Zero-Day Exploits Dominate Malware from Web Traffic in Q1

In the first quarter of 2023, a massive 93% of detected malware from encrypted web traffic and 70% of malware from unencrypted web traffic came from zero day malware, according to a new report. And 51 new ransomware variants were detected.

According to WatchGuard Technologies' Q1 Internet Security Report, part of an ongoing series of quarterly reports on data security across all sectors, "Zero day malware can infect IoT devices, misconfigured servers, and other devices that don’t use robust host-based defenses…."

Meanwhile, on the ransomware front, according to WatchGuard, "In Q1 2023, the Threat Lab tallied 852 victims published to extortion sites and discovered 51 new ransomware variants. These ransomware groups continue to publish victims at an alarmingly high rate; some are well known organizations and companies in the Fortune 500."

Other trends noted in the Q1 report included:

  • Malware droppers are targeting Linux systems, "a stark reminder that just because Windows is king in the enterprise space, this doesn’t mean organizations can afford to turn a blind eye to Linux and macOS," according to WatchGuard;

  • Attackers are exploiting browser notifications more now that browsers have more protections in place against abuse of pop-ups;

  • Three-fourths of new attacks in Q1's top-10 list originated in China and Russia;

  • Exploits targeting Microsoft Office and Microsoft's end of life products persist; and

  • "Living-off-the-land" attacks — attacks that use a system's built-in tools to accomplish their goals — continue to rise. "The continued appearance of Microsoft Office- and PowerShell-based malware in these reports quarter after quarter underscores the importance of endpoint protection that can differentiate legitimate and malicious use of popular tools like PowerShell," according to the report.

The complete report and an executive summary can be accessed free of charge at watchguard.com/wgrd-resource-center/security-report-q1-2023.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • Digital Network of User Profiles and Data Connections

    Microsoft, RSA Updates Focus on Identity Security in the Age of AI

    Two authentication announcements coming out of the recent RSA Conference both point in the same direction: Organizations need a more flexible, unified approach to identity security, especially as AI agents start acting alongside human workers.

  • Wi-Fi icon on dark blue circuit background

    FCC to Conduct 'Top-to-Bottom' Review of E-Rate Program

    The FCC is laying the groundwork for a comprehensive review of its E-Rate program, the federal initiative that provides K–12 schools and public libraries with discounts on internet, WiFi, and telecommunications services to ensure equitable digital access.

  • Digital cyberspace with particles and Digital data

    Survey: AI Is Moving Faster than Data Trust

    AI agents are already in use or pilot at most organizations, but data visibility, governance and precision recovery capabilities have not kept pace, according to a new survey from Veeam Software.

  • AI logo near computer equipment

    White House Issues National Policy Framework for AI

    The White House has released a four-page AI policy framework aimed at setting a national approach to AI, with priorities including child safety, intellectual property protections, truth and accuracy guardrails, and worker training for an AI-driven economy.