The Qbot Trojan overtook Emotet as the most prevalent malware found in the wild in December 2022, impacting 7% of organizations worldwide. Additionally, the Glupteba malware, a blockchain-enabled Trojan botnet, returned to the top 10 list for the first time since July 2022.
Another piece of malware growing in adoption in December 2022 was the ad-distributing Android threat known as Hiddad, which entered the top-three mobile malware list for the first time in 2022, just before the end of the year.
In terms of industry, education/research remained the most attacked sector globally last month, followed by government/military and healthcare.
As for the most exploited vulnerabilities in December 2022, a web server flaw that exposed GitHub repository information was at the top of the list, followed by various vulnerabilities that leveraged a directory traversal flaw on different web servers.
The findings come from Check Point Software Technologies, which published its Global Threat Index for December 2022
Most Exploited Vulnerabilities
- Web Server Exposed Git Repository Information Disclosure
- Web Servers Malicious URL Directory Traversal –
- Command Injection Over HTTP
- HTTP Headers Remote Code Execution
- MVPower DVR Remote Code Execution
- Dasan GPON Router Authentication Bypass
- PHP Easter Egg Information Disclosure
- Microsoft Windows HTTP.sys Remote Code Execution
- WordPress portable-phpMyAdmin Plugin Authentication Bypass
- PHPUnit Command Injection