QuoIntelligence’s Weekly Intelligence Snapshot for the week of 4-10 Aug is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!
Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!
Cyber Highlights
Current Threat
Microsoft August Patch Tuesday Addresses 121 Flaws, Including an Actively Exploited Zero-Day
Microsoft released 121 vulnerabilities as part of its monthly Patch Tuesday update, including 17 critically rated vulnerabilities. Impacted products include Microsoft Windows and Windows components, Exchange Server, Office and Office components, Windows Internet Information Services, Remote Access Service PPTP, and more. Microsoft also patched two zero-day flaws, one of which was seen actively exploited.
Rollups
Industries impacted: Communication Services, Financials, Government, Information Technology
- Dark Utilities: New C2-as-a-Service Platform Discovered
- TA428: Chinese Threat Actor Targets Industrial Enterprises and Public Institutions
- Smishing Campaign Breaches Twilio’s Customer Data After Targeting Its Employees
- Andariel: Maui Ransomware Attacks Tied to North Korean Threat Actor
- Intel CPU Architectural Bug „ÆPIC Leak“ Discloses Protected Data
- Phishing Campaign Impersonating Crypto Exchanges Using Google Sites and Microsoft Azure
Geo Highlights
Russia Resorts to Covert Procurement Networks, Re-Export, and Transshipment to Secure Supply of Advanced Tech Products For Its Military
Industries impacted: Government, Information Technology
As Russia’s military relies heavily on Western technologies, the sanctions imposed on the country have made it crucial for Russian authorities to secure the supply of such equipment. QuoIntelligence analyzes how Russia resorts to covert procurement networks, re-export, and transshipment to evade the sanctions and successfully import Western cutting-edge technologies (see also our blog on the consequences of the war on the global threat landscape). Additionally, we analyze the issues these supply transactions pose for companies regarding their due-diligence duties post Russian Invasion.
Rollups
Industries impacted: Energy, Financials, Government, Information Technology
- Russia Bars Western Investors From Selling Shares in Strategic Companies
- US Treasury Sanctions Virtual Currency Mixer Tornado Cash for Laundering Cybercrime’s Money
- Russian Government Approved New Development Plan for Northern Sea Route to Become Major Shipping Route
- Scrutiny Increases For Companies Requesting Cyber Insurance As Attacks Rise
- Corruption and Western Sanctions Pressures China’s Chip Industry
Outlook
- 15 August – SANS DFIR Summit & Training 2022