Latest Intelligence for May 2017

The WannaCry outbreak dominated the news cycle, while the phishing rate reached a high for 2017.

Some of the key takeaways from May’s Latest Intelligence, and the threat landscape in general, include another increase in the number of web attacks blocked, a peculiar Google phishing scam, and of course, the WannaCry ransomware outbreak.

Web attacks

Last month the number of web attacks blocked increased 22 percent, from 1,038,000 per day to 1,266,000 per day in May. This is the highest amount of web attacks seen since November 2015.

In terms of exploit kit activity, the RIG toolkit comprised 28.4 percent of exploit kit activity, though this was down 1.1 percentage points from April. Halfway through the month, a number of legit, but apparently compromised websites known to redirect to the RIG exploit kit were apparently switching to the Terror exploit kit. In seeming contrast to this shift, the RoughTed malvertising operation appears to now be using the RIG exploit kit, in addition to the Magnitude exploit kit to spread its payloads. Magnitude is up for May, rising from 6.3 to 7 percent of exploit kit activity.

Read full news article on Symantec