QuoIntelligence’s Weekly Intelligence Snapshot for the week of 14 – 20 July is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current Threat
UNC1151 Presents Evolving Capabilities in Targeting EU Governments
Industry impacted: Government
Polish CERT published a report on the techniques used by the Ghostwriter/UNC1151 activity cluster which has been actively attacking Polish government officials and publishing their private email communication since June 2021. According to attribution efforts of Mandiant and Google, the threat actor represents a state sponsored Belarusian operation. The threat actor focuses mostly on European countries, with Poland and Ukraine being most affected. In the recent report CERT-PL describes ongoing effort targeting Polish users and evolution of techniques deployed. As the group is focused on credential harvesting, capabilities are being improved to more effectively impersonate legitimate websites and bypass anti-spam filters.
Rollups
Industries impacted: Financials, Industrials, Information Technology
- Botnet Malware Disguises Itself as Password Cracker for Industrial Controllers
- Critical Infrastructure Operators Are Implementing Zero Trust Cybersecurity Model in OT Environments
- Sandworm APT Uses New Industroyer2 Malware in Recent Campaigns
- Research Finds Financial Firms Are Failing To Fix Authentication after Breaches
- New Lazarus Campaign Leverages Fake E-Commerce Components To Deliver NukeSped Backdoor
Geo Highlights
Western Countries Continue to Warn of China’s Threat to Strategic Industries and Supply Chains
Western countries are warning of the threat China poses as the country strives to assert its supremacy both at the economic and geopolitical levels. The Chinese Communist Party has developed a whole-state approach to pursue its objectives which directly impacts the cyberthreat and geopolitical landscapes. QuoIntelligence analyzes the consequences of China’s strategy for critical industries particularly exposed to cyber espionage as well as its effects on geopolitical relations in Asia and Europe’s supply chain security.
Rollups
Industries impacted: Energy, Government, Information Technology
- US Cyber Safety Review Board Releases Report on Log4j Vulnerabilities and Provides Recommendations
- US Senate Advances Semiconductor Bill To Boost Production And Compete With Asian Markets
- European Commission Sued For Violating Its Own Data Protection Rules
- EU Agrees To Start Accession Talks For Albania And North Macedonia
- Presentation of the EU Plan to Reduce Gas Amid Energy Crisis
