Zero-Day Exploits Dominate Malware from Web Traffic in Q1

In the first quarter of 2023, a massive 93% of detected malware from encrypted web traffic and 70% of malware from unencrypted web traffic came from zero day malware, according to a new report. And 51 new ransomware variants were detected.

According to WatchGuard Technologies' Q1 Internet Security Report, part of an ongoing series of quarterly reports on data security across all sectors, "Zero day malware can infect IoT devices, misconfigured servers, and other devices that don’t use robust host-based defenses…."

Meanwhile, on the ransomware front, according to WatchGuard, "In Q1 2023, the Threat Lab tallied 852 victims published to extortion sites and discovered 51 new ransomware variants. These ransomware groups continue to publish victims at an alarmingly high rate; some are well known organizations and companies in the Fortune 500."

Other trends noted in the Q1 report included:

  • Malware droppers are targeting Linux systems, "a stark reminder that just because Windows is king in the enterprise space, this doesn’t mean organizations can afford to turn a blind eye to Linux and macOS," according to WatchGuard;

  • Attackers are exploiting browser notifications more now that browsers have more protections in place against abuse of pop-ups;

  • Three-fourths of new attacks in Q1's top-10 list originated in China and Russia;

  • Exploits targeting Microsoft Office and Microsoft's end of life products persist; and

  • "Living-off-the-land" attacks — attacks that use a system's built-in tools to accomplish their goals — continue to rise. "The continued appearance of Microsoft Office- and PowerShell-based malware in these reports quarter after quarter underscores the importance of endpoint protection that can differentiate legitimate and malicious use of popular tools like PowerShell," according to the report.

The complete report and an executive summary can be accessed free of charge at watchguard.com/wgrd-resource-center/security-report-q1-2023.

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured

  • Indianapolis Public Schools Adopt DreamBox Math

    Thanks to a new partnership with Discovery Education, all Indianapolis Public Schools (IPS) K–8 students and teachers will gain access to DreamBox Math, which blends curriculum and continuous formative assessments that adapt to student needs to boost achievement.

  • The First Steps of Establishing Your Cloud Security Strategy

    In this guide, we'll identify some first steps you can take to establish your cloud security strategy. We'll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls® (CIS Controls®) and the CIS Benchmarks™.

  • Google Brings Gemini AI to Teens in the Classroom

    Google is making its Gemini large language model available for free for students ages 13 and up in the United States (age minimums vary by country), via Google Workspace for Education accounts.

  • A top-down view of a person walking through a maze with walls made of glowing blue Wi-Fi symbols on dark pathways

    Navigating New E-Rate Rules for WiFi Hotspots

    Beginning in funding year 2025, WiFi hotspots will be eligible for E-rate Category One discounts. Here's what you need to know about your school's eligibility, funding caps, tracking requirements, and more.