QuoIntelligence’s Weekly Intelligence Snapshot for the week of 27 May – 1 June is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!


Threat Actor Industry impacted: Communication Services, Government, Health Care, Industrials, Information Technology

  • Researchers at Microsoft detailed a new phishing e-mail campaign attributed to Russia-linked Nobelium (also known as APT29, Cozy Bear), which operated since at least January 2021. Throughout the targeted campaign, the phishing message and delivery method (e.g. Google Firebase, Dropbox) varied. Additionally, profiling is also in place for at least Apple iOS devices, where the actor targeted a previously patched zero-day vulnerability.

Industry impacted: Consumer Discretionary, Government

  • APT Threat Actors Exploiting Fortinet Vulnerabilities to Gain Access to a US Municipal Government Domain
  • Belgium’s Government Victim of “sophisticated” Cyberattack
  • Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices
  • Epsilon Red – A New Ransomware



Industry impacted: Government

  • Denmark’s Defense Intelligence Service (FE) allegedly helped the US National Security Agency (NSA) spy on European politicians between 2012 and 2014. Among those targeted were German chancellor Angela Merkel and other French, Norwegian, and Swedish politicians. While Denmark’s eavesdropping accusations are serious given that the targeted countries are EU allies, the practice is not illegal and will unlikely impact US-EU diplomatic relations. However, these practices are increasingly under public scrutiny as they disregard privacy principles.

Industry impacted: Energy, Industrials, Utilities

  • Russia Prohibits Austrian Airlines Flight to Land Without Entering Belarusian Airspace
  • DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators



Industry impacted: Government

  • 13 June – 47th G7 summit