Threat Landscape

Security insights powered by WatchGuard Threat Lab

Malware
Attacks
blocked by
WatchGuard
Malware Attacks blocked by WatchGuard

Malware Attack Frequency


Every Day
Every Hour
Every Minute
Every Second


Malware Attacks by Region

REGION
MALWARE ATTACKS
PERCENT OF TOTAL

Americas

EMEA

APAC





OF MALWARE WAS
ZERO DAY

OF MALWARE WAS
Known Malware

Top Ten Malware Attacks





Network
Attacks
blocked by
WatchGuard
Network Attacks blocked by WatchGuard

Network Attack Frequency


Every Day
Every Hour
Every Minute
Every Second


Network Attacks by Region

REGION
NETWORK ATTACKS
PERCENT OF TOTAL

Americas

EMEA

APAC



In-depth Analysis


Q4 2016
Internet Security Report
Q1 2017
Internet Security Report
Q2 2017
Internet Security Report
Q3 2017
Internet Security Report
WatchGuard's Threat Lab (previously the LiveSecurity Threat Team) is excited to release our first Internet Security Report Have you ever wondered what types of cyber attacks affect small to midsize businesses (SMBs) and distributed enterprises (DEs)? Well, you've come to the right place. If you don't know what your adversary is doing, you won't know how to protect yourself against their attack. Each quarter, the WatchGuard Threat Lab analyzes the latest trends about malware and network attacks, and shares their insights in the WatchGuard Internet Security Report
Our threat intelligence has come from many sources in the past, including individual malware and threat research projects, data from our internal honeynet, research into underground forums and economies, and shared data from WatchGuard's many industry-leading partners. However, most recently we've added the Firebox Feed to our arsenal of threat data. Download Now WatchGuard's Internet Security Report is based on Firebox Feed data coming more than 26,000 unified threat management (UTM) appliances that are monitoring and protecting SMBs and distributed enterprises around the world. This data gives us insights into what types of network exploits, malware infections, and advanced attacks are launched by cyber criminals every month, and how they change and update their attacks over time. Download Now For the third quarter in a row, the WatchGuard Internet Security Report provides analysis of threat data from the Firebox Feed, which comes from more than 33,500 unified threat management (UTM) appliances worldwide. We also deliver deeper insight into the big security stories from the period, and fresh research from WatchGuard's Threat Lab. Download Now Download the latest report now to learn where you should update and perfect your defenses to better protect your organization from the latest network exploits, malware, and advanced attacks. Also, look at past reports to better understand how the threat landscape is has changed and evolved as sophisticated attackers utilize new techniques to crack your defenses. Download Now

Top Ten Network Attacks





Featured Research


Indicators of RDP Brute Force Attacks
By Teri Radichel

I have been investigating an incident involving two EC2 instances on AWS that were infected with ransomware, cryptocurrency miners, and other types of malware. Sounds scary, right?! Well actually, the approaches that the attackers took to get onto the hosts do not appear to be that sophisticated, and this type of attack could occur in […]

Read More - Indicators of RDP Brute Force Attacks

The Problem with Hacking Back: It Might Be Your Network
By Teri Radichel

The US government is considering allowing companies to “hack back” against cyber attackers. The Active Cyber Defense Certainty Act (ACDC) amends the Computer Fraud and Abuse Act to allow limited retaliatory strikes against cyber attackers. The full PDF amendment is available online. As noted in some comments in an article on the UK Register there […]

Read More - The Problem with Hacking Back: It Might Be Your Network

Where in The World Is That Network Traffic Coming From?
By Teri Radichel

In a past article, I explained how to auto-block hosts with a WatchGuard Firebox. Yesterday alone my logs showed over 100 IP addresses auto-blocked in one day on a Firebox used for testing purposes. The list included over 1000 blocked IP addresses. I also noticed the Firebox shows a limited number of blocked hosts so […]

Read More - Where in The World Is That Network Traffic Coming From?



About the WatchGuard Threat Lab


WatchGuard’s Threat Lab (previously the LiveSecurity Threat Team) is a group of threat researchers committed to discovering and studying the latest malware and Internet attacks. The Threat Lab team uses data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide analysis and practical security advice about the top threats on the Internet.


Share This


  0 432