Weekly Intelligence Snapshot – Week 13

This week we cover the ongoing conflict in Ukraine as a potential peace agreement between Russia and Ukraine seems unlikely in the short and medium term. Additionally, while activity in Ukraine will likely remain mostly kinetic for the foreseeable future, long-reaching cyber retaliation efforts by Russia will likely target NATO and Ukrainian allies. Separately, we cover the significance of North-Korean TA groups exploiting a RCE vulnerability in Google Chrome.
Weekly Intelligence Summary from QuoIntelligence

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 24 – 30  March is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights:

North Korean Threat Actors Exploiting Known Zero-Day In Google Chrome

Industries impacted: Communication Services, Financials, Information Technology

On 24 March, Google’s Threat Analysis Group (TAG) reported about campaigns discovered in February 2022, which are attributed to two unnamed North Korean threat actor groups, and exploited a remote code execution zero-day vulnerability (CVE-2022-0609) in Google Chrome. Reportedly, the activity of the groups are publicly tracked as two previously known campaigns, Operation Dream Job and Operation AppleJeus. Google previously released a patch to address the vulnerability as part of Stable Channel Update for Desktop in February.

Rollups:

Industries impacted: Consumer Discretionary, Government, Information Technology

  • Threat Actors Launch New PurpleFox Campaign With Evolved Tools And Evasion Techniques
  • Sophos Patches Critical Remote Code Execution Flaw in its Firewall
  • Threat Actors Exploit a Remote Code Execution Vulnerability in Redis Servers
  • SunCrypt Ransomware Updated with New Functionality, with Ransomware Operators Launching Triple Extortion Attacks
  • New PlugX Variant Observed Targeting Telecommunications and Defense Sector in South Asia
  • Multiple Microsoft Azure Defender for IoT Vulnerabilities Allow Remote Code Execution, Patches Released in December
  • Google Issues Out-of-Band Patch For Chrome Zero-Day Vulnerability Being Actively Exploited

Geo Highlights

Ukraine Update: Achieving Complete Ceasefire Unlikely, New APT and Nation State Activity, and Hacktivism Continues

Industry impacted: Government

A potential peace agreement between Russia and Ukraine seems unlikely in the short and medium term. Regarding the impact of the conflict on EU countries, general inflation and shortages of certain commodities are already impacting all EU economies. Companies halting production due to high energy prices and shortages of certain commodities are likely to continue as Ukraine invasion goes on, and could intensify if Russia decides to halt energy exports to EU countries or demands the payment of commodities in roubles.

As for the cyber threat landscape, based on the continuity of events observed this week, we assess the overall cyber threat level remains medium for EU organizations. While activity in Ukraine will likely remain kinetic for the foreseeable future, long-reaching retaliation efforts by Russia will likely target NATO and Ukrainian allies. Considering Russia’s economic decline, the possibility of new retaliatory and financially motivated attacks increases.

Rollups:

Industries impacted: Energy, Financials, Government

  • US and European Commission Announce Trans-Atlantic Data Privacy Framework
  • Several Countries Announce Contingency Plans to Prepare for Potential Economic Fallout from War in Ukraine
  • US, Chinese, Russian, and Pakistani Representatives Meet to Discuss Issues in Afghanistan
  • Russia Reportedly Creating Alternative Transaction Systems with India and Iran

Interested in becoming a premium customer?

Unlock exclusive benefits by becoming a premium customer

Share this article:

Weekly Intelligence Snapshot – Week 13

Share this article:

Related Posts

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.