Security News > 2023 > October > Endpoint malware attacks decline as campaigns spread wider
In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are declining amid a rise in double-extortion attacks, and older software vulnerabilities persist as popular targets for exploitation among modern threat actors, among other trends, according to WatchGuard.
"The data analyzed by our Threat Lab for our latest report reinforces how advanced malware attacks fluctuate in occurrence and multifaceted cyber threats continue to evolve, requiring constant vigilance and a layered security approach to combat them effectively," said Corey Nachreiner, CSO at WatchGuard.
Zero-day malware dropped to 11% of total malware detections, an all-time low.
The increased detections among more machines indicate widespread malware campaigns grew from Q1 to Q2 of 2023.
In analyzing attack vectors and how threat actors gain access in endpoints, attacks that abused Windows OS tools like WMI and PSExec grew 29%, accounting for 17% of all total volume, while malware that used scripts like PowerShell dropped 41% in volume.
In researching malicious domains, the Threat Lab team encountered instances of self-managed websites and a domain-shortening service that were compromised to host either malware or malware command and control framework.
News URL
https://www.helpnetsecurity.com/2023/10/11/endpoint-malware-q2-2023/
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)