Nuspire’s Threat Report provides data and insight into malware, exploit and botnet activity throughout Q3 of 2021
Nuspire announced the release of its 2021 Q3 Quarterly Threat Landscape Report. Sourced from 90 billion traffic logs, the report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs), with additional insight from its threat intelligence partner, Recorded Future.
In Q3 2021, Nuspire security experts witnessed an 82.6% increase in exploit activity, including a spike in activity against newer vulnerabilities; ProxyShell and ProxyLogon, which are two particularly aggressive vulnerabilities affecting Microsoft Exchange Servers.
“The identification of these newer vulnerabilities is a reminder of the importance of patching systems,” said J.R. Cunningham, Nuspire’s Chief Security Officer.
“There are thousands of unpatched systems out in the wild that these vulnerabilities are targeting. This is a prime example of threat actors consistently finding the low hanging fruit that is a result of not patching your systems.”
Additional notable findings from Nuspire’s 2021 Q3 Threat Landscape Report include:
- -71% decrease in VBA Agent Activity, likely due to threat actors re-tooling payloads in preparation for the Q4 2021/ Q1 2022 Holiday Season
- Two previously unseen botnets have made their way into the top 5 most active in Q3. (XorDDOS and BadRabbit Botnets)
- SMB & SSH Bruteforcing lead again in highest witnessed exploitation attempts in Q3
Nuspire is a managed security services provider (MSSP), offering managed security services (MSS), managed detection and response (MDR), endpoint detection and response (EDR) that supports best in breed EDR solutions, and cybersecurity consulting services (CSC) that includes incident readiness and response, threat modeling, digital forensics, technology optimization, posture assessments and more. visit www.nuspire.comSource: nuspire.com