InfoSecBulletin Cybersecurity for mankind
The overall cyber-threat risks have significantly increased during the second quarter of 2023. The number of unique web attacks being blocked has increased by 24%, resulting in over 700 million unique attacks being blocked every month. Social engineering and web-related threats have become increasingly prevalent among the various cyber risks. These threats include scams, phishing, adware, Trojans, file infectors, and other similar risks. These types of threats have seen a significant increase compared to other cyber threats.
Threat Vectors Based on Attack Types
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCE
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
OTP glitch disrupted NID services across the country
Google to pay Texas $1.4 billion for location tracking practices
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
Microsoft Patches Four Critical Azure and Power Apps Vulns
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
SonicWall Patches 3 Flaws in SMA 100 Devices
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
In addition, the blocked attack statistics showed that there were 594 million web-related attacks, 37 million file-based attacks, 14 million email-based attacks, 5 million behavioral threats, 3 million exploits, 600k scripts, and 500k other types of attacks. In the second quarter of 2023, 147 million URLs were blocked along with 61 million blocked files, showing the significant impact of these measures. The analysis focused on Desktop-related attack vectors and Mobile-related malware types, allowing for a more comprehensive understanding of how threat actors carry out their attacks.
ALSO READ:
UK electoral Commission hack exposed data of 40 million voters
Statistical Analysis
Mozambique, Papua New Guinea, Afghanistan, Angola, Ghana, and the Republic of Korea faced the most severe wave of ransomware attacks.
The Avast threat report revealed that the most common coin miners were web miners (various strains), XMRig, FakeKMSminer, VMiner, CoinBitMiner, CoinHelper, and NeoScrypt.
The second quarter of 2023 witnessed a significant 14% decline in information stealer malware. However, the most common info stealer malware were AgentTesla, FormBook, Raccoon Stealer, RedLine, Fareit, Lokibot, and ViperSoftX.
Desktop-related Threats and Mobile related Threats
More hackers are targeting desktop devices and organizations are taking precautions to prevent security breaches. Despite the progress made, threats related to desktops continue to persist.
Scams were responsible for the majority of Desktop-related threats in the pool, making up a whopping 51%. Following closely behind, phishing accounted for 25.6% of the threats. Trojan attacks were at 3.5%, while adware and file infectors made up 3.8% and 2.9%, respectively. Lastly, other types of attacks represented 13.1% of the total.
The rate of scam cases has skyrocketed by an impressive 101.9%, closely trailed by a 6.6% increase in Phishing incidents. However, Trojan and File infectors have seen a reduction from the last quarter.
Mobile-related threats in the last quarter witnessed a staggering surge of 86% in dropper malware. The comprehensive report reveals that Adware represents a staggering 73.6% of the risks encountered. Following closely behind is the notorious Dropper, accounting for 6.1% of the threats. Banker malware stands at 5.8%, while Trojan poses a significant 3.9% risk. Other categories of malware collectively make up 7.5% of the potential dangers.
Avast released a detailed report on the threats of Q2 2023. It includes information about malware, info stealers, ransomware, and related attack methods.
