QuoIntelligence’s Weekly Intelligence Snapshot for the week of 3-9 March is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights:
Patch Tuesday: Microsoft Addresses 71 Security Flaws, Adobe and SAP Release Patches For Their Products
On 8 March, Microsoft released 71 patches to address security issues impacting popular Microsoft products. The Patch release includes three publicly known vulnerabilities, considered as zero-days, and three Critical severity vulnerabilities. Other vendors releasing patches on 8 March include SAP and Adobe, among others. SAP released updates which included 12 new Security Notes along with 4 updates to previously released Patch Day Security Notes. Adobe also released three patches addressing six CVEs in Adobe Photoshop, Illustrator, and After Effects.
Rollups:
Industries impacted: Communication Services, Consumer Discretionary, Energy, Financials, Government, Information Technology
- Prophet Spider: Newly Discovered Attacks on Citrix Servers
- Ragnar Locker Ransomware Gang Breaches 52 Critical Infrastructure Organisations
- New DDoS Method Achieves Record Breaking Amplification Vector
- Samsung, Mercado Libre And Vodafone Victims of South American Threat Actor Lapsus$
- TLStorm: 3 Critical Zero-Day Vulnerabilities Discovered in Smart-UPS Devices Potentially Affecting Millions of Devices
- APT41: Campaign Targeting U.S. State Governments
Geo Highlights
Ukraine Update: US, UK ban Russia Oil Imports, Russia Responds Limiting Exports, Rising Supply Chain Threats
As the Russian invasion in Ukraine enters into its third week, we analyze the latest cybersecurity events surrounding the invasion and we focus on the implications that the conflict has for the global economy and supply chains.
Our assessment regarding the threat level for organizations remains the same, as we continue to see highly motivated hacktivist groups and APTs engage in increased cyberactivity. Threat level for Critical infrastructure in EU (specifically Germany): MEDIUM – HIGH. Threat level to the global supply chain (potential of disruption): MEDIUM.
Rollups:
Industry impacted: Information Technology
- Iran Nuclear Deal Near, Russia Demands Trade with Iran not Affected by Sanctions
- EU countries to call for the establishment of a cybersecurity emergency fund
- President Biden to Sign Executive Order on Ensuring Responsible Innovation in Digital Assets