Blog
Cyber Threat Intelligence Index: July 2023
Flashpoint’s monthly look at the cyber risk ecosystem affecting organizations around the world, including intelligence, news, data, and analysis about ransomware, vulnerabilities, data breaches, and insider threats.
Table Of Contents
Update: To view our H1 2023 Midyear report, click here.
Ransomware
Flashpoint’s latest ransomware infographic paints a sobering picture of the evolving threat landscape, with cybercriminals employing increasingly sophisticated tactics. In July, Flashpoint recorded a total of 515 ransomware attacks:
Key takeaways for the state of ransomware
- Clop was the most prolific ransomware group, being responsible for nearly 33 percent of July’s recorded ransomware attacks.
- The United States experienced the most ransomware events, accounting for 48 percent of all July’s recorded ransomware attacks.
- Internet Software and Services continues to be the most targeted industry, followed by Construction & Engineering, and Professional Services.
Vulnerability Intelligence
1,994 new vulnerabilities were reported in July, with 312 of them being missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD).
Key takeaways for the state of vulnerability intelligence
- 36 percent of July’s disclosed vulnerabilities are rated high-to-critical in severity. If exploited, these issues could pose a significant security risk.
- Over 56 percent of last month’s vulnerabilities are remotely exploitable. This means that if leveraged, threat actors can execute malicious code no matter where the device is located.
- Vulnerability Management teams can potentially lessen workloads by 90 percent by focusing on actionable, high severity vulnerabilities. This classification is given to vulnerabilities that are remotely exploitable, that have a public exploit, and a viable solution.
Data Breaches
Studying breach events can help CISOs and security teams better understand the goals and motivations of threat actors. Our new infographic shows the latest developments in the data breach landscape. Last month, Flashpoint recorded 529 data breach events:
Key takeaways for the state of data breach intelligence
- In July, threat actors stole a total of 481.2 million records.
- Organizations in the United States accounted for more than 64 percent of July’s recorded data breaches.
- Unauthorized access, or hacking was the leading cause of data breaches in July, being responsible for over half of recorded data breach events.
Malware
Our latest infographic shows the latest malware trends: which types of malware threat actors favor, how they get access into a victim’s systems, and what cybercriminals do once they gain a foothold.
Key takeaways for the state of malware
- Trojans were the most widely used malware type in July’s recorded cyberattacks.
- In particular, the cobaltstrike malware family accounted for 33.22 percent of July’s top 5 indicators of compromise.
- In July, the most favored MITRE ATT&CK tactic was Command and Control.
Get best-in-class intel
The following data is derived from the Flashpoint Ignite Platform and VulnDB. To learn more, check out the following resources:
- Tracking Ransomware: Understanding your Exposure and Taking Action
- The Practitioner’s Guide to Vulnerability Intelligence
- Understanding the data breach landscape: Cyber Risk Analytics
- Free trial: Request free access to Ignite and VulnDB
- Cybersecurity & Intelligence glossary