QuoIntelligence’s Weekly Intelligence Snapshot for the week of 16 – 22 September is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Turla: New Backdoor Malware Dubbed TinyTurla Observed In Multiple Campaigns
Industry impacted: Government
Researchers at Cisco Talos detailed analysis of a new backdoor malware dubbed TinyTurla, which is attributed to the Russia-linked threat actor group known as Turla. The malware was used in campaigns targeting at least the US, Germany, and Afghanistan as a “second-chance” backdoor to maintain persistence or download additional malware.
Industry impacted: Communication Services, Financials, Government, Industrials, Information Technology
- Unidentified Threat Actor Dubbed ‘DarkOxide’ Targeting The Semiconductor Industry
- Large Phishing Campaign Targeting EMEA and APAC Governments
- Cybercriminal Steals EUR 10.2 Million Worth of pBTC From Decentralized Finance Platform pNetwork
- Long-Term Chinese Cyber Espionage Campaign, Dubbed Operation Harvest, Discovered
- New Zoho ADSelfService Plus Vulnerability Exploited by APT Actors
- Kaseya Ransomware Incident: FBI Reportedly Held Back the Decryption Key From the Victims
- VMWare Patches High Severity Flaw in vCenter, Says “Time is of the Essence”
- Zero-Day in macOS Finder Allows for Remote Code Execution
US to Enhance Defenses Against Ransomware Attacks by Targeting Digital Currency Payments
Industry impacted: Financials
On 21 September, the US Office of Foreign Assets Control (OFAC) announced sanctions against a Russian virtual currency brokerage, called SUEX OCT, alleging it facilitated financial transactions for ransomware actors. Additionally, the US administration is drafting new actions, sanctions, and guidance to address the ransomware threat. While new regulations and sanctions seeking to limit ransomware profitability could make it difficult for ransomware groups to monetize their attacks, ransomware gangs and other cybercrime groups are likely to continue targeting organizations.
Industry impacted: Government, Information Technology
- 76th UN General Assembly Underway
- Leaders of the US, Japan, India, and Australia to Work Toward Safe Chip Supply Chain Framework
- Telegram Increasingly Used by Cybercriminals to Share Data Leaks
- EU Adopts Strategy for Cooperation in the Indo-Pacific