May 2023

In H1 2023, an increasing number of previously popular attack avenues turned into dead ends. This forced many cybercriminals to go back to their drawing boards in search of new ways to reach their nefarious goals. In this report, we explore several of these new attack vectors, including renewed interest in brute-forcing of exposed MS SQL services and abuse of OneNote files. We also delve into the most interesting infosec stories, such as the first double supply-chain attack that affected Windows and macOS users, and the rapid increase in digital usury on Android. And if you're looking for a glimmer of hope, then we offer more on the disruption of RedLine stealer, and Emotet having a hard time navigating the new reality with stricter security rules in place.