Weekly Intelligence Snapshot – Week 45

QuoIntelligence’s Weekly for 29 October – 4 November 2020 is now available!

CYBER

Threat Actor
Industry impacted: ANY, Financials, Industrials, Information Technology

• After over a month without publicly claiming any new victims, and with their last website upload occurring around mid-October, the operators behind the Maze Ransomware announced on 1 November that they have ceased operations. 
• Researchers at FireEye uncovered operations of the threat actor group UNC1945, including leveraging a zero-day vulnerability since mid-2020 in third-party managed hosting provider (MSP) infrastructure to target entities within the financial and professional consulting industries.

Rollups
Industry impacted: ANY

• Researchers Published Zero-Day Vulnerabilities in Windows and Chrome Exploited in Targeted Attacks 
• Critical Remote Code Execution Vulnerability in Oracle WebLogic
• Kaspersky Highlights APT Trends and Activity in its 2020 Q3 Trend Report 
• Adobe Releases Security Update, Includes Patches for Critically Severe Vulnerabilities in Reader/Acrobat 
• Cisco Released Details of a High Severity Zero-day Vulnerability in its AnyConnect Secure Mobility Client 

GEOPOLITICS

Industry impacted: Government

• A series of terrorist attacks across Europe resulted in several deaths over the previous months. The series of attacks could increase the threat of terrorist activity by ISIS supporters, as well as lone-wolf terrorists. At the same time, the attacks could potentially fuel anti-Muslim and nationalist sentiments, which could also result in attacks. In addition, cyberactivity, particularly by hacktivists, is also likely to increase. 

Rollups
Industry impacted: Government, Information Technology

• Iranian Sponsored Threat Actor Identified Obtaining US Voter Registration Data 
• Huawei’s to Reportedly Build Telecom Chips In-house 
• No Winner Declared Yet Following 2020 US Presidential Elections