Notably, successful attacks on widely used software, such as PaperCut and MOVEit, underscore the evolving tactics of ransomware operators, who more than ever experiment with encryption-less extortion techniques and doxing. Despite a slight decline in prevalence, ransomware authors persist in targeting victims, relying increasingly on targeted attacks and exploits to penetrate company networks. However, ransomware remains an ongoing concern. While we shared a proof-of-concept exploit with Microsoft, we have responsibly withheld public disclosure of technical details to prioritize user safety. Avast’s discovery of CVE-2023-29336, a local privilege escalation vulnerability targeting win32k in the Windows kernel, led to a prompt patch in the May Patch Tuesday security update. In addition, I am pleased to highlight another significant achievement by our researchers. NET reimplementation of AsyncRat, featuring numerous new commands and features. Our researchers also discovered HotRat in the wild, a. And some of the malware authors struggled to adapt, leading to the observed decrease in coinminer prevalence during this quarter. Malicious coinminers, while experiencing a slight decline, posed unique challenges for its authors due to the shift from proof-of-work to proof-of-stake schema that recently happened in many cryptocurrencies. We also closely monitored the progress of the DDosia project, witnessing participants of this threat group targeting the Wagner Group infrastructure in response of its ephemeral rebellion in Russia. One notable example is the HiddenAds campaign, which resurfaced on the Google Play Store and amassed tens of millions of downloads during its reign.Īnother noteworthy observation was the discovery of the Mustang Panda APT group’s attempt to infiltrate and infect TP-Link routers through compromised firmware. While adware exhibited a slight decline in prevalence, it continues to persist across desktop, mobile, and browser platforms. More detailed information on these emerging threats can be found in the subsequent sections of this report. The prevalence of malvertising and malicious browser push notifications have also witnessed a dramatic increase, along with the proliferation of dating scams and extortion emails. These threats accounted for more than 75% of our overall detections on desktops during the quarter, with scams alone contributing to 51% of the total detections. ![]() While traditional consumer-focused cyber threats saw a slight decline, there was a dramatic surge in social engineering and web-related threats, such as scams, phishing, and malvertising. ![]() Moreover, the volume of unique blocked attacks surged by 24% over the same period, resulting in an average of close to 700 million unique blocked attacks each month.ĭuring the quarter, we observed a notable shift in threat trends. The risk ratio, reflecting the proportion of users protected from cyber threats out of all our protected users, rose by 13% quarter-on-quarter, reaching a concerning 27.6%. In Q2/2023, our detection telemetry revealed a significant increase in overall cyber-threat risk. We take this opportunity to offer you insights into the challenges we encountered in safeguarding our users against all these malicious threats. This quarter has been nothing short of extraordinary, with cyber-threat activity reaching its highest point in the past three years. Unveiling the Dominance of Scams Amidst a 24% Surge in Blocked Attacks Foreword
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |