Monthly Threat Reports
Welcome to our Monthly Threat Report Hub, your go-to resource for the latest insights in email security. Each month, explore in-depth analyses from Hornetsecurity’s Security Lab, specializing in forensic examinations of current and critical security threats. Tailored for CISOs, Microsoft 365 admins, and all cybersecurity enthusiasts, the Monthly Threat Reports will keep you one step ahead of hackers. Discover and download the latest reports to fortify your organization against evolving cyber threats.
Monthly Threat Report April 2024: Impersonation Attacks, and the US CSRB’s Report on Storm-0558
This month, key highlights include a critical report on Microsoft’s response to the Storm-0558 attack, urging enhanced public cloud security. The US Federal Trade Commission reported $1.1 billion in losses from impersonation attacks in 2023. Furthermore, there was a narrow escape from a potentially catastrophic supply chain attack on a widely-used Linux library.
read moreMonthly Threat Report March 2024: A Busy Cybersecurity News Cycle with High-Impact Events
This month has been defined by significant cyberattacks, with implications reaching even into the realm of human well-being. Additionally, a critical CVSS 10 vulnerability in ScreenConnect by Connectwise has been exploited in the wild, necessitating an urgent patch for On-Prem users.
read moreMonthly Threat Report February 2024: A Month for Breaches and Ransomware
This month, we’ve witnessed a decline in low-effort high-volume email attacks, but a rise in targeted, sophisticated assaults. FedEx, Amazon, and Facebook were prime targets for brand impersonation. The breach of Microsoft’s executive emails by the ‘Midnight Blizzard’ group highlighted OAuth application security concerns. Additionally, AnyDesk reported a breach, and Johnson Controls faced a significant ransomware attack.
read moreMonthly Threat Report January 2024: Holiday-Focused Attacks on the Decrease, but Danger Remains
This month’s key highlights include the escalating MOVEit supply chain attack, the active targeting of the Albanian government and One Albania Telecom by the Iranian group “Homeland Justice,” and new phishing campaigns targeting Instagram and Twitter users for account takeover and access to crypto assets.
read moreMonthly Threat Report December 2023: Holidays Bring Malicious Email and Lots of Patches to Apply
This month’s report highlights a decline in sophisticated email threats but a rise in easily detectable threats. Microsoft fixed 63 vulnerabilities, including five zero-days, urging prompt fixes. Major CPU vulnerabilities in Intel and AMD pose risks, but patches are available.
read moreMonthly Threat Report November 2023: Holiday Email Threat Increases and More Zero-Days
This month’s report highlights a slight increase in spam messages, a higher brand impersonation attempts in shipping and finance, ongoing security developments at Microsoft, a significant vulnerability in Citrix NetScalers, and legal actions against SolarWinds and their CISO for fraud and security lapses related to the 2020 SunBurst incident.
read moreMonthly Threat Report October 2023
This month’s report highlights high email threats, increased targeting of the Entertainment and Mining industries, ongoing Microsoft security incidents, a critical libwebp vulnerability, and gradual Storm-0558 breach revelations with email exfiltration.
read moreMonthly Threat Report September 2023: The Demise of Qakbot?
September shows a slight threat decrease. DHL, Netflix, and Mastercard top impersonation targets. Report discusses FBI’s Qakbot disruption and ongoing Storm-0558 investigations. French gov agency and gaming vendor breaches expose 14 million PII.
read moreMonthly Threat Report August 2023: WormGPT and an Increase in Email Security Threats
This month`s report highlights concerns about dark-web AI tools for Business Email Compromise attacks and the need to patch MOVEit software vulnerabilities. A breach of Microsoft Cloud services raises questions about Microsoft’s response and cloud providers’ security role.
read more