Monthly Threat Reports

Welcome to our Monthly Threat Report Hub, your go-to resource for the latest insights in email security. Each month, explore in-depth analyses from Hornetsecurity’s Security Lab, specializing in forensic examinations of current and critical security threats. Tailored for CISOs, Microsoft 365 admins, and all cybersecurity enthusiasts, the Monthly Threat Reports will keep you one step ahead of hackers. Discover and download the latest reports to fortify your organization against evolving cyber threats.

Find Reports
Monthly Threat Report June 2024: New Threat Campaigns Involving Darkgate

Monthly Threat Report June 2024: New Threat Campaigns Involving Darkgate

by | Jun 7, 2024 | ,

This month, we detected a new Darkgate Malware campaign using pastejacking to distribute malware. Additionally, the successful dismantling of the 911 S5 Proxy Botnet marks a major milestone in cybersecurity. Furthermore, threat actors impersonating helpful community members on platforms like Stack Overflow distribute malicious PyPI packages, posing a new threat vector.
read more
Monthly Threat Report May 2024: Satya Nadella’s Statement on Security, and a New UK Law Impacting the Industry

Monthly Threat Report May 2024: Satya Nadella’s Statement on Security, and a New UK Law Impacting the Industry

by | May 8, 2024 | ,

This month saw PDF files emerge as the prime target in email attacks, Microsoft’s CEO, Satya Nadella, affirmed the company’s commitment to addressing security concerns. Additionally, the introduction of new security guidelines for IoT and home devices by the British law PSTI underscores a proactive approach to safeguarding digital ecosystems.
read more
Monthly Threat Report April 2024: Impersonation Attacks, and the US CSRB’s Report on Storm-0558

Monthly Threat Report April 2024: Impersonation Attacks, and the US CSRB’s Report on Storm-0558

by | Apr 11, 2024 | ,

This month, key highlights include a critical report on Microsoft’s response to the Storm-0558 attack, urging enhanced public cloud security. The US Federal Trade Commission reported $1.1 billion in losses from impersonation attacks in 2023. Furthermore, there was a narrow escape from a potentially catastrophic supply chain attack on a widely-used Linux library.
read more
Monthly Threat Report February 2024: A Month for Breaches and Ransomware

Monthly Threat Report February 2024: A Month for Breaches and Ransomware

by | Feb 14, 2024 | ,

This month, we’ve witnessed a decline in low-effort high-volume email attacks, but a rise in targeted, sophisticated assaults. FedEx, Amazon, and Facebook were prime targets for brand impersonation. The breach of Microsoft’s executive emails by the ‘Midnight Blizzard’ group highlighted OAuth application security concerns. Additionally, AnyDesk reported a breach, and Johnson Controls faced a significant ransomware attack.
read more
Monthly Threat Report January 2024: Holiday-Focused Attacks on the Decrease, but Danger Remains

Monthly Threat Report January 2024: Holiday-Focused Attacks on the Decrease, but Danger Remains

by | Jan 12, 2024 | ,

This month’s key highlights include the escalating MOVEit supply chain attack, the active targeting of the Albanian government and One Albania Telecom by the Iranian group “Homeland Justice,” and new phishing campaigns targeting Instagram and Twitter users for account takeover and access to crypto assets.
read more
Monthly Threat Report November 2023: Holiday Email Threat Increases and More Zero-Days

Monthly Threat Report November 2023: Holiday Email Threat Increases and More Zero-Days

by | Nov 15, 2023 | ,

This month’s report highlights a slight increase in spam messages, a higher brand impersonation attempts in shipping and finance, ongoing security developments at Microsoft, a significant vulnerability in Citrix NetScalers, and legal actions against SolarWinds and their CISO for fraud and security lapses related to the 2020 SunBurst incident.
read more