- Digital twins are optimizing supply chains and more. Here's why enterprises should care
- Getting Out in Front of Post-Quantum Threats with Crypto Agility
- Join Sam's Club for $15 - the lowest price we've seen. Here's how
- Meta's new $299 Quest 3S is the VR headset most people should buy this holiday season
- Get Microsoft Office 2019 for Windows or Mac for $25
AgentTesla Remains Most Prolific Malware in November, Emotet and Qbot Grow
Emotet has returned as one of the most prevalent malware in the wild after a quiet summer. Additionally, the Trojan Qbot made the list for the first time since 2021, and the Raspberry Robin worm has had a notable influx in use.
These are some of the key findings from Check Point Research (CPR)’s November 2022’s Most Wanted Malware report published yesterday, which also highlighted that AgentTesla remained the most prevalent malware last month.
In particular, CPR said AgentTesla impacted 6% of organizations worldwide, followed by Emotet and Qbot, both with 4%.
In terms of the most attacked industries, education/research remained the most impacted industry globally in November, followed by government/military and healthcare.
The top exploited vulnerabilities last month were those leveraging a directory traversal flaw on different web servers. The vulnerability stems from an input validation error in a web server that does not correctly sanitize the URL for directory traversal patterns. It could allow unauthenticated, remote attackers to disclose or access arbitrary files on the server.
This vulnerability impacted 46% of organizations globally, followed by “web server exposed git repository information disclosure,” with an impact of 45%.
As for mobile threats, Anubis remained the most prevalent malware in November, followed by Hydra and AlienBot.
“While this sophisticated malware can lie dormant during quieter periods, the last few weeks act as a stark reminder that they will not remain quiet for long,” explained Maya Horowitz, VP of research at Check Point Software.
“We cannot afford to become complacent, so it’s important that everyone remains vigilant when opening emails, clicking on links, visiting websites or sharing personal information.”
More information about the most widespread cyber-threats in November is available in CPR’s latest report. Its publication comes amidst previsions that 2023 could be another turbulent time for cybersecurity.