QuoIntelligence’s Weekly Intelligence Snapshot for the week of 4 – 10 Feb is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
In February’s Patch Tuesday, Microsoft released new patches for at least 59 vulnerabilities in a variety of Microsoft products, including an actively exploited vulnerability in the Windows Kernel. Furthermore, the 11 updates categorized as “critical” by Microsoft allow attackers to mount remote code execution (RCE) attacks against unpatched systems.
Industry impacted: Financials, Information Technology, Utilities
- Threat Actors Abuse Google Chrome Sync Feature for C2 and Data Exfiltration
- New Phishing Campaign Uses Morse Code Technique To Evade Detection
- Threat Actor Breached Systems of Water Treatment Facility in Florida, Increased Additive in Drinking Water
- Ziggy Ransomware Announced Operational Shut Down, Releases Victims’ Decryption Keys
- BendyBear Downloader Discovered, Attributed to BlackTech
- Ukraine Cyber Police Conducts Joint Operation with Australian and US Agencies to Detain Suspect Behind uPanel
- Adobe Patches Heap Overflow Vulnerability Currently Exploited in the Wild
Amidst the recent global wave of political unrest, several governments resorted to Internet disruptions or social media blockages. In addition, protests can also impact an organization’s physical security and affect highly interconnected supply chains. By ensuring organizations are aware of evolving social unrest, organizations can understand whether employee safety, business locations, and suppliers might be affected and proactively shift operations and ensure business continuity.
Industry impacted: Government
- UN Report Claims North Korea Developed and Maintained Nuclear Weapons Programs Throughout 2020
- Germany, Poland, and Sweden Expel Russian Diplomats After Russia’s Expulsion of Three EU Officials Accused of Supporting Navalny Protests
- Biden and Xi Hold First Call, US Outlines Strategy Towards China
Industry impacted: Communication Services, Information Technology
- 12 February – Cyber Security Digital Summit for Security Access Service Edge 2021
- 16 February – ENISA: EU Telecom Security Meeting