Expel Quarterly Threat Report Q2 2023

Q2 2023 cybersecurity trends, data, and recommendations from the Expel security operations center (SOC)

Our latest Expel Quarterly Threat Report (QTR) distills the trends, notable new behaviors, and unusual attacks we saw over the last quarter. We’ll also use our previous threat reports to compare findings and point out patterns–and even provide some solutions for avoiding the latest threats.

By sharing how attackers got in, and how we stopped them, we’ll translate the security events we detect and remediate into a strategy for your organization.

Our analysis spans our entire customer base, covering orgs of all shapes, sizes, and industries. We’ve got present-day and future you covered.

Read it now

What’s inside

Grab your copy of the Expel Q2 2023 Threat Report and take a look at what we learned this quarter, including:

  • 56% of all incidents were account compromise or account takeover (ATO) in Microsoft 365 (M365).
  • 23% of incidents involved the deployment commodity malware and malware families linked to pre-ransomware operations.
  • 15% of all phishing attacks identified were session cookie theft via Attacker-in-the-middle (AiTM) phishing, which tripled from last quarter.

Read it now

Attackers targeting vulnerabilities—very new and very old—resulted in the Q2 doubling of server-side exploit incidents. The MOVEit Transfer zero-day topped the list as the most common root cause, followed closely by an exploit from a decade earlier (yup, you read that right—a decade earlier 🤯).”



SOC Snapshot

Malware families linked to pre-ransomware operations shifting gears to commodity malware.

Download infographic

Is Expel the right fit?

When you tell us you’re ready, we won’t waste your time. Let us know what you’re looking for, and what challenges you have, and we’ll have someone get in touch who can talk tech.

Bots mascots