Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,458
SonicWall mid-year 2022 cyber threat report.
Never-before-seen malware is about 0,01% of global malware. This follows from the fact that most malware samples are morphed into many variants (polymorphic, oligomorphic, metamorphic).
Ransomware is about 10% of global malware.
Another report shows that about 90% of ransomware is delivered via weaponized documents.
The attack vector via office macros is going to be less popular due to macro mitigations introduced by Microsoft last year. But, this will be probably replaced by other vectors related to MS Office (Excel add-ins, remote template injection, One Note attachments, etc.).
This chart shows, that only about 1/3 of new malicious files are Executables. Close to 1/3 are weaponized documents, and most of the rest malware are scripts and archives. Many YouTube tests on the AV protection still uses only EXE files, which can highly distort the real protection of tested AVs.
The full report is available here:
https://www.infopoint-security.de/media/sonicwall-mid-year-2022-cyber-threat-report.pdf
Never-before-seen malware is about 0,01% of global malware. This follows from the fact that most malware samples are morphed into many variants (polymorphic, oligomorphic, metamorphic).
Ransomware is about 10% of global malware.
Another report shows that about 90% of ransomware is delivered via weaponized documents.
Dark Web Research Suggests 87% of Ransomware Brands Exploit Malicious Macros
The findings uncovered 475 web pages of elaborate ransomware products and services
www.infosecurity-magazine.com
The attack vector via office macros is going to be less popular due to macro mitigations introduced by Microsoft last year. But, this will be probably replaced by other vectors related to MS Office (Excel add-ins, remote template injection, One Note attachments, etc.).
This chart shows, that only about 1/3 of new malicious files are Executables. Close to 1/3 are weaponized documents, and most of the rest malware are scripts and archives. Many YouTube tests on the AV protection still uses only EXE files, which can highly distort the real protection of tested AVs.
The full report is available here:
https://www.infopoint-security.de/media/sonicwall-mid-year-2022-cyber-threat-report.pdf
Last edited: