Exploits, Botnets, and Malware Surge in Q1 2023

Exploits, Botnets, and Malware Surge in Q1 2023

By Stefania Viscusi

For years, we’ve heard about the threat of cyber attacks and the grave risks they pose to today's increasingly digital landscape. The problem with sophisticated hackers is that they can exploit vulnerabilities in systems and perform data breaches, ransomware attacks and identity theft that ruin a business’s credibility or do significant harm to individuals. And as we rely more and more on technology, these threats continue to grow.

A new report from Nuspire that looks at the current landscape shows no slowing of these threats, either.

The Q1 2023 Cyber Threat Report examines threat data as well as specific tactics, techniques and procedures (TTPs) and found that not only are threats still happening, but there are also new phishing tactics happening that look for clever new ways to infiltrate systems. Specifically, there were elevated activity levels across all three types of threats the MSSP monitors: malware, botnets and exploits.

The report found the following alarming trends in cyber threats during Q1 2023:

  • Exploit activity skyrocketed by over 150%, primarily driven by brute forcing and the exploitation of Apache Log4j vulnerabilities.
  • Malware surged by nearly 40%, with JavaScript and Microsoft variants being the most prevalent.
  • Botnets witnessed a significant 60% increase, with NetSupport RAT and FatalRAT emerging as prominent threats.

J.R. Cunningham, Chief Security Officer at Nuspire offered an example of an increased threat they observed: "One example is Microsoft. When the company blocked macros in Word and Excel files, phishing activity shifted to OneNote as a delivery system for embedding malicious scripts. Qakbot malware, along with malware families such as AsyncRAT, XWorm, QuasarRAT and Formbook, are all popular users of this new tactic."

"The continued upward trajectory of cyber threat volume combined with the velocity of change in tactics, techniques and procedures has created perhaps the most challenging threat landscape we've ever experienced," said Craig Robinson, Research Vice President for Security Services at IDC.

In order to help slow the threats posed by these tactics, Robinson advises that businesses have “not only have the right technologies in place to monitor, detect and respond, but also have targeted threat intelligence to zero in on the threats that matter most to the health of your organization."

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
Related Articles

Expereo Chosen to Drive Global Connectivity for Carlsberg Group

By: Stefania Viscusi    12/7/2023

Brewery conglomerate Carlsberg Group has chosen intelligent internet company Expereo to help with its digital transformation.

Read More

CrowdStrike Brings AI-Driven Cybersecurity to Amazon Business

By: Stefania Viscusi    12/7/2023

CrowdStrike announced that it has officially launched its AI-powered cybersecurity solution, CrowdStrike Falcon Go, on Amazon Business.

Read More

Sotera SecurePhone, Powered by MetTel, Introduces Ultra-Secure Communication in Government and Enterprise Domains

By: Greg Tavarez    12/7/2023

The Sotera SecurePhone joins a growing, robust line-up of security offerings from MetTel that include a range of network and endpoint-based solutions.

Read More

CyberArk Introduces Enhanced Passkeys Authentication

By: Stefania Viscusi    12/6/2023

Identity security company CyberArk has announced a significant step in enhancing the passwordless authentication experience by introducing new passkey…

Read More

Telstra International's Global Managed Security Solutions Powered Up through Netskope Partnership

By: Greg Tavarez    12/6/2023

The expanded partnership between Telstra International and Netskope lets Telstra provide organizations worldwide with a comprehensive managed solution…

Read More