QuoIntelligence’s Weekly for 22 – 28 October 2020 is now available!

You can find below a summary for our Weekly Intelligence Snapshot, providing insight and analysis into this week’s major cyber and geopolitical events. Subscribe to our mailing list to receive it straight in your inbox, or inquire today to receive a free trial of our full Weekly Intelligence Product, which includes analyst comments, MITRE ATT&CK tags, IOCs, and more!

CYBER

Current Threat
Industry impacted: Financials, Government, Industrials

  • US government intelligence agencies released a joint advisory detailing the tactics, techniques, and procedures (TTPs) used by the North Korean advanced persistent threat (APT) group, Kimsuky.
  • QuoIntelligence observed cyberattacks targeting French companies, including the financial and banking sector. Since 25 October, there are reports of ongoing distributed denial of service (DDoS) and website defacement attacks targeting “dozens of banks” in France. The recent cyberattacks against French organizations are potentially related to a recent speech by French President Macron, in which he said he will fight ”Islamist separatism” and said Islam was ”in crisis all over the world”. President Macron’s comments have resulted in objections from several Muslim countries.

Rollups
Industry impacted: ANY, Energy, Government, Information Technology

  • Energetic Bear Compromises At Least Two US Government Targets
  • Pulse Connect Secure Vulnerability, Results in Remote Code Execution as Root
  • Massive Nitro Data Breach Impacts Multi-National Companies’ Data 
  • Microsoft Releases Update to Remove Flash from Windows 
  • Microsoft Reports Cyberattacks Targeting International Conference Attendees 
  • State-Sponsored Group, Turla, Targets European Government Organization in Espionage Campaign 
  • Ransomware Attacks Target French Enterprise IT Services Company Sopra Steria and Multinational Energy Company Enel Group 

    GEOPOLITICS

    Industry impacted: Government

    • The US presidential elections will take place on 3 November. The high likelihood that the final outcome of the election will be delayed past election night, and the resulting uncertainty could lead to a volatile situation, especially given the already tense public sentiment following months of nationwide protests. In cyberspace, opportunistic attackers, as well as APT groups, could take advantage of the uncertainty to target victims.

    Rollups

    • US Sanctions Russian Research Institute Reportedly Connected to Triton Malware 
    • US Sanctions Five Iranian Entities Over Attempted Interference in 2020 US Presidential Election 

     

    OUTLOOK

    Industry impacted: Government

    • 3 November – US General Election
      Would you like to have access to the full report? Click on the link below to learn more about our Weekly Intelligence Snapshot subscription.