QuoIntelligence’s Weekly Intelligence Snapshot for the week of 10 – 16 June is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Cyber Highlights
Ransomware: Recent Attacks and Happenings
Industries impacted: Energy, Financials, Government, Utilities, Consumer Discretionary
Over the last week, QuoIntelligence observed multiple attack activities involving ransomware groups and the resulting implications. The following spotlight highlights REvil, Prometheus, Avaddon, Paradise Ransomware, Fancy Lazarus, Cl0p, and Andariel (a suspected Lazarus subset group). The newly reported ransomware activity includes updated tactics, attack campaigns, operational changes, and law enforcement intervention.
Winnti: Supply-Chain Attack Against Airline Industry
Industries impacted: Industrials
Researchers at Group-IB reported a large scale supply chain attack dubbed ColunmTK, which targeted Société Internationale de Télécommunications Aéronautiques (SITA) – a global IT provider for the majority of the world’s airline industry. The attack is likely attributed to the China-linked nation-state threat actor known as Winnti (also known as BARIUM, Winnti Umbrella, and APT41).
Rollups
Industry impacted: Energy, Government
- Microsoft Disrupts Large BEC Operation
- Researchers Disclose ALPACA Vulnerabilities in the Transport Layer Security (TLS) Protocol
- Apple Releases Patches for Three Vulnerabilities, Including Two Zero-Days Exploited In The Wild
Geopolitical Highlights
US – Russia Summit Unlikely to Change Threat Landscape but to Ease Diplomatic Tensions
Industry impacted: Government
On 16 June, the US and Russia met at a summit to re-start communications after continued confrontation. The meeting is unlikely to have an important impact on the countries’ bilateral relations in the short and medium-term. However, thanks to increased dialogue, both leaders could find areas of cooperation, such as disruptive cyberattacks, the extradition of cybercriminals, arms control, and reduce tensions to achieve a more stable and predictable relation.
Rollups
Industry impacted: Government
- Germany’s Intelligence Agency Presents Annual Threat Landscape
- NIST Publishes Draft Framework on Cybersecurity for Ransomware Risk Management
- Italy to Set up Cybersecurity Agency Ahead of National Cloud Plan
