2013
    Topics Discussed: Hacktivist Activities; DNS Request and Denial of Service Activities; NSA’s PRISM Project Exposed

  • Q4 2012
    Topics Discussed: Exploit kit research; Trending malware threats; Targeted vulnerabilities

  • Q3 2012
    Topics Discussed: Mass Distribution Malware; BlackHole - The Top Exploit Kit; Cridex; Most Frequently Observed Banking Trojan; Phishing Attacks Used to Spread Infection; Rise of Sophisticated Attack Toolkits; Months of the Zero-day; Attacks Targeting the Financial Sector

If you would like to get a copy of any of the reports listed above simply email: