LogoQuo
Contact Us

Weekly Intelligence Snapshot – Week 21

Quointelligence reported on the Gamaredon group activity characterized by the use of SFX archives to deliver #malware. In this weekly, we continue to cover developments of related activity, which enabled us to map the infrastructure used and establish a pattern of behavior.
Picture of QuoINT

QuoINT

Read More »
Weekly Intelligence Summary from QuoIntelligence

QuoIntelligence’s Weekly Intelligence Snapshot for the week of 19 – 25 May is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current Threat

Update on Gamaredon Activity and Infrastructure 

Industry impacted: Government

On 21 April, in the 16th Weekly Intelligence Snapshot, Quointelligence reported on the Gamaredon group activity characterized by the use of SFX archives to deliver malware. We continued to track this activity and collected on further occurrences of related activity, which enabled us to map the infrastructure used and establish a pattern of behavior.

Rollups

Industries impacted: Government, Information Technology

  • Fronton: A Russian Botnet for Creation, Command, and Control of Coordinated Inauthentic Behavior
  • Fronton: A Russian Botnet for Creation, Command, and Control of Coordinated Inauthentic Behavior
  • Conti Ransomware Shuts Down Operation, Rebrands Into Smaller Units
  • FIN12: Researchers Expose Their Inner Workings
  • Twisted Panda: Chinese APT Espionage Operation Against Russian’s State-Owned Defense Institutes
  • Russia’s Turla group Launches Espionage Phishing Campaign Targeting Eastern Europe
  • Unknown APT Group has Targeted Russia Repeatedly Since Ukraine Invasion
  • Chrome Update Warning: Google Reports A Critical Vulnerability
  • REvil: DDoS Extortion Attack Flagged as Possible Part of Their Resurgence
  • Industrial Spy: Switching To The Ransomware Model

Geo Highlights

Rollups

Industries impacted: Communication Services, Government

  • US and South Korea Agree to Strengthen Alliance and Restarting Joint Military Drills
  • Iran Said it Will Avenge the Killing of Revolutionary Guards Colonel
  • US to Defend Taiwan Militarily if China Invades
  • Canada Bans Huawei and ZTE From its 5G Networks
  • Quad Leaders Reaffirm Commitment in Indo-Pacific, Russian and Chinese Warplanes Conducted Patrol in Region

Interested in exclusive intelligence
delivered to you before public release?

Become one of our customers or Subscribe to QuoIntelligence’s Weekly Intelligence Newsletter, to keep up with the latest cyber and geopolitical threats. 

Let's talk
Picture of QuoINT
QuoIntelligence informs decision-makers of current and potential cyber and geopolitical threats by providing customized Finished Intelligence reports. Our team of experts provides full contextual analyses to produce top-quality Intelligence and to better enable organizations to mitigate risk.

Share this article:

Weekly Intelligence Snapshot – Week 21

Share this article:

Related Posts

Threat Intelligence Snapshot: Week 15, 2025

Ivanti Discloses Critical Zero-Day Vulnerability in Connect Secure Exploited by China-Linked UNC5221 | European Parliament Agrees To Delay Application Of New Sustainability and Due Diligence Rules

Read More »
Alixia Clarisse Rutayisire April 16, 2025
Contact us
EU Headquarters
Germany
QuoIntelligence GmbH
Sebastian-Kneipp-Straße 41
60439 - Frankfurt am Main
+49 69 34868044
[email protected]

Italy
QuoIntelligence SRL
Via Alessandro Severo, 58
00145, Rome

Spain
QuoIntelligence Spain SLU
c/ Violeta, 42
28860, Madrid
Privacy Policy
Recruitment Privacy Notice
Imprint
Term & Conditions

Subscribe To Our
Weekly Newsletter

Subscribe to our newsletter to receive Weekly Intelligence Summaries, cyber news, and exciting updates.