Weekly Intelligence Snapshot – Week 15

This week, QuoIntelligence reveals our internal investigation findings about an ongoing phishing campaign delivering the banking trojan known as Gozi (aka Ursnif), which is targeting retail, telecom, and other organizations in Italy. We also continue our coverage on the war in Ukraine, including the discovery and disruption of Industroyer2.
Weekly Intelligence Summary from QuoIntelligence

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 7 – 13 April is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights:

Evasive Campaign Delivers Ursnif Using DHL Themed Lures to Wide Range of Targets in Italy

Industries impacted: Consumer Discretionary, Government, Health Care, Information Technology

QuoIntelligence has identified an ongoing campaign, active since at least mid-March, deliverying the banking trojan known as Gozi or Ursnif through phishing emails with malicious attachments. This campaign is targeting Italian companies in different industry sectors such as retail, business services, public administration, and telecommunication.

Rollups:

Industries impacted: Consumer Discretionary, Financials, Government

  • Researchers Leaked the Source Code of the Recently Discovered Malware-as-a-Service Named Borat
  • Parrot Traffic Direction System (TDS) Service Used to Push Malicious Remote Access Trojan to Target Profiles
  • Roaming Mantis’ MoqHao Malware Targeting European Entities
  • Patch Tuesday: Microsoft Update Includes Two Zero Day Vulnerabilities, Adobe Addresses Multiple Vulnerabilities
  • Multiple Actors Active on US Government Agency’s Network for Months Before Deploying Lockbit Ransomware
  • Italian Luxury Fashion House Ermenegildo Zegna Confirms Ransomware Attack

Geo Highlights

Ukraine Update: Russia Continues Offensive as Peace Talks Reach Dead End

Industry impacted: Government

As QuoIntelligence assessed over the last weeks, a potential peace agreement between Russia and Ukraine is unlikely in the medium term. As Russia changed its strategy to focus on the east and south of Ukraine and the conflict enters an attrition warfare phase, it could last longer than the first offensive. Volatile energy and commodities prices are likely, including further disruptions to energy supplies, rising the costs for producers and resulting in shortages that will expand to additional sectors.
As for the cyber threat landscape, the discovery and disruption of Industroyer2, aiming at causing blackout this week, confirmed Russia’s willingness to engage in cyber operations against critical infrastructure and Ukraine’s capability to counter threats.

Rollups:

Industries impacted: Government, Information Technology

  • Senior EU Officials Were Reportedly Targeted with Israeli Spyware
  • France Presidential Election: President Macron and Le Pen Lead in First Round of Presidential Election
  • Europe Reportedly Creating Label Scheme for Cloud Companies to Ensure Cybersecurity Standards

Interested in becoming a premium customer?

Unlock exclusive benefits by becoming a premium customer

Share this article:

Weekly Intelligence Snapshot – Week 15

Share this article:

Related Posts

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.