QuoIntelligence’s Weekly Intelligence Snapshot for the week of 05 – 11 May is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current Threat
Supply Chain Attacks Through NPM Becoming More And More Popular
As supply chain attacks become more popular, packages from Node Package Manager (NPM) seem to be one of the preferred targets, likely due to its widely extended usage and relative ease of compromise.
Rollups
Industries impacted: Government, Information Technology
- Winnti APT: New Massive Chinese Intellectual Property Theft Operation Uncovered
- BIG IP F5 Critical Vulnerability Exploited in the Wild, PoC Available
- Costa Rica Declares National Emergency After Conti Ransomware Attacks
- Threat Actors Distributing Jester Stealer Through War-Themed Phishing Campaign
- Quantum Locker Ransomware Used in Fast Ransomware Attacks
- Microsoft May Patch Tuesday Addresses 75 Flaws, Including an Actively Exploited Zero Day
- Extortion Groups Not Using Ransomware on the Rise
- Cybersecurity Authorities Warn of Increased Cyber Activity Targeting MSPs
- Intel Releases Several Security Advisories Covering 41 Vulnerabilities Across Its Product Portfolio
Geo Highlights
Ukraine Update: Russia Continues to Target Supply Routes, Cybersecurity Threat Level for EU Organizations Increases to High
As the war goes on, Russia is likely to continue targeting Ukraine’s supply routes in order to try to isolate it and advance its offensive. The increased volatile environment is also likely to affect EU internal cohesion, as decisions regarding Ukraine require unanimity across its members, and in bordering countries hosting refugees some protests against refugees are taking place.
Regarding the cyber threat landscape, the escalated threat level from medium to high follows an uptick in hacktivist activity targeting organizations in NATO countries. As such, low impact hacktivist attacks such as DDoS on both Russian and western countries targets are highly likely.
Rollups
Industries impacted: Government, Information Technology
- NIST Updates Cybersecurity Guidance for Supply Chain Risk Management
- The US Updates Taiwan “Fact Sheet” Removing Wording on Not Supporting Taiwan Independence
- UK Rejects EU Proposals to Resolve Northern Ireland Protocol Trade Dispute
- EU Publishes Report on Open RAN Cybersecurity
