1、Global Threat Landscape ReportA Semiannual Report by FortiGuard LabsFebruary 20232TABLE OF CONTENTSExecutive Summary .3 Key Highlights .3Reconnaissance and Resource Development .4Initial Access:Technique Highlights .7 TTP Heatmaps.8 Vulnerabilities.11 Attack Surface.11 Red Zone .12 The Long Reach of

2、 Log4j.15 Rookie of the Half .16 Malware .16 Most Active Malware Groups.16 Malware Code Reuse .20 Ransomware .21 Wipers.23Execution,Persistence,and Defense Evasion .25 PowerShell:Still a pivotal tool in ransomware affiliates playbooks .27Command and Control,Exfiltration,and Impact .28 Global Botnet

3、Data .28 New Kids on the Bot .31Insights from the Trenches .32 Exchange/OWA exploitation moves beyond initial access and becomes a core post-exploitation TTP .32 BYO Malicious Bastion Host .33 Opportunistic Financial Crime Dominated the Limelight .34Final thoughts for the SOC Team .35 Understanding

4、the most observed factors that contributed to an incident.35Summary/conclusion .37 Glossary .3832H 2022 Global Threat Landscape ReportExecutive SummaryCyber threats arent going anywhere.And lets face it,cybercrime is one of the mostif not the mostprofitable illegal industries in the world.With their

5、 own brand of Key Performance Indicators tied to return on investment,threat actors are more methodical and becoming more and more innovative in their tactics,including reviving old methods that have long been forgotten.After all,producers love a good remake of an old classic if it can make new mone

6、y.FortiGuard Labs experts leverage Fortinets large global footprint to continually monitor the threat landscape and the major geopolitical events that influence it.This report presents findings and insights from six months of intense research,with recommendations for leaders and practitioners to bet