Zero-Day Exploits Dominate Malware from Web Traffic in Q1

In the first quarter of 2023, a massive 93% of detected malware from encrypted web traffic and 70% of malware from unencrypted web traffic came from zero day malware, according to a new report. And 51 new ransomware variants were detected.

According to WatchGuard Technologies' Q1 Internet Security Report, part of an ongoing series of quarterly reports on data security across all sectors, "Zero day malware can infect IoT devices, misconfigured servers, and other devices that don’t use robust host-based defenses…."

Meanwhile, on the ransomware front, according to WatchGuard, "In Q1 2023, the Threat Lab tallied 852 victims published to extortion sites and discovered 51 new ransomware variants. These ransomware groups continue to publish victims at an alarmingly high rate; some are well known organizations and companies in the Fortune 500."

Other trends noted in the Q1 report included:

  • Malware droppers are targeting Linux systems, "a stark reminder that just because Windows is king in the enterprise space, this doesn’t mean organizations can afford to turn a blind eye to Linux and macOS," according to WatchGuard;

  • Attackers are exploiting browser notifications more now that browsers have more protections in place against abuse of pop-ups;

  • Three-fourths of new attacks in Q1's top-10 list originated in China and Russia;

  • Exploits targeting Microsoft Office and Microsoft's end of life products persist; and

  • "Living-off-the-land" attacks — attacks that use a system's built-in tools to accomplish their goals — continue to rise. "The continued appearance of Microsoft Office- and PowerShell-based malware in these reports quarter after quarter underscores the importance of endpoint protection that can differentiate legitimate and malicious use of popular tools like PowerShell," according to the report.

The complete report and an executive summary can be accessed free of charge at watchguard.com/wgrd-resource-center/security-report-q1-2023.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • Abstract AI circuit board pattern

    Nonprofit LawZero to Work Toward Safer, Truthful AI

    Turing Award-winning AI researcher Yoshua Bengio has launched LawZero, a nonprofit aimed at developing AI systems that prioritize safety and truthfulness over autonomy.

  • abstract pattern of cybersecurity, ai and cloud imagery

    Report Identifies Malicious Use of AI in Cloud-Based Cyber Threats

    A recent report from OpenAI identifies the misuse of artificial intelligence in cybercrime, social engineering, and influence operations, particularly those targeting or operating through cloud infrastructure. In "Disrupting Malicious Uses of AI: June 2025," the company outlines how threat actors are weaponizing large language models for malicious ends — and how OpenAI is pushing back.

  • tutor and student working together at a laptop

    You've Paid for Tutoring. Here's How to Make Sure It Works.

    As districts and states nationwide invest in tutoring, it remains one of the best tools in our educational toolkit, yielding positive impacts on student learning at scale. But to maximize return on investment, both financially and academically, we must focus on improving implementation.

  • red brick school building with a large yellow "AI" sign above its main entrance

    New National Academy for AI Instruction to Provide Free AI Training for Educators

    In an effort to "transform how artificial intelligence is taught and integrated into classrooms across the United States," the American Federation of Teachers (AFT), in partnership with Microsoft, OpenAI, Anthropic, and the United Federation of Teachers, is launching the National Academy for AI Instruction, a $23 million initiative that will provide access to free AI training and curriculum for all AFT members, beginning with K-12 educators.