HP Wolf Security Threat Insights Report Q2 2023

Extrait du fichier (au format texte) :

HP WOLF SECURITY

Threat Insights Report
Q2 - 2023

Threat Landscape
Welcome to the Q2 2023 edition of the HP Wolf Security Threat
Insights Report

Each quarter our security experts highlight notable malware campaigns, trends and techniques identified by
HP Wolf Security. By isolating threats that have evaded detection tools and made it to endpoints, HP Wolf
Security gives an insight into the latest techniques cybercriminals use, equipping security teams with the knowledge to combat emerging threats and improve their security postures.1

Executive Summary
Threats delivered in archives in Q2

44%

Email threats that bypassed email gateway security

" QakBot spam activity surged in Q2, tallying 56
campaigns over the quarter. The malware's distributors switched between many combinations of file types to infect PCs. The HP Threat Research team identified 18
unique infection chains used by QakBot distributors in
Q2, highlighting how capable attackers are quickly permutating their tradecraft to exploit gaps in network defenses.
" HP Wolf Security stopped a flurry of finance-themed malicious spam campaigns in Q2 spreading remote access trojans (RATs) crypted using a Go crypter called
ShellGo . The malware was packed twice to evade detection, before running shellcode in memory that disarms Windows security features and launches
AsyncRAT. The threat actor used a clever technique to run the RAT in memory through a complex sequence of function calls to .NET libraries. The activity shows how easy it is for threat actors to combine tools to thwart detection and analysis, even those with few resources.
" Aggah continue to evolve their tactics, techniques and