VendorsReliaQuest
ReliaQuest
Cybersecurity reports and statistics published by ReliaQuest
8 categories6 reports
Research Reports
Reports and publications from ReliaQuest
ReliaQuest 2026 Annual Cyber Threat Report
2/24/2026
Too Much Trust: The Danger of Over-Privileged Cloud Identities
11/4/2025
Ransomware and Cyber Extortion in Q2 2025
7/3/2025
Annual Cyber-Threat Report
2/25/2025
Racing the Clock: Outpacing Accelerating Attacks
1/1/2025
Ransomware and Cyber Extortion in Q4 2024
1/1/2025
Recent Statistics & Reports
SafePay's activity increased by 42% in Q2 2025 compared to Q1 2025.
7/3/2025•
RansomwareSafePay
Akira showed a 348% rise in the number of organizations named in Q2 2025 compared to the same period last year.
7/3/2025•
RansomwareAkira
In Q1 2025, Clop named 389 victims on its data-leak site in February alone.
7/3/2025•
RansomwareClop
DragonForce activity was up 119% between Q1 and Q2 2025.
7/3/2025•
RansomwareDragonForce
Q2 2025 saw a 31% decrease in named ransomware victims compared to the previous quarter, marking a return to more typical levels.
7/3/2025•
Ransomware
Retail trade accounted for only 4% of total ransomware victims in Q2 2025.
7/3/2025•
RansomwareRetail
Akira listed approximately 130 organizations to its data-leak site each quarter in 2025.
7/3/2025•
RansomwareAkira
Construction was the third most targeted sector by ransomware in Q2 2025.
7/3/2025•
RansomwareConstruction
Spain and other Spanish-speaking countries each accounted for less than 4% of Qilin's total victim volume in Q2.
7/3/2025•
RansomwareQilinSpain
Qilin showed an 80% increase in activity in Q2 compared to Q1 2025.
7/3/2025•
RansomwareQilin
Exfiltration-only ransomware attacks are 34% faster than those involving encryption.
2/25/2025
80% of ransomware attacks in the last year focused on data exfiltration only.
2/25/2025
After initial access, "breakout time" typically takes just 48 minutes, with some groups achieving lateral movement in as little as 27 minutes.
2/25/2025
Compromised service accounts were present in 85% of breaches last year.
2/25/2025
A quarter of active intrusions started with exploitation of public-facing applications.
2/25/2025
Two-thirds of critical hands-on-keyboard incidents involved legitimate software like remote access tools last year.
2/25/2025
In the breakout phase of attacks using an "assembly line" strategy, threat actors move from one technique to the next in an average of just 7 minutes.
1/1/2025
Approximately 30% of domains registered by Scattered Spider imitated Single Sign-On (SSO) and Identity Providers.
1/1/2025
30% of the domains registered by Scattered Spider imitated hosts for common services such as Binance and Coinbase.
1/1/2025
25–30% of Scattered Spider domains targeted manufacturing companies.
1/1/2025
Showing 21-40 of 68 results