QuoIntelligence’s Weekly Intelligence Snapshot for the week of 28 July-3 Aug is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current Threat
LockBit Ransomware Abuses Legitimate Utilities to Sideload Cobalt Strike
SentinelOne researchers described the procedures used by the LockBit ransomware operators to sideload a Cobalt Strike DLL through a legitimate executable. Notably, the executable in question was the MpCmdRun.exe – a Windows Defender command line tool. Using part of the Windows security tooling, however, can make it especially challenging to detect and disrupt activity.
Rollups
Industries impacted: Energy, Financials, Utilities
- Microsoft Finds Partnership Between DEV-0206 and DEV-0243
- Massive Network for Fake Investment Scams Targeting Europe
- European Gas Pipeline Breached by BlackCat Ransomware Group
- Attackers Leveraging Stolen Certificate to Sign Mimicked Apps and Services and Spread Malware
- US Crypto Firm Nomad Hit by EUR 187.42 Million (USD 190 Million) Theft
- Manjusaka: Advertised as an Imitation of the Cobalt Strike Framework.
Geo Highlights
Soaring Tensions Across Taiwan Strait Could Disrupt Global Supply Chains and Affect the Cyber Threat Landscape
Industries impacted: Financials, Government, Information Technology
Soaring tensions between China, Taiwan, and the US amid the official visit to Taiwan by the US House of Representatives Speaker Nancy Pelosi underline the strategic position of the Taiwan Strait for global trade, as well as the world’s dependency on Taiwan’s semiconductor industry. QuoIntelligence analyzes the impact of the current crisis on global supply chains and on the cyber threat landscape.
Rollups
Industries impacted: Financials, Government, Information Technology
- US Congress Passes Bill to Boost Domestic Chip Manufacturing
- US and Indonesia Are Holding „Super Garuda Shield“ Military Exercise Amid Heightened Indo-Pacific Tensions
- SEC Intensifies its Pressure on Crypto Trading Platforms to Register With Regulator
- European Commission To Open New Office in San Francisco Focused On Tech Regulation
Outlook
- 6 August – Black Hat US 2022
- 11 August – DEF CON 30 Hacking Conference
