WatchGuard Threat Report 2024

Keypoints

• Major cybersecurity vendors publish quarterly reports structured into sections covering malware, network attacks, DNS threats, endpoint threats, and ransomware, providing a layered view of current cybersecurity challenges.
• Key statistics indicate a 49% decline in network malware detections but a 75% increase in endpoint malware volume, highlighting shifting detection dynamics and attack vectors.
• Advanced detection methods like behavioral analysis and machine learning saw decreased detection rates, with signature-based detection playing a larger role during Q1 2024.
• Malware targeting encrypted connections (TLS) increased significantly, constituting 69% of malware detections, underscoring the need for decrypting HTTPS traffic to improve protection.
• Most-widespread threats included Office exploit-based malware like Heur2.ObfDldr and password stealers like Agent Tesla, while IoT-targeting malware such as Bash.MiraiB is rising.
• Network attack volumes rose 13% quarter-over-quarter, with prominent exploits like ProxyLogon and vulnerabilities in HAProxy continuing to pose challenges for organizations globally.
• Regions vary in threat levels, with the Asia-Pacific region experiencing the highest malware volume at over 62%, indicating regional threat distribution patterns.
• Overall, the report stresses the importance of layered defenses, regular patching, and decrypting encrypted traffic to mitigate sophisticated and evasive malware campaigns.