QuoIntelligence’s Weekly for 17 – 23 September 2020 is now available!

You can find below a summary for our Weekly Intelligence Snapshot, providing insight and analysis into this week’s major cyber and geopolitical events.
Subscribe to our mailing list to receive it straight in your inbox, or inquire today to receive a free trial of our full Weekly Intelligence Product, which includes analyst comments, MITRE ATT&CK tags, IOCs, and more!

CYBER

Current Threat
Industry impacted: Financials, Health Care, Industrials, Information Technology

  • Researchers from Group-IB discovered a new threat actor group, dubbed OldGremlin, conducting campaigns that target Russia and Russian-speaking countries, to ultimately deliver a new ransomware strain, TinyCryptor. Active since at least March 2020, the group conducted seven known phishing campaigns, including exploiting current events, such as the COVID-19 pandemic and the protests in Belarus, to compromise targeted victim’s and their organization’s network.

Threat Actor
Industry impacted: Communication Services, Government, Health Care, Information Technology

  • The US Department of Justice announced charges and extradition demands against five Chinese cyber threat actors and two Malaysian accomplices who are alleged members of the Winnti Group (also known as APT41, BARIUM, and Blackfly). The indictment mentions compromises, activity, and Tactics, Techniques, and Procedures (TTPs), which QuoIntelligence has observed during the course of actively tracking the Winnti Group. 

Rollups
Industry impacted: ANY, Communication Services, Consumer Discretionary, Financials, Government, Health Care, Information Technology

  • Ransomware Attack at University Hospital Düsseldorf (UKD) Potentially Led to Patient Death.
  • APT39: US FBI Releases Technical Indicators, US OFAC Discloses New Sanctions Against Threat Actor and Its Associations.
  • Leaked FinCEN Documents Detail Global Money Laundering Activities by Some of the World’s Biggest Banks between 2000 and 2017.
  • Unsecured Microsoft Bing Server Exposed Data of Bing Mobile Application Users.
  • US Department of Justice Sentenced UK National to Prison for Role in “The Dark Overlord” Hacking Group.
  • Eyewear Giant Luxottica Confirms Ransomware Attack.
  • Researchers Published Proof-of-Concept for a Vulnerability that Could Allow an Attacker to Hijack a Device Running Firefox for Android via Wi-Fi Network.

 

    GEOPOLITICS

    Rollups
    Industry impacted: Government, Information Technology

    • Trump Administration to Approve Sale of TikTok to Oracle and Walmart.
    • 75th UN General Assembly Highlights Current Geopolitical Tensions.

    Outlook
    Industry impacted: Government

    • Special European Council Meeting on Situation in Eastern Mediterranean, Relations with China, Situation in Belarus, and Poisoning of Navalny.

     

     

    Would you like to have access to the full report? Click on the link below to learn more about our Weekly Intelligence Snapshot subscription.