WatchGuard Threat Lab report finds endpoint malware volumes decreasing

WatchGuard Threat Lab report finds endpoint malware volumes decreasing

WatchGuard Technologies, a global leader in unified cybersecurity, has announced the findings of its latest Internet Security Report, detailing the top malware trends and network and endpoint security threats analysed by WatchGuard Threat Lab researchers.

Key findings from the research include 95% of malware now arriving over encrypted connections, a decrease in endpoint malware volumes despite campaigns growing more widespread, ransomware detections on the decline amid a rise in double-extortion attacks, older software vulnerabilities persisting as popular targets for exploit among modern threat actors and more. 

“The data analysed by our Threat Lab for our latest report reinforces how advanced malware attacks fluctuate in occurrence and multifaceted cyberthreats continue to evolve, requiring constant vigilance and a layered security approach to combat them effectively,” said Corey Nachreiner, Chief Security Officer at WatchGuard. “Organisations must continually be on alert to monitor these threats and employ a unified security approach, which can be administered effectively by managed service providers, for their best defence.” 

Among the most notable findings, the latest Internet Security Report featuring data from Q2 2023 showed:

  • 95% of malware hides behind encryption
  • Total endpoint malware volume is down slightly, though widespread malware campaigns increased
  • Double-extortion attacks from ransomware groups increased 72% quarter over quarter, as the Threat Lab noted 13 new extortion groups
  • Six new malware variants in the Top 10 endpoint detections
  • Threat actors increasingly leverage Windows living off-the-land binaries to deliver malware
  • Cybercriminals continue to target older software vulnerabilities
  • Compromised domains at WordPress blogs and link-shortening service

Browse our latest issue

Intelligent CISO

View Magazine Archive