QuoIntelligence’s Weekly Intelligence Snapshot for the week of 14 – 20 January is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Cyber

Incident

Industry impacted: Information Technology

On 19 January, Malwarebytes reported that the nation-state threat actors behind last year’s SolarWinds breach, dubbed “UNC2452” by FireEye, had successfully compromised its systems. Most significantly, Malwarebytes was not a user of SolarWinds products, and the intrusion vector allegedly leveraged a separate vulnerability in an e-mail protection product for Microsoft Office 365 and Microsoft Azure.

Rollups

Industry impacted: Consumer Discretionary, Financials, Government, Health Care, Industrials, Information Technology

• IObit and OpenWRT Forum Breached to Target User Members
• Check Point Research Discovers Botnet Dubbed FreakOut
• Raindrop: New Malware Discovered in SolarWinds Investigation
• Carding Marketplace JokerStash to Shut Down
• Russian Crypto Exchange Livecoin to Shut Down After System Compromised
• Conti Ransomware Groups Releases Scottish Environment Protection Agency (SEPA) Data After Attack

Geopolitics

Industry impacted: Government

Nations are strengthening their supply chain security frameworks to ensure that third-parties comply with secure and sustainable approaches to guarantee supply chain continuity. While those frameworks seek to enhance supply chain security and resilience, companies will likely incur additional compliance costs to adapt their business models to regulated frameworks and protectionists approaches.

Rollups
Industry impacted: Communication Services, Government, Information Technology

• US Continues Trade Restrictions on Chinese Companies
• Social Media Site Parler Partially Resumes Operations with Russian Firm DDos-Guard
• Inauguration of President Biden
• Several EU countries Implement Their Own Big Tech Regulation Laws Prior to the EU’s Bloc-Wide Legislation