QuoIntelligence’s Weekly Intelligence Snapshot for the week of 22-28 Sep is now available! Find a summary here and subscribe to our mailing list below if you want to receive regular updates from us!

Want to read the full story? Subscribe to our newsletter to access the complete Weekly Intelligence Snapshot. Don’t miss out on more intelligence!

Cyber Highlights

Current Threat

Gamaredon Continues Phishing Efforts With Ukraine Themed Lures

Industry impacted: Government

QuoIntelligence is observing another wave of Gamaredon cluster related activity, most likely targeting Ukraine government organizations. The activity group is using Microsoft Word lures downloading remote templates for the payload execution.


Industry impacted: Government

  • BlackCat Ransomware: Updated Techniques and Procedures
  • Mass Phishing Campaign Targeting Businesses With Agent Tesla Stealer
  • FARGO Ransomware Distributed to Vulnerable MS-SQL Servers
  • APT28: New Abuse of PowerPoint Mouse-over To Deliver Graphite Implants in Recent Campaign
  • Sophos Releases Update for Firewalls due to Critical RCE Vulnerability
  • Young Ransomware Gangs Potentially Using Leaked LockBit3.0 Builder

Geo Highlights

Ukraine War Update: Potential Sabotage to Gas Pipelines and Referendums in Eastern Ukraine Point to Conflict Escalation

Nord Stream pipelines’ potential sabotage attacks, the official proclamation of four Ukraine regions as part of the Russian territory, and Russia’s call for partial mobilization point to increased risk of conflict escalation. As a result, a new phase of the conflict with physical and cyber attacks targeting critical infrastructure even outside Russia and Ukraine is possible. QuoIntelligence analyzes the said incidents to increase general awareness regarding the status of the conflict.


Industries impacted: Financials, Government, Information Technology

  • Increased Legal Risks For Banks and Large Companies Over Climate Commitments
  • Impact Of the Italian Elections On the Geopolitical Landscape
  • Countries Without Crypto Regulation Increase Arbitrage Risk And May Contribute to Russia’s Efforts to Circumvent Sanctions
  • European Commission Proposes New Liability Rules On Products And AI
  • Iran Protests Surge to Dozens of Citie


Community Area


Industry impacted: Information Technology

  • 6 October – Hacktivity 2022

This month’s reports (only available to Premium Customers):

  • 19 September – BERSERK BEAR Activity Cluster
  • 28 September – China Continues to Resort to Espionage Amid Tense Geopolitical Landscape

Interested in becoming a premium customer? Let’s talk