Summary of Infoblox Q2 Cyber Threat Intelligence Report, 2021

report cover art with announcement text

The Infoblox Quarterly Cyber Threat Intelligence Report for Q2 2021 is now available. These reports supplement original research and insight conducted by Infoblox and provide a detailed analysis of advanced malware campaigns and recent significant attacks that occurred in the time leading up to its publication.

This edition includes detailed information on ransomware and specific ransomware attacks that have recently taken place:

  • Ransomware Attack on JBS USA
  • Ransomware Attack on Colonial Pipeline
  • REvil Ransomware Attack on Kaseya
  • and more

Ransomware has been more prevalent than ever before in 2021. More than 35% of businesses report having paid out between $350,000 and $1.4 million in ransoms, and 7% of businesses reported paying out ransoms in excess of $1.4 million.

Federal Government Progress on Cybersecurity Solutions

Federal governments are ramping up cybersecurity activity and focusing on solutions to mitigate ransomware and other cyber-attacks against public and private sector organizations. 

Deputy Attorney General Lisa Monaco says:

“We must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow these threats to persist,” Monaco wrote. She also noted “to the CEOs around the country, you’ve got to be on notice of the exponential increase of these [ransomware] attacks.”

NSA’s and CISA’s Guidance on DNS Security

DNS is key to the foundational security stack for enterprise and government. In 2021,

the NSA and CISA have gone on record recommending that every agency,

organization, and enterprise leverage the existing DNS protocol and architecture

by using a protective domain name service (PDNS) service. The “Selecting a Protective DNS Service” report details the benefits and risks of using DNS  Security while also assessing several commercial PDNS providers according to their reported capabilities.

Q2 2021 Cyber Campaign Briefs and Cyber Threat Alerts

This section of the report provides full-length briefs on:

  • Malspam Campaign Spoofing Waybill Delivers NanoCore RAT
  • Hancitor Downloads Infostealers
  • Shathak Pushes IcedID Banking Trojan
  • RemcosRAT Malspam Campaign Spoofs UAE Machinery Company Correspondence
  • Cyberthreat Advisory – Nobelium Campaigns and Malware
  • Graftor Adware Still Circulating
  • Biotech-Themed Malspam Drops BitRAT
  • Cyberthreat Advisory: DarkSide Ransomware Attack on Colonial Pipeline
  • Malspam Delivering Agent Tesla Keylogger Spoofs Email Addresses of Petroham Oil & Gas Companies
  • Cyberthreat Advisory: FiveHands Ransomware
  • Polish Language Malspam Campaign Delivers AveMaria Infostealer
  • Post-Takedown Trickbot Activity
  • Spoofed Vehicle Purchase Invoice Malspam Drops Formbook Infostealer
  • Agent Tesla Malspam Campaign Spoofs Bank Correspondence
  • Italian Economic Support–Themed Malspam Delivers Ursnif Banking Trojan

If you’re concerned about these and other cybersecurity threats and would like help evaluating your current level of risk, Empowered Networks team of experts can help.

Download the Report

Please download the Q2 2021 of Quarterly Cyberthreat Intelligence Report here.

As mentioned on our Empowered Partners page, Empowered Networks has been a Platinum partner for Infoblox for over a decade. Our team has advanced certifications in sales, professional services, and training.  We’re also a development partner, and Infoblox licenses the Advisor platform from Empowered Networks for use with their NetMRI and Network Insight products, and they also leverage Empowered Networks’ Topology Viewer technology within NetMRI.