QuoIntelligence’s Weekly Intelligence Snapshot for the week of 28 April – 04 May is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current Threat

Threat Actor Uses Template Injection to Deliver Implants to Russian Targets

Industry impacted: Government

QuoIntelligence is tracking a campaign where the threat actors are using the remote template injection to deliver an espionage implant targeting Russian entities. While not confirmed by QuoIntelligence team directly, researchers allege that the campaign in question is being conducted by the threat actors related to the Chinese intelligence gathering operation – namely the Zirconium/APT31 cluster.


Industries impacted: Consumer Discretionary, Energy, Financials, Government, Health Care, Information Technology

  • Black Basta: New Double Extortion Ransomware Gang Targets 10 Companies and Counting
  • Cybercriminals Using New Malware Loader ‘Bumblebee’ in the Wild
  • APT29 Mantains And Updates Techniques In Recent Phishing Campaigns
  • Chinese-Backed Naikon APT Conducts Espionage Activity Delivering the Viper Red Team Framework
  • SIXT Detects Cyber Attack, Impact Reportedly Minimal
  • New Moshen Dragon’s Activity Spotted Targeting Central-Asia

Geo Highlights

Ukraine Update: Russia Targets Ukraine’s Supply Efforts, Continued High Cyberactivity

The conflict in Ukraine is particularly impacting the energy sector. This is resulting in increased energy prices with implications for both private consumers and organizations, in addition to general uncertainty over energy supplies. As the geopolitical activity is mirrored in cyberspace, QuoIntelligence assesses cyberattacks will continue to take place as the conflict rages. In addition, the energy sector is highly likely to continue to be a target, not only of hacktivists and opportunistic attacks, but also of cyberespionage as uncertainty over energy supply grows. Moreover, since organizations increased their monitoring on Russian APTs, other threat actors are likely to leverage the void and increasing their activities, as we have observed with Chinese sponsored threat actors over the last weeks.


Industries impacted: Government

  • The UE, the US, and Several International Partners Launched “The Declaration for the Future of the Internet”
  • Spanish Prime Minister Compromised by Pegasus Spyware, 2.6 GB Extracted
  • US Strengthening Diplomat Engagement With Pacific Region
  • Biden Administration Making EUR 3 billion Investment in Lithium-ion Battery Production
  • New Regulations in India Require to Report Cyber Incidents Within Six Hours