QuoIntelligence’s Weekly Intelligence Snapshot for the (short) week of 23 – 29 December 2020 is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Cyber

Threat Actor

Industry impacted: Government, Health Care

Last week, Kaspersky researchers unearthed a North Korea-linked Lazarus cyber-espionage campaign, which successfully targeted an unnamed pharmaceutical company and a government health ministry related to the COVID-19 response. Although the initial attack vectors against the two targets are unknown, the attackers’ post-exploitation activities in both instances overlapped and demonstrated advanced lateral movement and data exfiltration capabilities.

 

Rollups

Industry impacted: Communication Services, Consumer Discretionary, Government, Information Technology

  • Distributed Denial of Service Attack Targets Citrix NetScaler ADC and Gateway Products
  • Researcher Discloses Details of an Improperly Patched Windows Privilege Escalation Vulnerability
  • Scottish Environment Protection Agency Suffered a Cyberattack
  • SolarWinds Orion’s Authentication Bypass Vulnerability
  • Home Appliance Manufacturer ‘Whirlpool’ Suffered Nefilim Ransomware Attack
  • Threat Actor Selling Ho Mobile Database

Geopolitics

Industry impacted: Government

The UK and the EU have signed the Trade and Cooperation Agreement that will regulate the relationship between both parties. While both the UK and the EU have welcomed the deal, critical issues are still under consideration, such as information-sharing, data protection, security, and cybersecurity schemes. As such, modifications of the agreement are likely to be developed next year, prolonging uncertainty in key issues.

Rollups
Industry impacted: Government

  • EU and China Set to Sign Investment Pact
  • Finland’s Police Continues Investigation into Cyberattack on Finnish Parliament