QuoIntelligence’s Weekly Intelligence Snapshot for the week of 20 – 27 October is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

FIN7: Recruiting Unsuspecting IT Professionals For Attack Campaigns

Industry impacted: Information Technology

Researchers at Gemini Advisory reported that the well-known eCrime group FIN7 is using a new fake security company to hire unknowing IT professionals for supporting their operations, including their expanded interest into ransomware.


Industry impacted:Consumer Discretionary, Government, Industrials, Information Technology

  • New Nobelium Supply Chain Attack Targets Cloud and MSP Customers
  • Conti Ransom Gang Starts Selling Access to Victims
  • FBI Releases Technical Details for Ranzy Locker Ransomware
  • Kaspersky Identifies New Lazarus Supply Chain Activity
  • Eberspächer Group Victim of a Cyberattack

Geo Highlights

Ransomware Groups Respond to Increased Disruption Efforts

On 17 October, the ransomware group REvil went offline following a multinational law enforcement operation. Given increased efforts from law enforcement to disrupt ransomware attacks, ransomware groups are adapting to the new threat landscape by diversifying targets, announcing they could move to unregulated jurisdictions, or prohibiting certain targets, among others. As such, ransomware groups are unlikely to stop operating, but to adapt their Tactics, Techniques, and Procedures and business models to avoid law enforcement attention.


Industry impacted: Communication Services, Consumer Discretionary, Energy, Government

  • Diplomatic Tensions Between Turkey and NATO Allies Ease, After Turkey Backs Down From Threat to Expel Ambassadors
  • US State Department to Form New Cyber Office to Face Proliferating Global Challenges
  • No Agreements after EU Meeting to Address Rising Energy Prices
  • Cyberattack Disrupts Gas Stations Across Iran
  • US Revokes Licence of Chinese Telecom Provider, FBI Reportedly Investigates Chinese PoS Over Cyberattacks


Industry impacted: Information Technology

30 October – G20 Summit 2021
31 October – UN Climate Change Conference (COP26)
4 November – CyberSec&AI Connected Conference 2021