QuoIntelligence’s Weekly Intelligence Snapshot for the week of 15- 21 April is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!



Industry impacted: Government

Earlier this week, FireEye researchers released two reports detailing separate, unrelated exploitation activity of multiple zero-day vulnerabilities affecting security products in SonicWall and Pulse Secure. Both product vendors confirm the vulnerabilities, exploitation activity, and addressed the security flaws. A patch is expected in early May to address the zero-day vulnerability in Pulse Secure.

Industry impacted: Information Technology

  • US Department of Justice Sentences High-Level Manager of FIN7 APT Group to Prison
  • US Authorities Investigates Codecov Security Breach
  • Ryuk Ransomware Observed Using New Tactics, Techniques, and Procedures (TTPs)
  • Researchers Observed Two Campaigns Leveraging BazarLoader
  • REvil Compromises Apple Supply Chain, Threatens to Sell Stolen Blueprints



Industry impacted: Government, Information Technology

On 15 April, the US imposed punitive measures against Russia, including financial sanctions and diplomatic expulsions, in response to the SolarWinds espionage campaign and alleged Russian interference in the 2020 US Presidential elections. While these measures seek to impose high costs on Russian activities, past sanctions have failed to deter Russia. As a result, continued cyber espionage campaigns targeting the US and EU countries backing the US, such as Poland and the Czech Republic are likely. Additionally, the sanctions and attribution of the SolarWinds espionage campaign to Russia could set a new precedent, resulting in sanctions on nations carrying out cyber espionage becoming more frequent.

Industry impacted: Information Technology

  • EU Adopts Strategy to Increase Cooperation and Presence in the Indo-Pacific Region
  • EU Seeks Investment from Taiwan in Semiconductor Sector


Industry impacted: Information Technology

  • 28 April: Group-IB Digital Risk Summit 2021