In the third quarter of 2021 (Q3 2021), the global cyber threat landscape saw persistent ransomware attacks, numerous disclosed vulnerabilities and enhanced threat actor TTPs. Ransomware groups continued launching attacks using new and existing ransomware types, leading to governments around the world working with cybersecurity experts to promote education and response plans. Newly-disclosed exploits and vulnerabilities emerged and cybercriminal underground networks endured a quarter rife with data leak advertisements, sale of cybercrime tools, and an increase in ransomware data leak and digital extortion websites – including the discovery of the Colossus ransomware by ZeroFox. Read this quarter’s findings and in-depth analysis from the ZeroFox Threat Intelligence team.
Key Takeaways:
- Ransomware activity focuses on vulnerable targets and new extortion tactics
- Malware activity favored mobile malware and banking trojans, leveraging tools like Cobalt Strike in attack chains
- National and international cybersecurity initiatives aimed at targeting an increase in ransomware increased globally
- Increased activity in cybercriminal underground networks including the reemergence of RAMP
- A round up of top vulnerabilities and exploits from the quarter