QuoIntelligence’s Weekly Intelligence Snapshot for the week of 24 February – 2 March is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Geopolitical Spotlight
Ukraine Update: Russian Invasion of Ukraine Ongoing, Threat of Cyberattacks Increasing
On 24 February, Russia launched a military invasion of Ukraine. Ukraine’s resistance is resulting in a slow advance of Russian troops. This, combined with the provision of arms from western countries to Ukraine’s military, threatens to further prolong the conflict and increase the aggressiveness of Russian attacks. The provision of weapons by NATO and EU allies to Ukraine and unprecedented sanctions on Russia could cause Russia to retaliate in form of targeted cyberattacks. Organizations in Western countries not only face an increased risk of targeted cyberattack, particularly the critical infrastructure, defense, and government sectors, but also an increased risk of becoming collateral damage, as different motivated actors are highly active in the cyber landscape. The threat of targeted physical attacks on Western countries remains low.
Cyber Highlights
China-Linked APT Actors Deploying Daxin Malware In A Global Espionage Campaign
Industries impacted: Communication Services, Government, Industrials, Information Technology
On 28 February, researchers at Symantec have reported about a sophisticated malware dubbed as Daxin in a global espionage campaign with highly probable attribution to unnamed China-linked Advanced Persistent Threat (APT) group which is targeting select governments and organizations in telecommunications, transportation, and manufacturing sectors. The objective of the campaign is to steal intellectual property and sensitive information from organizations and governments that are of strategic interest to the Chinese government.
Rollups:
Industries impacted: Communication Services, Consumer Discretionary, Energy, Financials, Government, Health Care, Industrials, Information Technology
- Threat Actors Use SockDetour Backdoor To Target US Defense Contractors As Part of TiltedTemple APT Campaign
- Toyota Forced to Shut Down All Operations in Japan Following a Cyber Attack
- Insurance Provider Aon Becomes Victim of a Cyberattack
- MuddyWater: FBI and CISA Release IoCs and Malware Analysis of Recent Campaigns
- Nvidia Victim Of A Ransomware Attack: 1 TB of Sensible Data Exfiltrated
- Threat Actors Revive Emotet Malware With New TTPs
- Underground Forum RaidForums Seized
Geo Highlights
Rollups
Industries impacted: Energy, Government
- US Delegation in Taiwan for Talks with President Tsai Ing-wen
- Germany Reportedly Aims to Accelerate Shift to Renewable Power
- US Senate Passes Cybersecurity Bills, Including Bill on Mandatory Incident Reporting
- President Biden Gives State of the Union Address