A new report reveals some of the top emerging cybersecurity threats and trends worldwide.
CrowdSec released its Q2 2023 Majority Report, a community-driven data report driven by its users. Key takeaways from the report include the rise of IPv6 as well as the role of VPN in cybercriminal activities. The report consolidates insights from the company’s open source network, providing data on some of the top emerging cybersecurity threats and trends.
Key highlights from the report
- IPv6 represents 20% of reported malicious IPs.
- 5% of reported IPs are flagged as VPN or proxy users.
- The number of compromised assets is not the most accurate method of evaluating an Autonomous System (AS). The size of operators varies greatly, creating a discrepancy when comparing big operators to small. Though big operators receive a greater number of reports related to malicious IPs, smaller operators with fewer affiliated IPs — therefore receiving fewer reports — may be hosting riskier services.
- Malevolent Duration (MD) is a more accurate metric for evaluating AS. This refers to the number of days for which users report a malicious IP to the operator. The average MD of all the IPs in the same AS indicates the operator's due diligence when it comes to identifying and dealing with compromised assets.
- Third-party reports of infected machines play a significant role. The ability to quickly deal with infected machines reported by third parties within a network, as well as proactively identifying infected machines based on behavioral patterns, significantly impacts how long a machine stays infected.
- Low MD translates to a lower risk for a business to inherit a machine that has been flagged as malevolent. By extension, this also minimizes the risk of a legitimate business asset being preemptively blocked by partners, prospects, or potential customers.