QuoIntelligence’s Weekly Intelligence Snapshot for the week of 17 – 23 February is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Geopolitical Spotlight
Ukraine Update: Russia Sends Troops to Western Ukraine, Ukraine Targeted by Wiper Attacks, West Responds with Sanctions
Russian President Vladimir Putin announced the decision to carry out a military operation in the Donbas region of eastern Ukraine. The situation is ongoing and currently highly volatile as reports of explosions throughout the country increase.
The escalating conflict is reflected in the cybersphere as researchers report new wiper attacks against Ukraine’s infrastructure. QuoIntelligence estimates the threat of new disruptive and destructive cyberattacks on Ukraine is highly likely. The threat of targeted cyberattacks on western countries is still low, although organizations outside of Ukraine may become collateral damage (ie via supply chain attacks) following attacks on Ukraine, or via retaliatory attacks in response to future sanctions.
Additionally, Russian entities are also expected to experience disruptive cyber attacks as the conflict continues to escalate.
Cyber Highlights
APT10: Operation Cache Panda Targets Taiwanese Financial Organizations
Industries impacted: Financials
On 22 February, researchers at CyCraft reported a campaign dubbed as “Operation Cache Panda” targeted the financial and securities trading sector in Taiwan since at least November 2021. The campaign is attributed to the well-known, China-linked espionage group APT10 and the reported objective was data exfiltration, reputational damage, and sabotage. Researchers suggest the operation can be termed as a supply chain attack, wherein a vulnerability existing in an unnamed financial software was exploited.
Rollups:
Industries impacted: Financials
- Cisco Secure Email Gateways Vulnerable to DoS Attacks
Xenomorph: A New Widely Distributed Android Banking Trojan Discovered
TeamTNT: Analysis On The Leading Threat Actor in The Criptojacking Field
Cobalt Strike Being Distributed to Vulnerable MS-SQL Servers
Conti Ransomware Incorporated TrickBot Team
Geo Highlights
Rollups
Industries impacted: Financials
- European Parliament Could Assess Switzerland as a High-risk for Money Laundering Following Credit Suisse Leaked Records
New EU Due Diligence Law to Increase Big Organizations Checks on Human Rights and Environment