The Expel Quarterly Threat Report distills the threats and trends the Expel SOC saw in Q2. Download it now

The Expel Quarterly Threat Report distills the threats and trends the Expel SOC saw in Q2. Download it now.

Many thanks to the great folks at Expel, who have sponsored my writing for the past week.

Every quarter, the Expel security operations centre (SOC) publishes its Quarterly Threat Report (QTR) to distill all the trends, notable new behaviours, and unusual attacks it saw in the previous quarter.

By sharing how attackers got in, and how Expel stopped them, the QTR helps inform your organisation’s security strategy.

Download your copy of the Expel QTR for an in-depth look at what Expel analysts saw this quarter, including:

  • 56% of all incidents were account compromise or account takeover in Microsoft 365.
  • 23% of incidents involved the deployment of commodity malware and malware families linked to pre-ransomware operations.
  • 15% of all phishing attacks identified were session cookie theft via attacker-in-the-middle (AiTM) phishing, which tripled from last quarter.
  • The MOVEit Transfer zero-day topped the list as the most commonly exploited vulnerability, followed closely by a 10-year-old vulnerability.

You’ll get more information about these threats and patterns, along with recommendations your security team can take today to protect your org, in the Expel QTR. Download your copy today.


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about cybersecurity, you can find more information here.