{"id":75853,"date":"2024-03-27T04:28:05","date_gmt":"2024-03-27T04:28:05","guid":{"rendered":"https:\/\/pakistaninewspaperlist.com\/news\/watchguard-threat-lab-analysis-shows-surge-in-evasive-malware-supercharging-an-already-powerful-threat-wave\/"},"modified":"2024-03-27T04:28:05","modified_gmt":"2024-03-27T04:28:05","slug":"watchguard-threat-lab-analysis-shows-surge-in-evasive-malware-supercharging-an-already-powerful-threat-wave","status":"publish","type":"post","link":"https:\/\/pakistaninewspaperlist.com\/news\/watchguard-threat-lab-analysis-shows-surge-in-evasive-malware-supercharging-an-already-powerful-threat-wave\/","title":{"rendered":"WatchGuard Threat Lab Analysis Shows Surge in Evasive Malware Supercharging an Already Powerful Threat Wave"},"content":{"rendered":"<div id=\"main-body-container\" itemprop=\"articleBody\">\n<p>SEATTLE, March  27, 2024  (GLOBE NEWSWIRE) &#8212; <a href=\"https:\/\/www.globenewswire.com\/Tracker?data=I5XYj9-JIcKJdzhGlcNLLiJlIlFpTdnLctohTL08Qhp9oWEXMij5tJA-YtpycyRvbBV7zUpcly40f0afGeiwEqoGvr422iIAfdfMaroEXSc=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"WatchGuard\u00ae Technologies\">WatchGuard\u00ae Technologies<\/a>, a global leader in unified cybersecurity, today announced the findings of its latest <a href=\"https:\/\/www.globenewswire.com\/Tracker?data=k9DRlCHrIqwCL5qZ3Fs8P0QOgyk0Kxwv4JEZncIisidOlatPt5tzftRhhWCPxlis72XEDkhqSr_2TNkUFH1MrmsymeSHexpKxOT6kBLM2WytpSfVQvuonzdgw2Y_yOo31WfTdAbuR5yyonw85Xy1HNpKnysxXcBqSqR6dcmcksA=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"Internet Security Report\">Internet Security Report<\/a>, detailing the top malware trends and network and endpoint security threats analyzed by WatchGuard Threat Lab researchers. Key findings from the data show a dramatic surge in evasive malware that fueled a large increase of total malware, threat actors targeting on-premises email servers as prime targets to exploit, and ransomware detections continuing to decline, potentially as a result of law enforcement\u2019s international takedown efforts of ransomware extortion groups. <\/p>\n<p>\u201cThe Threat Lab\u2019s latest research shows threat actors are employing various techniques as they look for vulnerabilities to target, including in older software and systems, which is why organizations must adopt a defense-in-depth approach to protect against such threats,\u201d said Corey Nachreiner, chief security officer at WatchGuard. \u201cUpdating the systems and software on which organizations rely is a vital step toward addressing these vulnerabilities. Additionally, modern security platforms that are operated by managed service providers can deliver the comprehensive, unified security that organizations need and enable them to combat the latest threats.\u201d<\/p>\n<p>Among the key findings, the latest Internet Security Report featuring data from Q4 2023 showed:<\/p>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>Evasive, basic, and encrypted malware all increased in Q4, fueling a rise in total malware. <\/b>The average malware detections per Firebox rose 80% from the previous quarter, illustrating a substantial volume of malware threats arriving at the network perimeter. Geographically, most of the increased malware instances affected the Americas and Asia-Pacific.<\/li>\n<\/ul>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>TLS and zero-day malware instances also rise.<\/b> Approximately 55% of malware arrived over encrypted connections, which was a 7% increase from Q3. Zero-day malware detections jumped to 60% of all malware detections, up from 22% the previous quarter. However, zero-day malware detections with TLS fell to 61%, which was a 10% decrease from Q3, showing the unpredictability of malware in the wild.<\/li>\n<\/ul>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>Two top 5 malware variants redirect to DarkGate network.<\/b> Among the top 5 most-widespread malware detections were JS.Agent.USF and Trojan.GenericKD.67408266. Both variants redirect users to malicious links, and both malware loaders attempt to load DarkGate malware on the victim\u2019s computer.<\/li>\n<\/ul>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>A surge in living-off-the-land techniques.<\/b> Q4 showed a resurgence in script-based threats, as scripts rose the most as an endpoint attack vector, with threats detected increasing 77% from Q3. PowerShell was the top attack vector that the Threat Lab saw hackers use on endpoints. Browser-based exploits also rose significantly, increasing 56%. <\/li>\n<\/ul>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>Four of the top 5 most-widespread network attacks were Exchange server attacks<\/b>. These attacks are specifically associated with one of the ProxyLogon, ProxyShell, and ProxyNotShell exploits. A ProxyLogon signature that first appeared in the top 5 most-widespread network attacks in Q4 2022 at number 4 and rose to number 2 in Q4 2023. These attacks illustrate the need to reduce reliance on on-premises email servers to mitigate security threats.<\/li>\n<\/ul>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>Cyberattack commoditization continues, trending toward \u201cvictim-as-a-service\u201d offerings. <\/b>Glupteba and GuLoader were once again counted among the top 10 most prevalent endpoint malware in Q4, making a return as two of the most prolific variants analyzed during the quarter. Glupteba is worth noting as a particularly formidable and sophisticated adversary, due in part to its prevalence targeting victims on a global scale. A multi-faceted malware-as-a-service (MaaS), Glupteba\u2019s malicious capabilities include downloading additional malware, masquerading as a botnet, stealing sensitive information, and mining cryptocurrency with tremendous stealth. <\/li>\n<\/ul>\n<ul>\n<li style=\"margin-top:0in; margin-bottom:0in;\"><b>Takedown efforts stifling ransomware extortion groups<\/b>. Once again in Q4, the Threat Lab reported a decline in ransomware detections compared to the previous quarter \u2013 observing a 20% decrease in overall volume for the last three months of 2023. WatchGuard\u2019s threat analysts also noted a decline in public ransomware breaches and attribute this trend to law enforcement\u2019s ongoing takedown efforts of ransomware extortion groups. <\/li>\n<\/ul>\n<p>Consistent with WatchGuard\u2019s <a href=\"https:\/\/www.globenewswire.com\/Tracker?data=xjpOd7i1-Z8MC4Ifa356hvmPvWBynXspVprH77ccfqrmTQ1KkpSDkfyuWH8J5wJsVk6tSUw4Xe01vUU8ydw40PMc3oJ-aZF6Qx_AyvBbGPJ2ncw_QRiA_1zP4GDFbbbjKWffGZP8rWekaxkjrWX7XwbiNEVPsO7CkiRfbln3Abc=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"Unified Security Platform\u00ae approach\">Unified Security Platform\u00ae approach<\/a> and the WatchGuard Threat Lab\u2019s previous quarterly research updates, the data analyzed in this quarterly report is based on anonymized, aggregated threat intelligence from active WatchGuard network and endpoint products whose owners have opted to share in direct support of WatchGuard\u2019s research efforts.<\/p>\n<p>For a more in-depth view of WatchGuard\u2019s research, download the complete Q4 2023 Internet Security Report here: <a href=\"https:\/\/www.globenewswire.com\/Tracker?data=zpavePKESKvFXLXGYZ-j_0Knk6BmCuV-aUIKPpztPVWDKRYQ7-lqOrQTGXHpJ3dVLqMGaXDedda_Zk632Hcw1rcMyL-184EKbNSxeUI45u-vTqBUINFVVT2Z5ioqUEZ5sWVcbbMUaETNy1STV-reLTzPqJp-ci6wSd4stoo1vm--F2abhXWw80xMolc3lsT_H92S1MKyI2u0TavWlay0qF9wjCFhTcGgIukTcJ2yU8c=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"\">https:\/\/www.watchguard.com\/wgrd-resource-center\/security-report-q4-2023<\/a> <\/p>\n<p><b>About WatchGuard Technologies, Inc.<\/b><br \/>WatchGuard\u00ae Technologies, Inc. is a global leader in unified cybersecurity. Our Unified Security Platform\u00ae approach is uniquely designed for managed service providers to deliver world-class security that increases their business scale and velocity while also improving operational efficiency. Trusted by more than 17,000 security resellers and service providers to protect more than 250,000 customers, the company\u2019s award-winning products and services span network security and intelligence, advanced endpoint protection, multi-factor authentication, and secure Wi-Fi. Together, they offer five critical elements of a security platform: comprehensive security, shared knowledge, clarity &amp; control, operational alignment, and automation. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit\u00a0<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=I5XYj9-JIcKJdzhGlcNLLpjhO7gzLB_fyyX1g4Pt2T3DmKlWrGg82t8VSGinGkpfFLuLGxFw5OSTmPKJNjTzOZ85SEE2UKPwebLvUxUYRps=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"WatchGuard.com\">WatchGuard.com<\/a>.<\/p>\n<p>For additional information, promotions and updates, follow WatchGuard on Twitter (<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=BDO2HEOnJibxbZ4N0u_o4e_zBbdicKDMSL3zIm08h7opWvbj5qPlAmJ_DDkwiaN-oFgS6j6gUVnxKWHs0PspXRlIhW5gihjNu7qL40Msz_k=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"@WatchGuard\">@WatchGuard<\/a>), on\u00a0<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=-QBycTDUGMQXZ818SusFu1aKZyMgoprjeRtwWXgavlgC-ELgnzSiOrS8vGJwQU-kfR77-SVY91sjhq4wdnT8CZGmDFK_uTDB-w98MMxw9EQ=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"Facebook\">Facebook<\/a>, or on the\u00a0<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=GhzF4WxDt3VkWjNDwsp9wGjM-IB-CSryH3ptb-pgIGLeM59-JqhosW2W_OW2-Ji0D2CqnnNTQ8c15FpDCvTIDYpJfH5ye4W2XD9eF1RlrEsSbOX6fnZjjTz_uyiHj0_O\" rel=\"nofollow noopener\" target=\"_blank\" title=\"LinkedIn Company\">LinkedIn Company<\/a>\u00a0page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at\u00a0<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=o1gH69WZIS0w0qmmlAsk3M6MiUssM1xcm97WyCvJXcuZS9Ak3uChlyaJbWDZaOoqllmswz2qbKidOK9N4xB5sfdrfh9CvxHPT2Y3WIcp0uU=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"www.secplicity.org\">www.secplicity.org<\/a>.\u00a0<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=ByURkqiMhiLwQTBjZouBUoPTHzTIEOMn3syW6t-1ETwBNep-L_gX1OwxLKOAzDycPmXkkWgfKzWJRxSx17OYVfe293-jVZ268_LS_m-46nBpDslPTrmlrj9j5hGqXyrjACzrgB150Gw5OKnvTinjebviDoVic7idRc34sJid6k8=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"Subscribe to The 443 \u2013 Security Simplified podcast\">Subscribe to The 443 \u2013 Security Simplified podcast<\/a>\u00a0at\u00a0<a href=\"https:\/\/www.globenewswire.com\/Tracker?data=fN3bH2rvZGvKLOmj4hyh2aEylMTy7Y_6Wcm7UfZRPEAvtv70hFJURigYH0DBNsirWR_9GgGgWU5k8fJtECDq2Pn4ykScHscPUlqYh2UwYdo=\" rel=\"nofollow noopener\" target=\"_blank\" title=\"Secplicity.org\">Secplicity.org<\/a>, or wherever you find your favorite podcasts.<\/p>\n<p><i>WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.<\/i><\/p>\n<p align=\"center\">####<\/p>\n<pre\/>\n            <\/div>\n","protected":false},"excerpt":{"rendered":"<p>SEATTLE, March 27, 2024 (GLOBE NEWSWIRE) &#8212; WatchGuard\u00ae Technologies, a global leader in unified cybersecurity, today announced the findings of its latest Internet Security Report, detailing the top malware trends and network and endpoint security threats analyzed by WatchGuard Threat Lab researchers. Key findings from the data show a dramatic surge in evasive malware that [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":75854,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"fifu_image_url":"https:\/\/ml.globenewswire.com\/Resource\/Download\/7964439e-34fb-44fc-8697-1602adea23e8","fifu_image_alt":"","footnotes":""},"categories":[208],"tags":[],"class_list":["post-75853","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-globenewswire"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/posts\/75853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/comments?post=75853"}],"version-history":[{"count":0,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/posts\/75853\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/media\/75854"}],"wp:attachment":[{"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/media?parent=75853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/categories?post=75853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pakistaninewspaperlist.com\/news\/wp-json\/wp\/v2\/tags?post=75853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}