Monday , July 13 2026

2023 Threat Report: Social Engineering and Web Attacks waves

The overall cyber-threat risks have significantly increased during the second quarter of 2023. The number of unique web attacks being blocked has increased by 24%, resulting in over 700 million unique attacks being blocked every month. Social engineering and web-related threats have become increasingly prevalent among the various cyber risks. These threats include scams, phishing, adware, Trojans, file infectors, and other similar risks. These types of threats have seen a significant increase compared to other cyber threats.

Threat Vectors Based on Attack Types

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

CIRT identified 153 publicly exposed FortiGate devices in Bangladesh. In an advisory CIRT said, the campaign has been observed globally,...
Read More
CIRT identified 153 publicly exposed FortiGate devices in Bangladesh

In addition, the blocked attack statistics showed that there were 594 million web-related attacks, 37 million file-based attacks, 14 million email-based attacks, 5 million behavioral threats, 3 million exploits, 600k scripts, and 500k other types of attacks. In the second quarter of 2023, 147 million URLs were blocked along with 61 million blocked files, showing the significant impact of these measures. The analysis focused on Desktop-related attack vectors and Mobile-related malware types, allowing for a more comprehensive understanding of how threat actors carry out their attacks.

ALSO READ:

UK electoral Commission hack exposed data of 40 million voters

Statistical Analysis

Mozambique, Papua New Guinea, Afghanistan, Angola, Ghana, and the Republic of Korea faced the most severe wave of ransomware attacks.

The Avast threat report revealed that the most common coin miners were web miners (various strains), XMRig, FakeKMSminer, VMiner, CoinBitMiner, CoinHelper, and NeoScrypt.

The second quarter of 2023 witnessed a significant 14% decline in information stealer malware. However, the most common info stealer malware were AgentTesla, FormBook, Raccoon Stealer, RedLine, Fareit, Lokibot, and ViperSoftX.

Desktop-related Threats and Mobile related Threats

More hackers are targeting desktop devices and organizations are taking precautions to prevent security breaches. Despite the progress made, threats related to desktops continue to persist.

Scams were responsible for the majority of Desktop-related threats in the pool, making up a whopping 51%. Following closely behind, phishing accounted for 25.6% of the threats. Trojan attacks were at 3.5%, while adware and file infectors made up 3.8% and 2.9%, respectively. Lastly, other types of attacks represented 13.1% of the total.

The rate of scam cases has skyrocketed by an impressive 101.9%, closely trailed by a 6.6% increase in Phishing incidents. However, Trojan and File infectors have seen a reduction from the last quarter.

Mobile-related threats in the last quarter witnessed a staggering surge of 86% in dropper malware. The comprehensive report reveals that Adware represents a staggering 73.6% of the risks encountered. Following closely behind is the notorious Dropper, accounting for 6.1% of the threats. Banker malware stands at 5.8%, while Trojan poses a significant 3.9% risk. Other categories of malware collectively make up 7.5% of the potential dangers.

Avast released a detailed report on the threats of Q2 2023. It includes information about malware, info stealers, ransomware, and related attack methods.

 

Check Also

CLI

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s …