ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

New WatchGuard Threat Lab Report Finds 300% Increase in Endpoint Malware as Threat Actors Target Legitimate Web Services and Documents

By: via GlobeNewswire

SEATTLE, Feb. 19, 2025 (GLOBE NEWSWIRE) -- WatchGuard® Technologies, a global leader in unified cybersecurity, today released the findings of its latest Internet Security Report, a quarterly analysis detailing the top malware, network, and endpoint security threats observed by the WatchGuard Threat Lab researchers during the third quarter of 2024.   

The report’s key findings include a 300% increase quarter over quarter of endpoint malware detections, highlighted by growing threats that exploit legitimate websites or documents for malicious purposes as threat actors turn to more social engineering tactics to execute their attacks. While Microsoft documents like Word and Excel have long been targets for deceiving users into downloading malicious software, strict anti-macro protections on Word, Excel, and PowerPoint Office files have led attackers to now use OneNote files to deliver Qbot (a remote access botnet trojan). Another top threat that exploits legitimate services includes new attacks on WordPress plug-in vulnerabilities. Threat actors exploit these vulnerabilities to gain control over websites and leverage their reputation to host malicious downloads like SocGholish, which deceives users with false prompts to update their browsers and then execute malware. WordPress hosts more than 488.6 million websites worldwide, which comprises 43% of all websites on the Internet.  

The Threat Lab also observed a rise in threat actors utilizing cryptominers this quarter, many of which were capable of additional malicious behaviors. Cryptominers are malware that hides on the user’s device and steals its computing resources to mine for online currencies such as Bitcoin. As cryptocurrency rises again in value and popularity, cryptomining malware is also regaining popularity. 

“The findings from our Q3 2024 Internet Security Report demonstrated a dramatic shift in traditional versus evasive malware threats,” said Corey Nachreiner, chief security officer, WatchGuard Technologies. “These findings illustrate how quickly the threat landscape can evolve, so it's important to utilize full, defense-in-depth cybersecurity solutions that can quickly catch old threats and adapt to new ones in real time. Organizations of all sizes should consider adopting AI-powered threat detection to spot unexpected traffic patterns and reduce dwell time, ultimately reducing the cost of a breach but also maintaining their traditional antimalware controls too.” 

Additional key findings from WatchGuard’s Q3 2024 Internet Security Report include:  

  • This quarter, signature-based detections increased by 40% as threat actors turned to more social engineering tactics to execute their attacks. This growth underscores the rising prevalence of traditional malware as attackers refine their strategies to exploit legacy systems or widespread vulnerabilities.
  • EMEA accounted for 53% of all malware attacks by volume, doubling from the previous quarter. Meanwhile, the Asia Pacific region accounted for the most network attack detections, with 59% targeting the area.   
  • Malware attacks declined by 15% from the previous quarter. The Threat Labs findings also demonstrate that attackers created less new or unique malware than in prior quarters but are using a wider breadth of malware techniques instead to infect devices.  
  • Only 20% of malware detections evaded signature-based detection methods. This was a significant departure from normal for what we call “zero-day malware,” which requires more proactive techniques to catch. 
  • While ransomware continued to trend downward in recent quarters, Threat Labs data shows more ransomware operators this quarter than in Q2 of 2024. Threat actors used a wider range of existing tactics to deliver ransomware rather than creating new attack avenues.      
  • Endpoint malware detections were up significantly this quarter with a 300% increase compared to Q2. This increase was coupled with a 74% decrease in threats blocked per 100k active machines, suggesting a flood of homogenous spam-like malware arriving on endpoints, likely separate malware campaigns with the same payload. 

Consistent with WatchGuard’s Unified Security Platform® approach and the WatchGuard Threat Lab’s previous quarterly research updates, the data analyzed in this quarterly report is based on anonymized, aggregated threat intelligence from active WatchGuard network and endpoint products whose owners have opted to share in direct support of WatchGuard’s research efforts. 

For a more in-depth view of WatchGuard’s research, download the complete Q3 2024 Internet Security Report here: https://www.watchguard.com/wgrd-resource-center/security-report-q3-2024 

 

About WatchGuard Technologies, Inc.  

WatchGuard® Technologies, Inc. is a global leader in unified cybersecurity. Our Unified Security Platform® approach is uniquely designed for managed service providers to deliver world-class security that increases their business scale and velocity while also improving operational efficiency. Trusted by more than 17,000 security resellers and service providers to protect more than 250,000 customers, the company’s award-winning products and services span network security and intelligence, advanced endpoint protection, multi-factor authentication, and secure Wi-Fi. Together, they offer five critical elements of a security platform: comprehensive security, shared knowledge, clarity & control, operational alignment, and automation. The company is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com.  
  

For additional information, promotions and updates, follow WatchGuard on Twitter (@WatchGuard), on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcast at Secplicity.org, or wherever you find your favorite podcasts.  

  

WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners. 

 


Chris Warfield
WatchGuard Technologies, Inc 
chris.warfield@watchguard.com

More News

View More
3 Biotech Catalysts Present Major Opportunity
Via MarketBeat
Tickers ARQT BSX TARS
3 Cheap Stocks That Shouldn't Be This Low
Via MarketBeat
Topics World Trade
Tickers AAL CARG FSLR
Why Sprouts Farmers Market is Buying $1 Billion of Its Own Stock
Via MarketBeat
Tickers SFM
Time for Cleveland-Cliffs Stock to Break Out? Markets Say Yes
Via MarketBeat
Topics Artificial Intelligence World Trade
Tickers CLF
Which States Have the Highest Interest Rates on Parent Loans? [2025 Survey]
Via MarketBeat
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.