29 percent of threats previously unknown as hackers update tactics The latest Quarterly Threat Insights Report from HP shows that 29 percent of malware captured between October and December 2020 was previously unknown, due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection. In addition 88 percent of malware was delivered by email into users' inboxes, in many cases having bypassed gateway filters. It took 8.8 days, on average, for threats to become known by hash to antivirus engines, giving hackers over a week’s head-start on their campaigns. "Opportunistic cybercrime does not show any signs of slowing," says Alex Holland, senior malware analyst at HP Inc. "Low-cost malware-as-a-service kits are an attractive prospect to cybercriminals and we have seen these continue to proliferate in underground forums. Kits like APOMacroSploit, which emerged in Q4 2020, can be bought for as little as $50 USD, illustrating just how low the barrier to entry is for opportunistic cybercrime. We have also seen threat actors continue to experiment with malware delivery techniques to improve their chances of establishing footholds into networks. The most effective execution techniques we saw in Q4 2020 involved old technologies like Excel 4.0 macros that often offer little visibility to detection tools."