- Writers voice anxiety about using AI. Readers don't seem to care
- Companies look to sell off assets to pay for AI investments
- Microsoft Patches Eight Zero-Days to Start the Year
- How scammers are tricking Apple iMessage users into disabling phishing protection
- “EU 회원국 중 17곳이 제한”… EU, 미국 AI 칩 수출 규제에 반발 동참
Browser-Based Cyber-Threats Surge as Email Malware Declines
Browser-based cyber-threats have surged throughout 2024, marking a significant shift in the tactics employed by malicious actors.
According to new findings from the 2024 Threat Data Trends report by the eSentire Threat Response Unit (TRU), while malware delivered via email declined last year, browser-sourced threats, including drive-by downloads and malicious advertisements, rose sharply.
These techniques are being increasingly used to deliver malware, such as Lumma Stealer and NetSupport Manager RAT, with attackers favoring them due to their ability to bypass traditional email filters and security controls.
Valid credential abuse also saw a significant uptick, with compromised credentials becoming the most common initial access vector. Fraud marketplaces were found offering high-value credentials for as little as $10, making it easier for cybercriminals to infiltrate corporate environments.
Some of the key findings from the report include:
-
Browser-based malware was responsible for 70% of observed malware cases in 2024
-
Email-based malware delivery dropped to 15%
-
A 31% increase in infostealer incidents was observed year-on-year
-
Ransomware attacks continued to target all industries, with a rise in out-of-scope endpoint breaches
TRU also identified a growing trend of attacks originating from unmanaged personal devices and third-party vendor accounts. Notably, a subset of compromised credentials was traced to contractor devices infected with infostealer malware, raising concerns over supply chain security.
Shifts in Malware Delivery Tactics
The report highlighted a shift in malware delivery tactics. While traditional phishing remains prevalent, tactics such as QR code phishing and “ClickFix,” a deceptive CAPTCHA technique tricking users into running malicious code, have gained traction.
In response to these evolving threats, TRU recommended a multi-layered cybersecurity strategy. This includes 24/7 threat detection, implementation of Endpoint Detection and Response (EDR) solutions and the use of phishing-resistant multi-factor authentication (MFA).
Additionally, organizations are advised to conduct regular phishing simulations and security training to bolster employee awareness against social engineering tactics.
