QuoIntelligence’s Weekly Intelligence Snapshot for the week of 21 – 28 July is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Ransomware: Recent Attacks and Happenings
Over the last week, QuoIntelligence observed the emergence of new ransomware families and ransomware variants and their evolution of Tactics, Techniques and Procedures (TTPs). The following spotlight highlights LockBit, BlackMatter, REvil, and Haron.
Industry impacted: Financials
- Exposing LemonDuck, Modern Mining Malware Infrastructure
- Apple Released a Patches for a 0-day Vulnerability Under Active Attack
- New Variant of Formbook Stealer Uses Steganography and In-Memory Loading
- Researcher Discloses PoC Exploit For NTLM Relay Attack dubbed PetitPotam, Affecting Windows Servers and Workstations
- PKPLUG: New PlugX Variant, THOR, Identified In Microsoft Exchange Server Attacks
- FIN8: A Forensic Investigation Into An Attack
COVID-19: Intermittent Lockdowns and Restrictions Likely Until end of 2022
Industry impacted: Health Care
Countries are beginning to impose new restrictions and mandatory vaccination or testing schemes due to more contagious COVID-19 variants, which has set back plans of private and public reopening. While the vaccines have proven largely efficient, new waves of infections are likely until at least the end of 2022, resulting in potential intermittent lockdowns. As a result, demonstrations against compulsory proof of immunization and new restrictions are likely. Additionally, we expect continued cyberattacks and fraud targeting Digital Health Passes and vaccination certificates.
Industry impacted: Communication Services, Government
- High-level Talks Between US and China End in ‘Stalemate’
- South and North Korea Restored Diplomacy Hotline
- UK Government Considering to Lower the Cybersecurity Incident Reporting Threshold for Digital Service Providers
Industry impacted: Communication Services
23 July – Tokyo 2021 Olympic Games