VendorsReliaQuest
ReliaQuest
Cybersecurity reports and statistics published by ReliaQuest
8 categories6 reports
Research Reports
Reports and publications from ReliaQuest
ReliaQuest 2026 Annual Cyber Threat Report
2/24/2026
Too Much Trust: The Danger of Over-Privileged Cloud Identities
11/4/2025
Ransomware and Cyber Extortion in Q2 2025
7/3/2025
Annual Cyber-Threat Report
2/25/2025
Racing the Clock: Outpacing Accelerating Attacks
1/1/2025
Ransomware and Cyber Extortion in Q4 2024
1/1/2025
Recent Statistics & Reports
BoaLoader malware is a factor in nearly 20% of incidents observed in the calendar year.
5/27/2026•
MalwareBoaLoader
Threat actors utilizing AI and automation tools can achieve lateral movement within an organization in as little as 4 minutes, 85% faster than the previous year.
5/27/2026•
Lateral MovementAI in CybercrimeAutomation
Organizations leveraging AI and automation can contain threats within 4 minutes versus up to 16 hours with manual efforts.
5/27/2026•
Incident ResponseAI SecurityThreat Containment
On average, lateral movement within an organization takes 34 minutes, 29% quicker than the 48 minutes recorded in 2024.
5/27/2026•
Lateral MovementThreat Actor Tactics
The quickest data exfiltration attack in 2025 took just 6 minutes versus over 4 hours in 2024.
5/27/2026•
Data Exfiltration
80% of ransomware groups use AI, automation, or both in their attacks.
5/27/2026•
RansomwareAI in CybercrimeAutomation
71% of critical vulnerability alerts in Q3 2025 originated from just four legacy CVEs.
11/9/2025•
VulnerabilitiesCloud SecurityCVEs
52% of all confirmed identity-based alerts were due to identity-related privilege escalation.
11/9/2025•
Cloud SecurityIdentity Management
99% of cloud identities were found to be over-privileged, creating significant security risks.
11/9/2025•
Cloud SecurityIdentity Management
33% of raw CSPM alerts were identity-related, contributing to the operational burden on security teams.
11/9/2025•
Cloud SecurityIdentity ManagementCSPM
As of October 2025, there are over 14,700 Jenkins servers exposed to the internet that remain vulnerable to CVE-2024-23897.
11/9/2025•
VulnerabilitiesCloud Security
44% of true-positive security alerts from cloud security tools in Q3 2025 were driven by identity-related weaknesses.
11/9/2025•
Cloud SecurityIdentity ManagementSecurity alerts
DragonForce emergence: December 2023.
7/3/2025•
RansomwareDragonForce
Qilin showed an 80% increase in activity in Q2 compared to Q1 2025.
7/3/2025•
RansomwareQilin
Q2 2025 saw a 31% decrease in named ransomware victims compared to the previous quarter, marking a return to more typical levels.
7/3/2025•
Ransomware
In Q1 2025, Clop named 389 victims on its data-leak site in February alone.
7/3/2025•
RansomwareClop
SafePay's activity increased by 42% in Q2 2025 compared to Q1 2025.
7/3/2025•
RansomwareSafePay
Retail trade accounted for only 4% of total ransomware victims in Q2 2025.
7/3/2025•
RansomwareRetail
Construction was the third most targeted sector by ransomware in Q2 2025.
7/3/2025•
RansomwareConstruction
Akira showed a 348% rise in the number of organizations named in Q2 2025 compared to the same period last year.
7/3/2025•
RansomwareAkira
Showing 1-20 of 68 results