Weekly Intelligence Snapshot – Week 35

You can find below a summary for our Weekly Intelligence Snapshot, providing insight and analysis into this week’s major cyber and geopolitical events.

Subscribe to our mailing list to receive it straight in your inbox, or inquire today to receive a free trial of our full Weekly Intelligence Product, which includes analyst comments, MITRE ATT&CK tags, IOCs, and more!

Current Threat
Industry impacted: Financials, Government, Industrials, Information Technology

• Researchers at Kaspersky uncovered recent corporate cyberespionage activities they attributed to a hack-for-hire cyber threat group referred to as ”DeathStalker”. Reportedly, the group, which potentially has ties to Evilnum and Janicab, targeted law firms, a diplomatic entity, wealth consultancy firms, and financial technology firms, among others.

Rollups
Industry impacted: ANY, Government

• Transparent Tribe: Researchers Discovered New Crimson RAT Server Component Used for Cyberespionage Purposes.
• Cyber Criminals Take Advantage of Increased Telework Through Vishing Campaign.
• Low-level Iranian Cyber Actors Target Exposed RDP Servers to Deploy Dharma Ransomware.
• Ransomware Activity: Ransomware Operators Split to Build DarkSide Ransomware, Conti Operators Announce New Data Leak Website.

GEOPOLITICS

Industry impacted: Government

• Tensions between Greece and Turkey again rose over the previous week, after both states conducted naval exercises in disputed areas in the Eastern Mediterranean. While it is unlikely that these tensions will evolve into a larger military confrontation, it is highly likely that smaller scale escalations, including cyberattacks will continue.

Rollups
Industry impacted: Government

• UN Rejects US Demand to Reimpose All Sanctions on Iran.
• North Korea Acknowledges Failure in Achieving Economic Development Goals.