Weekly Intelligence Snapshot – Week 47

QuoIntelligence’s Weekly for 12 – 18 November 2020 is now available!

CYBER

Threat Actor
Industry impacted: Financials, Government

• Researchers at ESET discovered telemetry indicating a novel supply chain attack campaign targeting users of South Korean banking and government websites. The researchers attributed this campaign to the Lazarus Group, citing similarities in tactics, techniques, and procedures (TTPs) to previous Lazarus Group campaigns.

Rollup
Industry impacted: Consumer Discretionary, Government, Health Care, Industrials, Information Technology

• Jupyter: New Infostealer and Backdoor Variant
• Cisco Releases Advisory for Five Remotely Exploitable Vulnerabilities in its Security Manager and IOS XR Software
• APT10: Leverages ZeroLogon Vulnerability in Espionage Campaign
• Managed Web Hosting Provider Impacted by REvil Ransomware 
• Cisco Webex Meetings Vulnerabilities Allow Unauthenticated, Remote Users to Join

GEOPOLITICS

Industry impacted: Health Care

• The healthcare sector became a preferred target for cyber threat actors at the onset of the COVID-19 pandemic. The pandemic has shown how quickly threat actors can operate, as many organizations lag behind in creating proper cybersecurity infrastructure and are forced to react to evolving threats, rather than planning ahead.

Rollup
Industry impacted: Government, Information Technology, Utilities

• Nations in Asia-Pacific Region Sign Regional Comprehensive Economic Partnership (RCEP) Agreement 
• Russia Plans Retaliatory Sanctions Against Germany and France
• Qualcomm Receives US Permission to Sell Chips to Huawei Amidst Trade Restrictions 
• Hungary and Poland Veto EU’s Budget Package, Causing Agreement Standstill

OUTLOOK

Industry impacted: Government, Information Technology

• 21 November – G20 Summit 2020 Riyadh
• 21 November – SANS Pen Test HackFest 2020
• 22 November – German Open Source Intelligence Conference GOSINTCon