Cybersecurity Trends March 2023: Threat Intelligence Report
As technology continues to evolve, so do the risks of cybersecurity breaches. In March 2023, we witnessed several significant cybersecurity incidents, including data breaches, hacking, and shutdowns of notorious hacking forums. In this blog post, we will take a closer look at the cybersecurity trends that marked March 2023, and other cybersecurity issues that people and organizations should be aware of.
Phishing and Malware trends and statistics
Newly registered domains
Confirmed new phishing domains
New potential similar domains
During the month of March, FYEO discovered a total of 8.9M (million) newly registered top level domains out these a total of 12k (thousand) were considered being similar domains that are likely squatting domains, e.g when someone registers a domain name that is similar to a well-known brand or organization with the intention of using it for malicious purposes such as phishing attacks.
A further 3.9k (thousand) domains out of the newly registered domain were identified as actively serving fake websites and content related to phishing by manual content scanning and analysis. And yet another 1.4K (Thousand) were identified as serving malware related files and content.
Data leaks and credentials statistics
Reported leaked credentials
Reported leak sources
FYEO indexed sources
FYEO indexed credentials
March 2023 saw over 100 security incidents that resulted in the compromise of more than 41,970,182 records. The biggest data breach of the month occurred at Latitude Financial, where over 14M (million) records were compromised. Unfortunately, this is not an isolated case, as data breaches have become increasingly common, with more than 340M (million) records being compromised in Q1 2023 alone.
During the month FYEO indexed and gathered a total of 1.8M (million) leaked credentials from a total of 125 sources that were gathered through open sources and public releases.
On the collection statistics it's worth noting that there is in general a large delay in the time in which the hacked data gets published. Therefore the data collected by FYEO is most likely not the same sources that were reported hacked for the month. Comment end
Data Breaches Continue to Plague Organizations
According to the latest reports, March 2023 saw over 100 security incidents that resulted in the compromise of more than 41,970,182 records. The biggest data breach of the month occurred at Latitude Financial, where over 14 million records were compromised. Unfortunately, this is not an isolated case, as data breaches have become increasingly common, with more than 340 million records being compromised in Q1 2023 alone.
These statistics are alarming and highlight the need for organizations to implement effective security measures to protect their sensitive data. One way to achieve this is by adopting the zero-trust security model, which requires continuous verification of users and devices attempting to access sensitive data. By implementing a zero-trust security model, organizations can reduce their risk of cyber threats and data breaches.
Cryptocurrency Hacks Remain a Concern
Cryptocurrency continues to be a popular target for cybercriminals, as evidenced by the recent hack of Bitcoin ATMs manufactured by General Bytes. Using a zero-day flaw, hackers were able to steal over $1.6 million in cryptocurrency from the ATMs. The attackers exploited a security flaw in the software to gain access to user login credentials, logs, and API keys, which allowed them to transfer funds from wallets.
This incident highlights the need for companies to prioritize the security of their systems and networks. To do this, they must regularly perform vulnerability scans and penetration tests to identify and address any security flaws that could be exploited by cybercriminals.
Shutdown of Notorious Hacking Forum
Breached, a well-known hacker and data leak site, was permanently shut down in March 2023. The site was infamous for storing, releasing, and selling data acquired from compromised businesses, nation states, and other organizations. Its members were responsible for a wide range of data breaches, extortion attempts, and ransomware attacks. The shutdown of Breached was due to law enforcement's full access to the forum's computers.
The closure of Breached is a significant victory for law enforcement agencies, as it reduces the risks of data breaches and cyber attacks. However, it is essential to note that there are still many other hacking forums and cybercriminals who continue to pose a threat to organizations and individuals.
In conclusion, cybersecurity threats are becoming increasingly sophisticated and dangerous. Organizations must prioritize cybersecurity and implement effective security measures to protect their sensitive data. The zero-trust security model is an effective way to reduce the risk of cyber threats and data breaches.
Additionally, the recent cryptocurrency hacks and the shutdown of Breached highlight the need for companies and individuals to remain vigilant and take proactive measures to protect themselves against cyber attacks. It is essential to stay up-to-date with the latest cybersecurity trends and best practices to minimize the risk of a cyber attack.