QuoIntelligence’s Weekly Intelligence Snapshot for the week of 14 – 21 July is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Cyber Highlights

Two Israel-Based Private Brokers Linked To Separate, Widespread Security Investigations

Industry impacted: Communication Services, Industrials

In the last week, security researchers, human rights, and non-profit organizations, publicly disclosed their findings detailing cyber surveillance activity attributed to the spyware softwares Pegasus and DevilsTongue and exploitation activity attributed to two separate private-sector Israel-based companies, NSO Group and Candiru (also known as SOURGUM).

Industry impacted: Communication Services, Consumer Discretionary, Consumer Staples, Energy, Financials, Government, Health Care, Industrials

  • APT40: Newly Disclosed Tactics, Techniques and Procedures and Indicators
  • Saudi Aramco Compromise Results in 1TB of Data For Sale on Darkweb
  • TA2721: Threat Group Uses Spanish Lures to Target Victims with Bandook Malware
  • New Malware DMechant Targets Crypto Wallets and Credentials
  • #Hivenightmare #SeriousSAM Local Privilege Escalation Vulnerability (CVE-2021-36934)
  • CISA Warns of Malware Targeting Pulse Secure Devices

Geopolitical Highlights

Western Allies Coordinated Response Against China’s Behaviour in Cyberspace Unlikely to Change Threat Landscape

Industry impacted: Diplomacy

On 19 July, the US and Western allies formally accused China for the Microsoft Exchange espionage campaign that took place earlier this year. Though not accompanied by sanctions, the allies condemned China’s behaviour in cyberspace. Microsoft had already attributed the campaign to China and it is unlikely that this new coordinated strategy by western allies towards China will impact the threat landscape. In fact, geopolitical tensions with China are likely to continue.

Industry impacted: Financials, Government

  • US Senate to Ban all Products from China’s Xinjiang Region
  • Merkel and Biden Discuss US-German Relations, Disagree on its Approach to Nord Stream 2
  • US to Reward up to USD 10 Million for Information on Foreign Malicious Cyber Activity Against US
  • European Commission Proposal on Anti-Money Laundering to Tighten Crypto Controls


Industry impacted: Information Technology

29 July – Ransomware Live Summit