Security News > 2022 > September > Office exploits continue to spread more than any other category of malware
The latest Internet Security Report from the WatchGuard Threat Lab shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an increase in threats for Chrome and Microsoft Office and the ongoing Emotet botnet resurgence.
"While overall malware attacks in Q2 fell off from the all-time highs seen in previous quarters, over 81% of detections came via TLS encrypted connections, continuing a worrisome upward trend," said Corey Nachreiner, CSO at WatchGuard.
The quarter's top incident was the Follina Office exploit, which was first reported in April and not patched until late May. Delivered via a malicious document, Follina was able to circumvent Windows Protected View and Windows Defender and has been actively exploited by threat actors, including nation-states.
Three other Office exploits were widely detected in Germany and Greece.
Despite a 20% decrease in total endpoint malware detections, malware exploiting browsers collectively increased by 23%, with Chrome seeing a 50% surge.
In Q2, WatchGuard blocked a total of more than 18.1 million malware variants and more than 4.2 million network threats.
News URL
https://www.helpnetsecurity.com/2022/09/29/office-exploits-continue-to-spread/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP (source)