QuoIntelligence’s Weekly Intelligence Snapshot for the week of 9 – 15 December is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Microsoft Patch Tuesday, Includes Patch for Actively Exploited “Spoofing” Vulnerability in the Windows AppX installer

On 14 December, Microsoft released 67 patches for popular products, including a patch for an actively exploited “spoofing” vulnerability (CVE-2021-43890) in the Microsoft Windows AppX installer. Microsoft rates seven of the 67 vulnerabilities as critical, while the rest of the 60 vulnerabilities are rated as important.

Log4Shell: Remote Code Execution Zero Day Vulnerability in Apache Log4j, Actively Exploited In The Wild

On 10 December, QuoIntelligence was alerted by CERT New Zealand of an advisory for a zero-day Remote Code Execution (RCE) vulnerability (CVE-2021-44228) known as Log4Shell, existing in the Java logging library called Log4j. Successful exploitation could allow a remote, unauthenticated attacker full control of an affected server. Apache rated the vulnerability, which impacts applications utilizing the Java logging library – including various popular software from a number of vendors/manufacturers – as critical. A vendor fix is available.

Rollups

Industry impacted: Consumer Discretionary, Energy, Industrials, Information Technology

  • Swedish Car Manufacturer Volvo’s Data Stolen During a Recent Ransomware Attack.
  • French Entities Targeted By Banking Malware TinyNuke
  • Italian Nuclear Company SOGIN Suffers Data Breach, Alleged Data Selling on Dark Web
  • UKG Kronos’s HR Platforms Offline due to a Ransomware Attack and Possible Data Breach
  • Patch Tuesday – Adobe Issues Critical Warnings For Security Vulnerabilities In Multiple Products

 

Geo Highlights

Governments Push for Green Policies Amid Widespread Energy Crisis

Industry impacted: Energy, Government

Countries are increasing their efforts to curb energy consumption and reduce carbon emissions. The accelerating global shift to renewables is resulting in the growing importance of energy as a geostrategic issue. For instance, gas is likely to be used as a geopolitical leverage tool and countries will keep pushing for green policies to achieve greater energetic independency.

Rollups

Industry impacted: Government, Materials

  • UK Threatens to Impose Tariffs on US Goods Over US Tariffs on Steel, Aluminum
  • Tensions Between Lithuania and China Increased Over Taiwan Support
  • China and Russia Meeting: Countries Confirm Partnership Amid Western Pressure
  • UK Announces New Cyber Security Strategy for 2022 – 2025