Trickbot-infected PCs began distributing Emotet samples by encouraging users to download password-protected zip files containing malicious documents that are rebuilding Emotet’s botnet network. Emotet’s operations were updated with some new techniques added to the toolkit.

Our security team tracks DDoS weapons and their behaviors and reports on their frequency and impact over the last several years. Our latest H1 2021 DDoS Attack Mitigation: Global State of DDoS Weapons Report provides detailed insights into the origins of DDoS activity, highlighting how easily and quickly modern malware can hijack IoT devices and convert them into malicious botnets.

According to CPR, 1 out of 61 enterprises will be affected by ransomware each week in 2021, up from 1 out of 61 in 2020. This year, ISP/MSP industry has been most targeted by ransomware.

Mozi was first identified in 2019 and has been evolving ever since. It can now persist on network devices by infiltrating device’s file system, remaining functional even after the device has been rebooted. During the first half of 2021, Mozi topped out at over 360,000 unique systems using more than 285,000 unique source IP addresses, likely due to address translation.

The threat actor, a Russian speaker, is taking advantage of Microsoft Exchange vulnerabilities to penetrate random networks. This threat has likely resulted in steep financial and data losses for companies.