HP Wolf Security’s latest Quarterly Threat Insights Report for Q3 2023 is out now. It reveals how cybercriminals are using pre-packaged malware kits to evade detection tools and breach organizations. Key findings include:
- A Vjw0rm campaign carrying out multi-stage attacks from a single malicious JavaScript file: This attack uses a 10-year-old Houdini worm and “living off the land tactics” to remain hidden.
- A Parallax RAT campaign running a “Jekyll and Hyde” attack – two threads run when a user opens a scanned invoice template. One thread opens the file, while the other runs malware behind the scenes, making it harder for users to tell an attack is in progress.
- Parallax malware kits are available for $65 a month on hacking forums.
HP also identified attackers are going after their own, “hazing” aspiring cybercriminals by hosting fake malware building kits on code sharing platforms like GitHub.
Other findings include:
- Archives were the most popular malware delivery type for the sixth quarter running, used in 36% of cases analyzed by HP in Q3.
- Macro-enabled Excel add-in threats (.xlam) rose to the 7th most popular file extension abused by attackers in Q3, up from 46th place in Q2.
- At least 12% of email threats identified by HP Sure Click bypassed one or more email gateway scanner in both Q3, and Q2.
The report can be downloaded here.
Like this:
Like Loading...
Related
This entry was posted on October 31, 2023 at 10:08 am and is filed under Commentary with tags HP. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Report From HP Wolf Security finds Malware ‘Meal Kits’ are Helping Attackers Steal Businesses’ Lunch
HP Wolf Security’s latest Quarterly Threat Insights Report for Q3 2023 is out now. It reveals how cybercriminals are using pre-packaged malware kits to evade detection tools and breach organizations. Key findings include:
HP also identified attackers are going after their own, “hazing” aspiring cybercriminals by hosting fake malware building kits on code sharing platforms like GitHub.
Other findings include:
The report can be downloaded here.
Share this:
Like this:
Related
This entry was posted on October 31, 2023 at 10:08 am and is filed under Commentary with tags HP. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.