Malware Insights from HP
TAG Infosphere
TAG empowers Enterprise, Vendors, and Investors to tackle the most pressing challenges in Cybersecurity.
Malware researchers, threat hunters, and other cybersecurity practitioners working with prevention, detection, and response tools are advised to review the HP Wolf Security Threat Insights Report from Q42022.
We were surprised to see that the on-going shift of malware delivery types appears to be accelerating. Specifically, the report shows that archives have grown to a whopping 42% of delivery methods, which implies that attackers are moving away from MS Office macros.
HP performs the research reported in their report based on telemetry collected from HP Wolf Security users. Alex Holland, a capable HP malware researcher, explained the collection process to us recently on a Zoom call – and it is quite comprehensive.
Tactics that emerged clearly in the data include a surge of search engine advertisements to lure users to malware sites, an increase in email bypass threats (13% of threat involved sidestepping email gateway scanners), and an increase in QR codes to steal credit and debit cards.
We generally do not recommend threat reports from commercial vendors (most are just marketing hype), but the HP report is a notable exception. It is written by and for malware researchers – and includes sensible conclusions that can be put to use immediately.
You can download the report here. Let us know what you think.