QuoIntelligence’s Weekly Intelligence Snapshot for the week of 19 March – 26 March 2020 is now available! Find the summary below and subscribe to our mailing list at the bottom if you want to receive Weekly summaries and other regular updates from us!

CYBER

Threat Actors

Industries impacted: Energy, Industrial, Financials, Information Technology, Telecommunication Services, Real Estate, Government

Researchers at FireEye reported that China-linked espionage threat actor APT41 is attributed to a widespread campaign which involves exploitation attempts of vulnerabilities for products of Cisco, Citrix and Zoho. Reportedly, waves of the campaign were initially observed from 20 January through 11 March, apparently taking a more targeted approach to selecting potential victims across various sectors.

Vulnerabilities

Industries impacted: ANY

On 23 March, Microsoft released an advisory on two critical remote code execution (RCE) zero-day vulnerabilities in Microsoft Windows exploited in limited, targeted Windows 7-based attacks. In response to the advisory, QuoIntelligence distributed a Warning to customers.

 

GEOPOLITICS

The COVID-19 pandemic is continuing and its epicenter has moved to the US, after initially being located in Asia, then in Europe. Country-wide lockdowns or restrictions on movement are implemented within a majority of countries. Please find an overview over the cyber implications that QuoINT observed over the previous week below, as well as recent geopolitical developments.

 

OUTLOOK

30 March – Postponed: EU-China Summit

2 April – NATO Secure Teleconference Meeting of Foreign Affairs Ministers