March 2026 Phishing Email Trends Report
Statistics on Attachment Threats Types. trojans accounted for the largest share of attachment-based threats in March 2026 at 21%. phishing (FakePage) came in at 15%, with a significant month-over-month decrease in share from 42% to 15%, but a slight decrease in volume. downloaders were identified at 9% and droppers at
March 2026 Security Issues in the Korean & Global Financial Sector
Content. a number of malware samples including phishing, web shell, droppers, backdoor malware, downloaders, Infostealer, and CoinMiner targeting the financial sector have been distributed. we observed a number of cases where Korean disguised attachment names and HTML/JS execution methods were utilized to propagate phishing. account compromise campaigns through the Telegram
Statistics Report on Malware Targeting Windows Database Servers in Q1 2026
Description. analysis of ASEC’s ASD logs for Q1 2026 showed a consistent trend of attacks against MS-SQL and MySQL. the number of attacks tended to decrease temporarily in February before increasing again in March. Purpose and Scope. this report summarizes the statistics of attacks targeting MS-SQL and MySQL servers installed
Statistical Report on Malware Targeting Windows Web Servers in Q1 2026
Description. AhnLab SEcurity intelligence Center (ASEC) analyzed the attack status and malware statistics of Windows web servers in the first quarter of 2026 based on AhnLab Smart Defense (ASD) logs. the analysis covers Internet Information Services (IIS) and Apache Tomcat web servers in Windows environments. command execution through the web
Q1 2026 Malware Statistics Report for Linux SSH Servers
Overview. ASEC analyzed the statistics of attacks against Linux SSH servers in Q1 2026 based on honeypot logs. The P2PInfect worm dominated, accounting for 70.3% of all attack sources, and DDoS bots such as Mirai, XMRig, Prometei, and CoinMiner were identified as the main threats. Purpose and Scope. the purpose
March 2026 Ransomware Trends Report
Purpose and Scope. this report summarizes the number of ransomware samples, number of affected systems, DLS-based statistics, and major Korean & Global ransomware issues identified during the month of March 2026. Key statistics. ransomware sample counts and victimized systems statistics were aggregated by detection name assigned by AhnLab. statistics on
Q1 2026 Attack Technique Trends Report
overview The cyber attack landscape in Q1 2026 was characterized by a step change from traditional mass-automated threats, with accelerated penetration rates driven by the use of AI, identity-centric attacks, exploitation of supply chain and SaaS linkages, and a combination of social engineering and vulnerability exploitation. threat actors are no
LOLBins – Analysis of MSBuild-Based Attack Techniques
Overview In recent years, cyber threat actors have consistently attempted to exploit living off the land binaries (LOLBins) built into systems to bypass detection by security products. Such attack methods effectively evade traditional signature-based detection by not distributing a separate malicious file, but instead relying on tools trusted by the
March 2026 Infostealer Trend Report
Description. this report analyzes Infostealer distribution trends and cases collected during the month of March 2026. It is based on data collected through ASEC’s automated collection and analysis system and ATIP’s real-time IOC service. Purpose and Scope. the purpose of the analysis is to identify trends in the volume, distribution
Q1 2026 Vulnerability Trends Report
Vulnerability Trends Summary for Q1 2026. Overview. q1 2026 saw a number of high-risk vulnerabilities reported with either public disclosures or confirmed exploits. an increase in remote code execution and authentication bypass family vulnerabilities was observed. Early publication of PoCs accelerated threat propagation. the potential for chain attacks through the
