
INTERNET SECURITY 2023 Q4 RESULTS
WatchGuard Technologies announced its 4th quarter 2023 Internet Security Report, analyzed by WatchGuard Threat Lab researchers.
WatchGuard Technologies announced its 4th quarter 2023 Internet Security Report, analyzed by WatchGuard Threat Lab researchers.
A global leader in integrated cybersecurity WatchGuard Technologies announced its Q4 2023 Internet Security Report, analyzed by WatchGuard Threat Lab researchers.
Key findings from the report show that there has been a significant rise in software that circumvents security solutions, which has led to a massive increase in overall malware, threat actors are primary targeting of on-premises email servers, and ransomware detections continue to decline.
The important findings in the Internet Security Report, which includes data for the 4th quarter of 2023, are as follows:
Rise in total malware
Average malware detections per Firebox increased by 80% compared to the previous quarter, indicating that malware threats to the network perimeter have reached a significant volume.
Geographically, most of the increased malware samples affected the Americas and Asia-Pacific regions.
TLS and zero-day malware samples increased
According to the Internet Security report, approximately 55% of malware came over encrypted connections, an increase of 7% compared to the 3rd quarter.
Zero-day malware detections accounted for 60% of all malware detections, up from 22% in the previous quarter.
However, zero-day malware detections with TLS dropped to 61%, a 10% decrease from Q3, highlighting the unpredictability of malware.
Two of the top 5 malware variants led to the DarkGate network
The top 5 malware detections included JS.Agent.USF and Trojan.GenericKD.67408266. Both variants attempted to install DarkGate malware on the victim’s computer by redirecting users to malicious links.
Living-off-the-land techniques increased
According to the Internet Security report, there was a resurgence in script-based threats in the 4th quarter. Scripts were the biggest increase as an endpoint attack vector, with detected threats increasing by 77% compared to Q3.
PowerShell was the top attack vector Threat Lab saw hackers using on endpoints. Browser-based attacks also increased significantly, with a 56% increase.
Four of the 5 most common network attacks were Exchange server attacks. These attacks are specifically related to one of the ProxyLogon, ProxyShell and ProxyNotShell vulnerabilities.
The ProxyLogon signature first ranked 4th among the 5 most common network attacks in the 4th quarter of 2022. It rose to 2nd place in the 4th quarter of 2023.
These attacks demonstrate the need to reduce reliance on on-premises email servers to reduce security threats.
Cyber attacks trend towards “victim-as-a-service” offerings
Glupteba and GuLoader were once again counted among the top 10 endpoint malware in Q4, returning as two of the most prolific variants analyzed during the quarter. Glupteba has stood out as a particularly formidable and sophisticated adversary, in part due to its prevalence in targeting victims on a global scale.
A versatile malware-as-a-service (MaaS), Glupteba’s malicious capabilities included downloading additional software, acting as a botnet, stealing sensitive information, and mining cryptocurrency with tremendous stealth.
Efforts to crack down on ransomware extortion groups are working
Threat Lab once again reported a decline in ransomware detections in Q4 compared to the previous quarter, observing a 20% decline in total volume in the last three months of 2023.
Threat analysts also noted a decrease in public ransomware breaches and attributed this trend to law enforcement’s ongoing crackdown on ransomware extortion groups.
Artificial Intelligence
Is Artificial Intelligence a Security Shield or a Threat Tool?
Artificial intelligence has given a major boost to the cybersecurity arms race in the past year. There will be no break from this race for the next 12 months. This has significant implications for corporate cybersecurity teams and employers, as well as everyday web users.

Artificial intelligence has given a major boost to the cybersecurity arms race in the past year. There will be no break from this race for the next 12 months. This has significant implications for corporate cybersecurity teams and employers, as well as everyday web users.
Safe experts They underlined what should be taken into consideration in 2025, stating that artificial intelligence tools can increase the scale and severity of all kinds of fraud, disinformation campaigns and other threats in the hands of bad actors.
The UK’s National Cyber Security Center (NCSC) warned at the start of 2024 that AI is already being used by all types of threat actors and will “increase the volume and impact of cyber attacks over the next two years”. The threat is most visible in the field of social engineering, where generative artificial intelligence (GenAI) can help malicious actors craft persuasive campaigns in error-free local languages.
Although these trends will continue in 2025, we can also see artificial intelligence used for the following purposes:
· Authentication bypass: Deepfake technology used to help scammers impersonate customers in selfie and video-based checks for new account creation and account access.
· Business email compromise (BEC): AI was once again used for social engineering, but this time to trick the corporate buyer into transferring money to an account under the fraudster’s control. Deepfake audio and video can also be used to impersonate CEOs and other senior leaders in phone calls and virtual meetings.
· Imitation scam: Open source large language models (LLMs) will present new opportunities for fraudsters. By training these models on data collected from hacked or public social media accounts, fraudsters can impersonate victims in virtual kidnappings and other scams designed to fool their friends and family.
· Influencer scam: Similarly, we expect to see GenAI used by scammers in 2025 to create fake or duplicate social media accounts impersonating celebrities, influencers, and other public figures. Deepfake videos will be released to trick followers into handing over their personal information and money, for example in investment and crypto scams, including the kind of tricks highlighted in ESET’s latest Threat Report. This will put more pressure on social media platforms to offer effective account verification tools and badges and keep you on your toes.
· Disinformation: Hostile states and other groups will leverage GenAI to easily generate fake content to trick gullible social media users into following fake accounts. These users can then be turned into online amplifiers for influence operations that are more effective and harder to detect than content/troll farms.
· Password cracking: AI-driven tools can mass expose user credentials in seconds to gain access to corporate networks and data, as well as customer accounts.
AI privacy concerns for 2025
Artificial intelligence will not just be a tool for threat actors next year. It will also bring a high risk of data leakage. LLMs need large volumes of text, images and video to educate themselves. Often some of this data will be sensitive:
Such as biometrics, health information or financial data. In some cases, social media and other companies may change the Terms and Conditions to use customer data to train models. Once this information is collected by the AI model, it poses a risk to individuals if the AI system itself is hacked or if the information is shared with others through GenAI applications running on LLM.
There is also a concern for enterprise users that they may unknowingly share sensitive business information through GenAI prompts. A fifth of UK companies have inadvertently exposed potentially sensitive corporate data through employee use of GenAI, a survey has found.
AI for defenders in 2025
The good news is that AI will play a larger role in the work of cybersecurity teams in the coming year as it is incorporated into new products and services.
· Users, security teams and even A.I. creating synthetic data to train security tools
- Summarizing long and complex threat intelligence reports for analysts
- Improving SecOps efficiency for overloaded teams by contextualizing and prioritizing alerts and automating workflows for investigation and remediation
- Scanning large data volumes for signs of suspicious behavior
- Skilling IT teams through “co-pilot” functionality built into a variety of products to help reduce the possibility of misconfiguration
However, IT and security leaders A.I. It must also understand its limitations and the importance of human expertise in decision-making. A balance between human and machine will be needed in 2025 to reduce the risk of delusions, pattern distortion, and other potential negative outcomes. A.I. It is not a magic wand. It should be combined with other tools and techniques for optimum results.
AI challenges in compliance and implementation
The evolution of the threat landscape and AI security does not occur in a vacuum. Geopolitical changes in 2025, especially in the United States, could even lead to deregulation in the technology and social media sectors.
This could enable scammers and other malicious actors to flood online platforms with AI-generated threats. Meanwhile, in the EU, there is still some uncertainty around AI regulation, which could make life more difficult for compliance teams. As legal experts note, codes of practice and guidance still need to be sorted out and liability calculated for AI system failures. Lobbying from the tech sector could change how EU AI law is implemented in practice.
What is clear, however, is that artificial intelligence will fundamentally change the way we interact with technology in 2025, for better and for worse. While it offers great potential benefits for businesses and individuals, it also poses new risks that need to be managed. It would be in everyone’s interest to work more closely over the next year to make sure this happens. Governments, private sector businesses and end users must do their part and work together to harness the potential of AI while mitigating its risks.
Security
Kaspersky, IT Outage And Supply Chain Risk Scenario
As part of Kaspersky’s annual “Security Bulletin”, the company’s experts analyzed major supply chain attacks and IT outages experienced last year.

As part of Kaspersky’s annual “Security Bulletin”, the company’s experts analyzed major supply chain attacks and IT outages experienced last year.
In 2024, supply chain attacks and IT outages emerge as prominent cybersecurity concerns, demonstrating that almost no infrastructure is completely immune from risk. A faulty CrowdStrike update affected millions of systems; Sophisticated incidents such as the XZ backdoor and the Polyfill.io supply chain attack have highlighted the risks inherent in widely used tools. These and other notable cases highlight the need for rigorous security measures, robust patch and update management, and proactive defenses to protect global supply chains and infrastructure.
While evaluating the events of 2024 within the scope of “Story of the Year”, Kaspersky Security Bulletin discusses possible future scenarios and the potential consequences of these scenarios as follows:
But what if a major AI provider experiences an outage or data breach? Businesses are increasingly relying on models from providers such as OpenAI, Meta, Anthropic. However, despite the excellent user experience these integrations offer, they also come with significant cyber risks. Dependence on a single AI provider or a limited number of service providers creates concentrated points of failure. If a large artificial intelligence company experiences a critical outage, it can significantly affect tens or even thousands of services that depend on them.
Additionally, an incident at a major AI provider could lead to one of the most serious data leaks since these systems store large amounts of sensitive information.
But what if on-device AI tools are exploited? As AI becomes more integrated into everyday devices, the risk of it becoming an attack vector increases significantly. For example, Kaspersky’s Operation Triangulation campaign, revealed last year, showed how attackers can compromise device integrity by exploiting system software and hardware using zero-day vulnerabilities and installing advanced spyware. Potential software or hardware vulnerabilities in the neural processing units that run AI, including certain platforms such as Apple Intelligence, could, if discovered, significantly increase the scope and impact of such attacks. Exploiting such vulnerabilities can significantly amplify the scale and impact of attacks using AI capabilities.
Kaspersky’s Operation Triangulation investigation also uncovered a first-of-its-kind case reported by the company: the misuse of on-device machine learning tools for data extraction. This suggests that features designed to improve user experience are already being weaponized by advanced threat actors.
But what if threat actors disrupt satellite connectivity? Although the space industry has been facing various cyber attacks for some time, the new target of threat actors may be satellite internet providers as an important element of the global connectivity chain. Satellite internet can provide temporary communication links when other systems are down; Airlines, cruise lines and other platforms can rely on this service to offer connectivity to passengers. It can also be used to enable secure communication services.
This creates cyber risks: a targeted cyber attack or a faulty update against a leading or dominant satellite provider can cause internet outages and possible communication breakdowns and seriously impact individuals and organizations.
But what if major physical threats to the internet materialize? Continuing on the topic of connectivity, the internet is also vulnerable to physical threats. 95% of global data via undersea cables while being transmittedwhich are physical locations where different networks exchange data traffic approximately There are 1,500 Internet Exchange Points (IXPs). Many of these points are located in data centers.
An outage to just a few critical components of this chain – such as trunk cables or IXPs – could overload the remaining infrastructure and potentially lead to widespread outages, significantly impacting global connectivity.
But what if serious vulnerabilities are exploited in the Windows and Linux kernels? These operating systems run many critical assets around the world – servers, production equipment, logistics systems, IoT devices, and others. A remotely exploitable core vulnerability in these systems could expose countless devices and networks around the world to potential attacks, creating a high-risk situation where global supply chains could suffer major disruptions.
“Supply chain risks may seem daunting, but awareness is the first step to prevention,” said Igor Kuznetsov, Director of Kaspersky Global Research and Analysis Team (GReAT). We can reduce single points of failure by rigorously testing updates, using AI-powered anomaly detection, and diversifying providers. We can eliminate weak elements and build resilience. It is also vital to create a culture of responsibility among staff, because human attention is the cornerstone of security. “Together, these measures can ensure a safer future by protecting supply chains.”
Security
5 Cyber Security Threats Awaiting the World in 2025
The year 2024 stood out as a critical year in terms of cyber security, with increasing threats in the digital world. In this year of fighting against the threats brought by artificial intelligence, cyber criminals have made their attack methods more effective by taking advantage of developing technologies.

The year 2024 stood out as a critical year in terms of cyber security, with increasing threats in the digital world. In this year of fighting against the threats brought by artificial intelligence, cyber criminals have made their attack methods more effective by taking advantage of developing technologies.
It has been accepted by experts that developing technologies will pose a threat to cyber security in 2025, as in 2024. With the developments in artificial intelligence, quantum computers, IoT devices and cloud technologies, the cost of cyber attacks is expected to reach 12 trillion dollars worldwide in 2025.
5 that will stand out in 2025 cyber security threat
1. The Great Danger Emerging from Quantum Computer: Researchers at Shanghai University in China claim to have found a way to break the most common online encryption method using quantum computers of just 372 qubits.
This effectively demonstrates that advances in niche quantum methods can pose small-scale cryptographic risks, highlighting a gradual progression towards large-scale quantum threats. Experts predict that quantum computers could be powerful enough to break current encryption methods as early as 2025. That’s why it’s critical for organizations to move to encryption methods that can resist quantum decryption before it’s too late.
2. Artificial Intelligence Supported Cyber Attacks: In 2024, attacks powered by artificial intelligence were seen to be effective, especially through methods such as social engineering, phishing, and deepfake. AI-enabled social engineering attacks accounted for 35-37% of all cyber attacks, and this proportion is expected to increase further in 2025.
In addition, attackers, who used natural language processing technology offered by artificial intelligence to make phishing emails more believable, managed to deceive 60% of target users, and the average cost of these attacks for businesses was recorded as 4.88 million dollars.
We predict that in 2025, in addition to the increase in all these attack methods, automatic tools that can exploit security vulnerabilities in real time will be effective in artificial intelligence-oriented cyber attacks.
3. Internet of Things (Iot) and Cloud Security: The development of IoT devices and the transition of businesses to cloud platforms will also increase cyber risks. Attacks on these devices increased by 35% in 2024. On the cloud security side, misconfigurations continued to be the main cause of cyber attacks in 2024. According to research, 83% of organizations report that weaknesses in authentication and access management are a factor in cloud data breaches.
It is predicted that by 2025, more than 90% of companies will use more than one cloud platform and the number of IoT devices will exceed 32 billion. Since many IoT devices, such as smart home technology and sensors, do not meet appropriate security measures, the increase in the number of devices makes them an easy target.
4. Digital Asset Security and Cryptocurrency Thefts: In 2024, digital asset security and cryptocurrency thefts continued to be an important target of cybercrime. In the first half of the year, losses from cryptocurrency thefts reached approximately $1.4 billion. In the second quarter in particular, losses exceeded $600 million, a 100% increase compared to the previous year.
In 2025, as the cryptocurrency market grows further, digital wallets and decentralized finance (DeFi) platforms will be at the forefront among the targets of cybercriminals. “Phishing” attacks and smart contract vulnerabilities, especially against wallets, can cause serious financial losses for individuals and institutions.
5. Cyber Threats on Social Media: Social media platforms will continue to be a major ground for phishing attacks and data leaks. According to Meta’s 2024 security report, such attacks increased by 28% compared to last year.
It is estimated that in 2025, methods such as deeply personalized phishing attacks, artificial intelligence-supported fake profiles and deepfake videos will be used more frequently. Cybersecurity teams will also increasingly rely on AI-powered tools to detect and counter these threats. Individuals and organizations that do not take sufficient cyber security precautions and do not gain awareness against these threats may face serious risks.
-
Artificial Intelligence2 weeks ago
Tim Cook announced that Apple Intelligence will expand more languages in April
-
Automobile2 weeks ago
Chery TIGGO 4 Top Also received full marks from Gear!
-
Artificial Intelligence2 weeks ago
Artificial Intelligence Tension Between Deepseek and OpenAI
-
Wearable Technology2 weeks ago
Casio announced five new analog watch models called MTS-S100 Series
-
Mobile2 weeks ago
The GREN problem we saw in the Galaxy S25 Ultra with Ultra was overcome
-
Gaming2 weeks ago
There are important news from GTA 6
-
Artificial Intelligence2 weeks ago
OpenAI released the O3-Mini model optimized for STEM
-
Wearable Technology2 weeks ago
PowerBeats Pro 2: New generation sports headset coming from Apple