QuoIntelligence’s Weekly Intelligence Snapshot for the week of 10 – 16 June is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Cyber Highlights

Ransomware: Recent Attacks and Happenings

Industries impacted: Energy, Financials, Government, Utilities, Consumer Discretionary

Over the last week, QuoIntelligence observed multiple attack activities involving ransomware groups and the resulting implications. The following spotlight highlights REvil, Prometheus, Avaddon, Paradise Ransomware, Fancy Lazarus, Cl0p, and Andariel (a suspected Lazarus subset group). The newly reported ransomware activity includes updated tactics, attack campaigns, operational changes, and law enforcement intervention.

Winnti: Supply-Chain Attack Against Airline Industry

Industries impacted: Industrials

Researchers at Group-IB reported a large scale supply chain attack dubbed ColunmTK, which targeted Société Internationale de Télécommunications Aéronautiques (SITA) – a global IT provider for the majority of the world’s airline industry. The attack is likely attributed to the China-linked nation-state threat actor known as Winnti (also known as BARIUM, Winnti Umbrella, and APT41).

Industry impacted: Energy, Government

  • Microsoft Disrupts Large BEC Operation
  • Researchers Disclose ALPACA Vulnerabilities in the Transport Layer Security (TLS) Protocol
  • Apple Releases Patches for Three Vulnerabilities, Including Two Zero-Days Exploited In The Wild


Geopolitical Highlights

US – Russia Summit Unlikely to Change Threat Landscape but to Ease Diplomatic Tensions

Industry impacted: Government

On 16 June, the US and Russia met at a summit to re-start communications after continued confrontation. The meeting is unlikely to have an important impact on the countries’ bilateral relations in the short and medium-term. However, thanks to increased dialogue, both leaders could find areas of cooperation, such as disruptive cyberattacks, the extradition of cybercriminals, arms control, and reduce tensions to achieve a more stable and predictable relation.

Industry impacted: Government

  • Germany’s Intelligence Agency Presents Annual Threat Landscape
  • NIST Publishes Draft Framework on Cybersecurity for Ransomware Risk Management
  • Italy to Set up Cybersecurity Agency Ahead of National Cloud Plan