Exploits, Botnets, and Malware Surge in Q1 2023

Exploits, Botnets, and Malware Surge in Q1 2023

By Stefania Viscusi

For years, we’ve heard about the threat of cyber attacks and the grave risks they pose to today's increasingly digital landscape. The problem with sophisticated hackers is that they can exploit vulnerabilities in systems and perform data breaches, ransomware attacks and identity theft that ruin a business’s credibility or do significant harm to individuals. And as we rely more and more on technology, these threats continue to grow.

A new report from Nuspire that looks at the current landscape shows no slowing of these threats, either.

The Q1 2023 Cyber Threat Report examines threat data as well as specific tactics, techniques and procedures (TTPs) and found that not only are threats still happening, but there are also new phishing tactics happening that look for clever new ways to infiltrate systems. Specifically, there were elevated activity levels across all three types of threats the MSSP monitors: malware, botnets and exploits.

The report found the following alarming trends in cyber threats during Q1 2023:

  • Exploit activity skyrocketed by over 150%, primarily driven by brute forcing and the exploitation of Apache Log4j vulnerabilities.
  • Malware surged by nearly 40%, with JavaScript and Microsoft variants being the most prevalent.
  • Botnets witnessed a significant 60% increase, with NetSupport RAT and FatalRAT emerging as prominent threats.

J.R. Cunningham, Chief Security Officer at Nuspire offered an example of an increased threat they observed: "One example is Microsoft. When the company blocked macros in Word and Excel files, phishing activity shifted to OneNote as a delivery system for embedding malicious scripts. Qakbot malware, along with malware families such as AsyncRAT, XWorm, QuasarRAT and Formbook, are all popular users of this new tactic."

"The continued upward trajectory of cyber threat volume combined with the velocity of change in tactics, techniques and procedures has created perhaps the most challenging threat landscape we've ever experienced," said Craig Robinson, Research Vice President for Security Services at IDC.

In order to help slow the threats posed by these tactics, Robinson advises that businesses have “not only have the right technologies in place to monitor, detect and respond, but also have targeted threat intelligence to zero in on the threats that matter most to the health of your organization."

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Related Articles

Say Goodbye to Passwords: 1Password Unveils Two Passkey Innovations

By: Greg Tavarez    6/9/2023

1Password now offers customers the ability to save and sign into online accounts with passkeys as well as unlocking 1Password accounts with a passkey.

Read More

Industrial Cybersecurity Transformed: Secureworks Launches Integrated MDR Solution for OT and IT

By: Greg Tavarez    6/8/2023

Secureworks announced two new offerings to unify the way industrial organizations prevent, detect and respond to threats across the OT and IT landscap…

Read More

K8 Notifier: A New Twist on Cloud Cybersecurity

By: Matthew Vulpis    6/8/2023

K8 Notifer can create a suite of alerts for MSP to detect suspicious activity in the configuration and patterns of their and their customers cloud ser…

Read More

Impossible Cloud Paves Way with New Program in the Web3 Era

By: Greg Tavarez    6/8/2023

Impossible Cloud's Partner Program allows partners and resellers to seamlessly implement, demo and integrate its efficient, performance-driven solutio…

Read More

CrowdStrike Empowers Next-Gen Cybersecurity with Generative AI

By: Stefania Viscusi    6/8/2023

Security company CrowdStrike unveiled Charlotte AI, a new generative AI cybersecurity that will help to democratize security and empower users of the …

Read More