Carding 4 Carders
Professional
The company analyzed statistics for the last few months. What are the main conclusions?
WatchGuard Technologies has presented an analytical report that reveals current trends and threats in the Internet space. According to Cory Nachreiner, the company's chief security officer, the data analyzed by the Threat Lab confirms that sophisticated malware attacks are constantly changing and require continuous monitoring.
Key findings of the study:
The report highlights the importance of an integrated approach to cybersecurity and the need for continuous monitoring to effectively combat threats.
WatchGuard Technologies provides comprehensive security solutions for various IT environments. Currently, the company's products and services are used by more than 250,000 customers worldwide.
WatchGuard Technologies has presented an analytical report that reveals current trends and threats in the Internet space. According to Cory Nachreiner, the company's chief security officer, the data analyzed by the Threat Lab confirms that sophisticated malware attacks are constantly changing and require continuous monitoring.
Key findings of the study:
- Encryption: 95% of all malware is now distributed over encrypted connections, mainly due to the SSL/TLS protocols used by legitimate sites. Organizations that do not control such traffic run the risk of missing out on most of the suspicious activity. The share of threats in encrypted connections increased to 66%. This means that the attackers continue to actively use the method.
- Reduced malware volume: The total volume of malware detected on end devices fell by 8% compared to the previous quarter. However, if we consider devices that control from 10 to 50 systems, the number of detections increased by 22%. And on devices that track more than 100 systems - by 21%. We can conclude that the attacks have become more widespread.
- Double-ransom attacks: The number of such attacks increased by 72% in the quarter, while the total number of ransomware programs decreased by 21%.
- New threat variants:The TOP 10 detected malware threats for the second quarter included six new variants. Especially noteworthy is the 3CX installer program, which accounted for 48% of all detections, as well as the return of Glupteba, a multifunctional botnet and cryptominer.
- Threat Delivery methods: Criminals are increasingly using Windows tools such as WMI and PsExec to distribute their code. They are 29% more common, but scripts such as PowerShell are 41% less common. Despite this, scripts remain the most common delivery method, accounting for 74% of all detections.
- Old vulnerabilities in the spotlight: Cybercriminals continue to actively exploit outdated vulnerabilities. In particular, attacks were identified through a 2016 vulnerability in the learning management system on GitHub, a vulnerability in the PHP programming language, and a 2010 vulnerability in the HP Open View Network Node Manager application.
- Domain compromise: Researchers found infected domains in WordPress blogs and link shortening services. As well as domains used to manage botnets like Qakbot.
The report highlights the importance of an integrated approach to cybersecurity and the need for continuous monitoring to effectively combat threats.
WatchGuard Technologies provides comprehensive security solutions for various IT environments. Currently, the company's products and services are used by more than 250,000 customers worldwide.
