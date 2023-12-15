The cybersecurity landscape continues to evolve, with cybercriminals finding new ways to bypass traditional defenses and target unsuspecting victims. The latest Global Threat Index for November 2023, published by Check Point, reveals the emergence of innovative cyberattack techniques that exploit the element of deceptive simplicity.

One notable trend is the surge in AsyncRAT campaigns, which utilize malicious HTML files to covertly spread malware. In this campaign, victims receive emails containing embedded links. Upon clicking the link, a malicious HTML file is triggered, allowing the malware to disguise itself as a trusted application and evade detection.

Another concerning development is the resurgence of FakeUpdates, a JavaScript downloader. This sophisticated malware tricks users into running counterfeit browser updates through compromised websites. The consequences of falling for these fake updates can be severe, as they open the door for other malware, including GootLoader, Dridex, NetSupport, DoppelPaymer, and AZORult, to compromise systems.

Maya Horowitz, VP Research at Check Point Software, highlights the importance of recognizing these emerging threats. She emphasizes the need for organizations to adopt a layered security approach that goes beyond recognizing known threats. It is essential to identify, prevent, and respond to new attack vectors before they cause harm.

The report also sheds light on the most rampant malware families of the month. Formbook, an infostealer targeting Windows OS, tops the list with a global impact of 3%. FakeUpdates follows closely behind with 2% global impact, while Remcos, another remote access trojan, rounds out the top three with a 1% impact worldwide.

When it comes to vulnerabilities, command injection over HTTP takes the lead, with a global impact of 45%. Web servers’ malicious URL directory traversal ranks second, affecting 42% of organizations worldwide, followed by Zyxel ZyWALL command injection, which reaches 41% globally.

In terms of targeted sectors, Education/Research remains the most attacked industry globally, followed by Communications and Government/Military. Turning to mobile threats, the banking trojan malware Anubis dominates, with AhMyth and SpinOk close behind.

As cyber threats continue to evolve, organizations must stay vigilant and prioritize cybersecurity measures. It is imperative to remain informed and proactive in countering these innovative techniques employed by cybercriminals.