"WatchGuard Finds Malware Volume Decreased in Q2, but Warns Emotet Is Resurging"

WatchGuard Threat Lab's Q2 Internet Security Report shows that overall malware detections have decreased since their peak in the first half of 2021, despite an ongoing Emotet botnet resurgence. Microsoft Office exploits continue to spread more than any other type of malware. The Follina Office exploit, first reported in April but not patched until late May, was the top incident of the quarter. Follina, which is delivered via a malicious document, was able to bypass Windows Protected View and Windows Defender and has been actively exploited by threat actors, including nation-states. Researchers also discovered that endpoint malware detections were down overall. Although there has been a 20 percent decrease in total endpoint malware detections, malware exploiting browsers increased by 23 percent overall, with Chrome experiencing a 50 percent increase. One possible reason for the increase in Chrome detections is the persistence of various zero-day exploits. In Q2, scripts continued to account for the vast majority of endpoint detections (87 percent). Furthermore, network-based malware detections fell 15.7 percent quarter over quarter, which includes drops in both basic malware and evasive or zero-day malware. Although the volume has decreased since the previous quarter, Emotet remains one of the most serious threats to network security. One of the quarter's top 10 overall and top 5 encrypted malware detections, "XLM.Trojan.abracadabra," a Win Code injector spreading the Emotet botnet, was seen in Japan. This article continues to discuss key findings from WatchGuard Threat Lab's Q2 Internet Security Report.

ITPro reports "WatchGuard Finds Malware Volume Decreased in Q2, but Warns Emotet Is Resurging"