QuoIntelligence’s Weekly Intelligence Snapshot for the week of 13 – 20 October is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

TA505: New Widespread Campaign Includes Enhanced New Tooling

Researchers at Proofpoint identified new phishing campaigns attributed to the financially-motivated cyber crime group TA505. The campaigns were initially observed in September having multiple low volume waves targeting primarily North America, but evolved by late September to high volume campaigns distributed indiscriminately across industries. Similarly, Morphisec Labs has tracked a new version of a campaign targeting organizations also in September. Dubbed “MirrorBlast”, this attack campaign also bears similarities to the TTPs commonly used by TA505.


Industry impacted:Communication Services, Government, Information Technology

  • Harvester Group: New Possible Nation-State Actor Targets South Asia With Espionage Campaign
  • US Government Releases Technical Details on BlackMatter Ransomware
  • REvil Operators Go Dark, Again. Dataleak Site is Offline
  • Analyzing Trickbot’s Evolution from Banking Trojan to Multifunctional Modular Tool
  • Acer Hit With Second Cyberattack in Less Than a Week

Geo Highlights

US’ New Approach to Ransomware: International Cooperation and Crypto Regulation

The US administration is hardening its defenses against ransomware attacks by focusing on international cooperation, new cybersecurity regulation, and increasing control over cryptocurrencies used in ransom payments. While coordinated efforts against ransomware attacks and new sanctions seeking to limit ransomware profitability could make it difficult for ransomware groups to monetize their attacks, ransomware gangs and other cyber crime groups are likely to continue targeting organizations.


Industry impacted: Communication Services, Government

  • LinkedIn to Shut Down Service in China, Citing “Challenging” Environment
  • Russia Suspends Permanent Mission to NATO in Response to Staff Expulsions
  • EU Says Poland’s Challenge to Primacy of EU Law to be Punished
  • WTO Director-General Warns Global Supply Chain Problems Could Continue for “several months”