Global malware surge revealed in WatchGuard’s latest Internet Security Report

/in


A recent Internet Security Report revealed a significant surge in evasive malware, amplifying the total volume of malware globally. Global cybersecurity leader WatchGuard Technologies compiled the report, which also outlined crucial trends among top malware and both network and endpoint security threats, exploring data collected and analysed by their Threat Lab researchers.

Key findings showed threat actors increasingly exploiting on-premises email servers and a continuing decline in ransomware detections, potentially due to law enforcement’s concerted international efforts to dismantle ransomware extortion groups.

Corey Nachreiner, WatchGuard’s Chief Security Officer, stated that their latest research shows threat actors using various techniques to target vulnerabilities, especially in older software and systems. He emphasised, “Organisations must adopt a defence-in-depth approach to protect against such threats. Updating the systems and software on which organisations rely is a vital step toward addressing these vulnerabilities.”

Among the report’s key findings was a parallel increase in evasive, basic, and encrypted malware in Q4 2023, contributing to an overall rise in malware. The average malware detection per Firebox grew by 80% compared to the previous quarter, evidencing a significant volume of malware threats arriving at the network perimeter. Geographically, the Americas and the Asia-Pacific region experienced the most significant increase in malware instances.

TLS and zero-day malware instances were also noted to rise. Approximately 55% of malware arrived over encrypted connections, a 7% increase from Q3. Meanwhile, zero-day malware detections jumped to 60% of all malware detections, up from 22% the previous quarter. However, zero-day malware detections with TLS fell to 61%, exhibiting a 10% decrease from Q3, shedding light on the unpredictability of malware in the wild.

Two of the top five malware variants led users to the DarkGate network. JS.Agent.USF and Trojan.GenericKD.67408266, both in the top five, redirected users to malicious links. Both of these malware loaders also attempted to load DarkGate malware onto the victim’s computer.

A resurgence of…

Source…