Connect with us



WatchGuard Technologies announced its 4th quarter 2023 Internet Security Report, analyzed by WatchGuard Threat Lab researchers.

A global leader in integrated cybersecurity WatchGuard Technologies announced its Q4 2023 Internet Security Report, analyzed by WatchGuard Threat Lab researchers.

Key findings from the report show that there has been a significant rise in software that circumvents security solutions, which has led to a massive increase in overall malware, threat actors are primary targeting of on-premises email servers, and ransomware detections continue to decline.

The important findings in the Internet Security Report, which includes data for the 4th quarter of 2023, are as follows:

Internet Safety

Rise in total malware

Average malware detections per Firebox increased by 80% compared to the previous quarter, indicating that malware threats to the network perimeter have reached a significant volume.

Geographically, most of the increased malware samples affected the Americas and Asia-Pacific regions.

TLS and zero-day malware samples increased

According to the Internet Security report, approximately 55% of malware came over encrypted connections, an increase of 7% compared to the 3rd quarter.

Zero-day malware detections accounted for 60% of all malware detections, up from 22% in the previous quarter.

However, zero-day malware detections with TLS dropped to 61%, a 10% decrease from Q3, highlighting the unpredictability of malware.

Internet Safety

Two of the top 5 malware variants led to the DarkGate network

The top 5 malware detections included JS.Agent.USF and Trojan.GenericKD.67408266. Both variants attempted to install DarkGate malware on the victim’s computer by redirecting users to malicious links.

Living-off-the-land techniques increased

According to the Internet Security report, there was a resurgence in script-based threats in the 4th quarter. Scripts were the biggest increase as an endpoint attack vector, with detected threats increasing by 77% compared to Q3.

PowerShell was the top attack vector Threat Lab saw hackers using on endpoints. Browser-based attacks also increased significantly, with a 56% increase.

Four of the 5 most common network attacks were Exchange server attacks. These attacks are specifically related to one of the ProxyLogon, ProxyShell and ProxyNotShell vulnerabilities.

The ProxyLogon signature first ranked 4th among the 5 most common network attacks in the 4th quarter of 2022. It rose to 2nd place in the 4th quarter of 2023.

These attacks demonstrate the need to reduce reliance on on-premises email servers to reduce security threats.

Cyber ​​attacks trend towards “victim-as-a-service” offerings

Glupteba and GuLoader were once again counted among the top 10 endpoint malware in Q4, returning as two of the most prolific variants analyzed during the quarter. Glupteba has stood out as a particularly formidable and sophisticated adversary, in part due to its prevalence in targeting victims on a global scale.

A versatile malware-as-a-service (MaaS), Glupteba’s malicious capabilities included downloading additional software, acting as a botnet, stealing sensitive information, and mining cryptocurrency with tremendous stealth.

Efforts to crack down on ransomware extortion groups are working

Threat Lab once again reported a decline in ransomware detections in Q4 compared to the previous quarter, observing a 20% decline in total volume in the last three months of 2023.

Threat analysts also noted a decrease in public ransomware breaches and attributed this trend to law enforcement’s ongoing crackdown on ransomware extortion groups.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


53% of Malware Steals Data!

The share of corporate devices compromised by data-stealing malware has increased by a third since 2020. 21% of employees whose devices were infected ran the malware repeatedly.



The share of corporate devices compromised by data-stealing malware has increased by a third since 2020. 21% of employees whose devices were infected ran the malware repeatedly.

An alarming trend has emerged that shows corporate devices are facing a growing threat from information thieves. The share of corporate users compromised by such malware has increased by 34 percent since 2020, according to data from data-stealing malware session files found on the dark web.

By 2023, experts show that one in every two devices (53%) infected with identity-stealing software will be corporate. Data shows that the most infostealer infections are found in Windows 10 Enterprise edition.


Recommended Steps to Minimize the Impact of Data Leakage

After infecting a single device, cybercriminals can gain access to entire accounts – both personal and corporate. According to Kaspersky statistics, a session file contains, on average, 1.85 corporate web applications containing a login with a corporate email address.

These applications include webmail applications, customer data processing systems, internal portal and more.

To minimize the impact of a data leak caused by phishing activities, we recommend you follow the steps below

  • Immediately change the passwords of compromised accounts and monitor these accounts for suspicious activity;
  • Advise potentially infected users to run antivirus scans and remove malware on all devices;
  • Monitor dark web markets for compromised accounts to detect compromised accounts before they impact the cybersecurity of customers or employees.
  • To detect potential threats and take immediate action security software use it.

For greater protection against skimming infections, develop an employee security awareness program and offer regular training and evaluations.

Continue Reading


Don’t Fall for Credit Scams

Personal loan scams take advantage of people’s financial vulnerabilities and can trap people in a vicious cycle of debt.



Personal loan scams take advantage of people’s financial vulnerabilities and can trap people in a vicious cycle of debt.

Since the pandemic, people in many parts of the world have had a difficult time financially. Climate crises, increases in food and energy prices, and ongoing inflation have made household spending difficult.

It has put great pressure on employees and families. High interest rates, including in Europe, made matters worse. As always, cybercriminals are lying in wait to see how they can take advantage of others’ misfortune.

Credit fraud can take various forms. It uses the lure of free loans to deceive vulnerable internet users. It may be common at certain times of the year. Those particularly at risk are young people, the elderly, low-income households, and individuals with low credit scores.

Fraudsters know that these groups are among the worst affected by the current cost of living crisis and are developing various strategies to trick users into handing over their money.

  credit fraud

Top 7 credit fraud threats

Loan fee (advance fee) fraud. The most common type of credit fraud, where a fraudster usually pretends to be a legitimate lender. They claim to offer a no-strings-attached loan but require you to pay a small fee up front to access the cash. The scammers then disappear with your money.

Student loan fraud. It targets those seeking financing for their education and recent graduates who are burdened with tuition fees and other educational expenses. They may offer attractive loan terms, debt forgiveness, fake help with loan repayment, fake promises to reduce monthly payments, consolidate multiple student loans into a more manageable package, negotiate with lenders on behalf of borrowers.

Credit “phishing” scam. Some scams may involve the scammer asking you to fill out an online form so the loan can be ‘processed’. Doing so will give your personal and financial information directly to the bad guys to be used in more serious identity fraud. This can run alongside advance fee fraud and result in the loss of both money and sensitive personal and bank account information.

  credit fraud

Malicious credit practices. It reported 20 of these fraudulent apps to Google, which had more than 9 million cumulative downloads on the official Play Store at the beginning of 2022. Detections of “SpyLoan” apps increased by 90% between the second half of 2022 and the first half of 2023. It found 18 more malicious apps with 12 million downloads in 2023. SpyLoan applications, SMS It lures victims with the promise of easy loans through messages and social media sites such as X (formerly Twitter), Facebook and YouTube.

They often impersonate the brands of legitimate credit and financial services companies to add legitimacy to the scam. If you download one of these apps, you will be asked to confirm your phone number and then provide extensive personal information.

This information may include your address, bank account information, and photos of your ID cards, as well as a selfie, all of which can be used for identity fraud. Even if you don’t apply for a loan, app developers may start harassing you and blackmailing you into giving money, or even threaten you with physical harm.

Payday loan scam. These scammers target individuals in need of quick cash, often with poor credit or financial difficulties. As with other types, they exploit the urgency of the borrower’s financial situation, promising quick and easy loan approval without a credit check with minimal documentation. To apply for credit, the scammer often asks the borrower to provide sensitive personal and financial information, such as social security number, bank account information and passwords, and uses them for identity theft and financial fraud.

Loan repayment fraud. Some scams require prior discovery by criminals. They target victims who have already received loans. They impersonate the loan company in question and send you a letter or email, claiming that you missed the payment deadline and demanding payment plus a penalty fee.

Identity fraud. A slightly different approach is to steal your personal and financial information. The purpose is to then use them to obtain a loan on your behalf from a third-party provider. The scammer will max out the credit and then disappear, leaving you to pick up the pieces.

Continue Reading


Cybercriminals Target Ozempic Craze

As the Ozempic craze continues to grow, cybersecurity experts are warning users to be wary of cheap online deals as they risk being fake, leading to financial loss and data theft.



As the Ozempic craze continues to grow, cybersecurity experts are warning users to be wary of cheap online deals as they risk being fake, leading to financial loss and data theft.

The weight loss and appetite suppressant properties of the diabetes drug Ozempic created a new craze, causing celebrities and therefore the public to follow the drug.

Celebrities encouraged those who wanted to lose weight to purchase the drug, leading to a 58% increase in sales compared to the previous year and a corresponding increase in price.

But pharmaceutical companies aren’t the only ones benefiting from Ozempic’s popularity. security expertsdiscovered a number of phishing scams targeting people hoping to lose weight quickly, just like their favorite celebrities, but unable to pay the increasingly high price.


Scammers create fake websites offering Ozempic at a cheaper price and ask unsuspecting victims to fill out a form in which they enter personal data such as name, address and bank information.

They can easily trap their prey because their web pages are difficult to distinguish from most shopping sites.

In addition to Ozempic sales, some such resources offer to install a phone app to help track progress.

Innocent customers who fall for the scam could lose money, pay for a fake product, or receive nothing at all. Even more worrying is the risk of accidentally handing over their names, addresses, banking details and other sensitive data into the hands of a criminal.

Scammers are quickly adapting to social and cultural trends to ensnare desperate victims looking for alternative ways to partake in the latest fad, such as Barbenheimer tickets, Mortal Kombat games or cheap holidays.

Continue Reading


Copyright © 2022 RAZORU NEWS.
Project by V