QuoIntelligence’s Weekly Intelligence Snapshot for the week of 10 – 16 March is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights:
Russian State-Sponsored Threat Actors Exploiting Multi-Factor Authentication Protocols and “PrintNightmare” Vulnerability
On 15 March, US government agencies released an alert detailing alleged Russian state-sponsored cyber activity occurring since May 2021, which exploited default Multi-Factor Authentication (MFA) protocols and the remote code execution vulnerability in Windows Print Spooler known as PrintNightmare.
Rollups:
Industries impacted: Communication Services
- Russian Threat Actor Using APT’s Tools, Tactics, and Techniques in a Ransomware Attack
- Escobar Android Malware Capable of Stealing Google Authenticator MFA Codes
- New Linux Backdoor Delivered via Log4Shell Vulnerability
- OpenSSL Security Advisory Addresses High Severity DoS Vulnerability
Geo Highlights
Ukraine Update: Conflict Likely to Remain Unsolved in the Medium Term, Geopolitical and Threat Landscape Increasingly Politiziced
Industries impacted: Government
QuoIntelligence assesses the conflict is unlikely to be solved in the short and medium term. At this time, we assess that the broadest threat to companies comes from hacktivist groups. In addition, APT groups remain a threat to organizations, especially to those providing aid and support to Ukraine. In terms of the global impact of the conflict, it is likely the conflict will continue affecting energy and food security and result in increasing prices, potentially impacting business continuity.
Rollups:
Industry impacted: Information Technology
- Renewed Iran Nuclear Deal Reportedly ‘Close’
- INTERPOL Launches Centre Against Financial Crime and Corruption
